Paolo Bonzini 0bd385e7e3 target/i386/tcg: Allow IRET from user mode to user mode with SMAP ... This fixes a bug wherein i386/tcg assumed an interrupt return using the IRET instruction was always returning from kernel mode to either kernel mode or user mode. This assumption is violated when IRET is used as a clever way to restore thread state, as for example in the dotnet runtime. There, IRET returns from user mode to user mode. This bug is that stack accesses from IRET and RETF, as well as accesses to the parameters in a call gate, are normal data accesses using the current CPL. This manifested itself as a page fault in the guest Linux kernel due to SMAP preventing the access. This bug appears to have been in QEMU since the beginning. Analyzed-by: Robert R. Henry <rrh.henry@gmail.com> Co-developed-by: Robert R. Henry <rrh.henry@gmail.com> Signed-off-by: Robert R. Henry <rrh.henry@gmail.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>		2024-07-16 18:18:24 +02:00
..
hvf	hvf: Drop ifdef for macOS versions older than 12.0	2024-07-02 06:58:48 +02:00
kvm	* meson: Pass objects and dependencies to declare_dependency(), not static_library()	2024-07-04 09:16:07 -07:00
nvmm	cpu: move Qemu[Thread|Cond] setup into common code	2024-06-04 10:02:39 +02:00
tcg	target/i386/tcg: Allow IRET from user mode to user mode with SMAP	2024-07-16 18:18:24 +02:00
whpx	cpu: move Qemu[Thread|Cond] setup into common code	2024-06-04 10:02:39 +02:00
Kconfig	i386: select correct components for no-board build	2024-05-10 15:45:15 +02:00
arch_dump.c	dump: Replace opaque DumpState pointer with a typed one	2022-10-06 19:30:43 +04:00
arch_memory_mapping.c	memory: follow Error API guidelines	2023-10-19 23:13:27 +02:00
confidential-guest.c	target/i386: introduce x86-confidential-guest	2024-04-23 17:35:25 +02:00
confidential-guest.h	target/i386: add support for masking CPUID features in confidential guests	2024-07-04 07:47:11 +02:00
cpu-apic.c	target/i386: Move APIC related code to cpu-apic.c	2024-04-25 10:12:54 +02:00
cpu-dump.c	target/i386: fix CC_OP dump	2024-06-28 14:44:52 +02:00
cpu-internal.h	i386: split off sysemu part of cpu.c	2021-05-10 15:41:52 -04:00
cpu-param.h	target: Define TCG_GUEST_DEFAULT_MO in 'cpu-param.h'	2024-04-26 15:31:37 +02:00
cpu-qom.h	target: Move ArchCPUClass definition to 'cpu.h'	2023-11-07 13:08:48 +01:00
cpu-sysemu.c	target/i386: Move APIC related code to cpu-apic.c	2024-04-25 10:12:54 +02:00
cpu.c	target/i386: add avx-vnni-int16 feature	2024-07-03 18:41:26 +02:00
cpu.h	target/i386/SEV: implement mask_cpuid_features	2024-07-04 11:56:20 +02:00
gdbstub.c	misc: Use QEMU header path relative to include/ directory	2024-05-09 00:07:21 +02:00
helper.c	i386: Fix MCE support for AMD hosts	2024-06-08 10:33:38 +02:00
helper.h	target/i386: replace read_crN helper with read_cr8	2024-06-17 09:47:39 +02:00
host-cpu.c	target/i386: Advertise MWAIT iff host supports	2024-06-30 19:51:44 +03:00
host-cpu.h	accel-cpu: make cpu_realizefn return a bool	2021-05-10 15:41:50 -04:00
machine.c	target/i386: Add get/set/migrate support for FRED MSRs	2024-06-08 10:33:38 +02:00
meson.build	target/i386: Move APIC related code to cpu-apic.c	2024-04-25 10:12:54 +02:00
monitor.c	target/i386: Move APIC related code to cpu-apic.c	2024-04-25 10:12:54 +02:00
ops_sse.h	target/i386: set CC_OP in helpers if they want CC_OP_EFLAGS	2024-05-25 13:28:01 +02:00
sev-sysemu-stub.c	hw/i386/sev: Add support to encrypt BIOS when SEV-SNP is enabled	2024-06-05 11:01:06 +02:00
sev.c	i386/sev: Don't allow automatic fallback to legacy KVM_SEV*_INIT	2024-07-16 10:45:06 +02:00
sev.h	hw/i386/sev: Add support to encrypt BIOS when SEV-SNP is enabled	2024-06-05 11:01:06 +02:00
svm.h	target/i386: check intercept for XSETBV	2023-10-17 15:20:53 +02:00
trace-events	target/i386/sev: Use size_t for object sizes	2024-06-28 19:26:54 +02:00
trace.h	trace: switch position of headers to what Meson requires	2020-08-21 06:18:24 -04:00
xsave_helper.c	x86: add support for KVM_CAP_XSAVE2 and AMX state migration	2022-03-15 11:50:50 +01:00