From 09b0a9c320bd777bc52384bd0ec91ecfc61e481d Mon Sep 17 00:00:00 2001 From: Adin Scannell Date: Mon, 11 Jun 2018 17:56:18 -0700 Subject: Handle all exception vectors. PiperOrigin-RevId: 200144655 Change-Id: I5a753c74b75007b7714d6fe34aa0d2e845dc5c41 --- pkg/sentry/platform/ring0/kernel_amd64.go | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'pkg/sentry/platform/ring0') diff --git a/pkg/sentry/platform/ring0/kernel_amd64.go b/pkg/sentry/platform/ring0/kernel_amd64.go index c828af654..117e86104 100644 --- a/pkg/sentry/platform/ring0/kernel_amd64.go +++ b/pkg/sentry/platform/ring0/kernel_amd64.go @@ -161,18 +161,17 @@ func IsCanonical(addr uint64) bool { // Also note that this function transitively depends on the compiler generating // code that uses IP-relative addressing inside of absolute addresses. That's // the case for amd64, but may not be the case for other architectures. +// +// Precondition: the Rip, Rsp, Fs and Gs registers must be canonical. + // //go:nosplit func (c *CPU) SwitchToUser(switchOpts SwitchOpts) (vector Vector) { - // Check for canonical addresses. - regs := switchOpts.Registers - if !IsCanonical(regs.Rip) || !IsCanonical(regs.Rsp) || !IsCanonical(regs.Fs_base) || !IsCanonical(regs.Gs_base) { - return GeneralProtectionFault - } userCR3 := switchOpts.PageTables.CR3(!switchOpts.Flush, switchOpts.UserPCID) kernelCR3 := c.kernel.PageTables.CR3(true, switchOpts.KernelPCID) // Sanitize registers. + regs := switchOpts.Registers regs.Eflags &= ^uint64(UserFlagsClear) regs.Eflags |= UserFlagsSet regs.Cs = uint64(Ucode64) // Required for iret. -- cgit v1.2.3