qemu-e2k/target/i386
Pranith Kumar 30663fd26c tcg/i386: Check the size of instruction being translated
This fixes the bug: 'user-to-root privesc inside VM via bad translation
caching' reported by Jann Horn here:
https://bugs.chromium.org/p/project-zero/issues/detail?id=1122

Reviewed-by: Richard Henderson <rth@twiddle.net>
CC: Peter Maydell <peter.maydell@linaro.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
Reported-by: Jann Horn <jannh@google.com>
Signed-off-by: Pranith Kumar <bobby.prani@gmail.com>
Message-Id: <20170323175851.14342-1-bobby.prani@gmail.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2017-03-24 11:49:38 +01:00
..
arch_dump.c
arch_memory_mapping.c x86: implement la57 paging mode 2016-12-22 16:01:04 +01:00
bpt_helper.c target-i386: Fix eflags.TF/#DB handling of syscall/sysret insns 2016-12-22 16:01:04 +01:00
cc_helper_template.h
cc_helper.c target-i386: Use ctpop helper 2017-01-10 08:49:59 -08:00
cpu-qom.h i386: Define static "base" CPU model 2017-02-27 13:23:27 -03:00
cpu.c i386: Change stepping of Haswell to non-blacklisted value 2017-03-10 15:01:09 -03:00
cpu.h x86: Haswell TSX blacklist fix for 2.9 2017-03-13 13:16:35 +00:00
excp_helper.c target-i386: correctly propagate retaddr into SVM helpers 2017-02-16 18:37:01 +01:00
fpu_helper.c linux-user: Add signal handling support for x86_64 2017-02-27 23:10:02 +01:00
gdbstub.c x86: Fix x86_64 'g' packet response to gdb from 32-bit mode. 2016-12-22 16:00:25 +01:00
hax-all.c target/i386: Add Intel HAX files 2017-01-19 22:07:46 +01:00
hax-darwin.c hax: add Darwin support 2017-01-19 22:07:46 +01:00
hax-darwin.h hax: add Darwin support 2017-01-19 22:07:46 +01:00
hax-i386.h hax: add Darwin support 2017-01-19 22:07:46 +01:00
hax-interface.h target/i386: Add Intel HAX files 2017-01-19 22:07:46 +01:00
hax-mem.c target/i386: Add Intel HAX files 2017-01-19 22:07:46 +01:00
hax-windows.c target/i386: Add Intel HAX files 2017-01-19 22:07:46 +01:00
hax-windows.h target/i386: Add Intel HAX files 2017-01-19 22:07:46 +01:00
helper.c * QOM interface fix (Eduardo) 2017-01-20 16:42:07 +00:00
helper.h target-i386: correctly propagate retaddr into SVM helpers 2017-02-16 18:37:01 +01:00
hyperv.c event_notifier: cleanups around event_notifier_set_handler 2017-01-16 17:52:35 +01:00
hyperv.h
int_helper.c target-i386: Use clz and ctz opcodes 2017-01-10 08:06:11 -08:00
kvm_i386.h kvmclock: reduce kvmclock difference on migration 2016-12-22 16:00:56 +01:00
kvm-stub.c
kvm.c kvm: Print MSR information if KVM_{GET,SET}_MSRS failed 2017-03-14 13:26:36 +01:00
machine.c migration: extend VMStateInfo 2017-01-24 17:54:47 +00:00
Makefile.objs hax: add Darwin support 2017-01-19 22:07:46 +01:00
mem_helper.c
misc_helper.c target-i386: correctly propagate retaddr into SVM helpers 2017-02-16 18:37:01 +01:00
monitor.c monitor: Fix crashes when using HMP commands without CPU 2017-02-21 18:29:01 +00:00
mpx_helper.c
ops_sse_header.h target-i386: Use ctpop helper 2017-01-10 08:49:59 -08:00
ops_sse.h target-i386: Use ctpop helper 2017-01-10 08:49:59 -08:00
seg_helper.c target-i386: defer VMEXIT to do_interrupt 2017-03-09 10:41:48 +00:00
shift_helper_template.h
smm_helper.c tcg: drop global lock during TCG code execution 2017-02-24 10:32:45 +00:00
svm_helper.c target-i386: defer VMEXIT to do_interrupt 2017-03-09 10:41:48 +00:00
svm.h
TODO
trace-events
translate.c tcg/i386: Check the size of instruction being translated 2017-03-24 11:49:38 +01:00