Displaying 1 result from an estimated 1 matches for "unlessth".
Did you mean:
unlessthe
2007 Sep 27
1
Unsigned bug in rdmsr_hypervisor_regs/wrmsr_hypervisor_regs
...or_regs(
uint32_t idx, uint32_t *eax, uint32_t *edx)
{
idx -= 0x40000000;
if ( idx > 0 )
return 0;
...
The intent, apparently, is that the function should return zero if the
original idx exceeds 0x40000000.
However because idx is unsigned the function will always return zero
unlessthe original idx is precisely 0x40000000.
The effect is that reading or writing any unexpected MSR will cause the
guest to get a GPF.
(The intended effect is, I think, reading any MSR less than 0x40000001
should simply return 0
and writing any such MSR should bug. Injecting a GPF should only happen...