From cde8e8b7a905ce53fe72a1a71b86e9ef352bbc3a Mon Sep 17 00:00:00 2001
From: Andrei Vagin <avagin@google.com>
Date: Fri, 30 Apr 2021 23:03:38 -0700
Subject: kvm: prefault a root table page before switching into a user address
 space

The root table physical page has to be mapped to not fault in iret or sysret
after switching into a user address space.  sysret and iret are in the upper
half that is global and so page tables of lower levels are already mapped.

Fixes #5742

PiperOrigin-RevId: 371458644
---
 pkg/sentry/platform/kvm/machine_amd64.go | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'pkg/sentry')

diff --git a/pkg/sentry/platform/kvm/machine_amd64.go b/pkg/sentry/platform/kvm/machine_amd64.go
index d7abfefb4..f727e61b0 100644
--- a/pkg/sentry/platform/kvm/machine_amd64.go
+++ b/pkg/sentry/platform/kvm/machine_amd64.go
@@ -351,6 +351,10 @@ func (c *vCPU) SwitchToUser(switchOpts ring0.SwitchOpts, info *arch.SignalInfo)
 	// allocations occur.
 	entersyscall()
 	bluepill(c)
+	// The root table physical page has to be mapped to not fault in iret
+	// or sysret after switching into a user address space.  sysret and
+	// iret are in the upper half that is global and already mapped.
+	switchOpts.PageTables.PrefaultRootTable()
 	prefaultFloatingPointState(switchOpts.FloatingPointState)
 	vector = c.CPU.SwitchToUser(switchOpts)
 	exitsyscall()
-- 
cgit v1.2.3