Fix a BSOD triggered by Windows 10 20H1.

The bugcheck is caused by an APC interrupt delivered in the middle of fastop emulation, where original KVM will overwrite host eflags. With SMAP on, AC of eflags is very sensitive.
google · Apr 30, 2020 · 587ee91 · 587ee91
1 parent 8db1a4a
commit 587ee91
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 9 deletions.
diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
@@ -5213,7 +5213,7 @@ extern void __asm_fastop(size_t *flags,void *fop,
 						struct x86_emulate_ctxt *ctxt);
 static int fastop(struct x86_emulate_ctxt *ctxt, void (*fop)(struct fastop *))
 {
-	size_t flags = (ctxt->eflags & EFLAGS_MASK) | X86_EFLAGS_IF;
+	size_t flags = ctxt->eflags & EFLAGS_MASK;
 	char *__fop = (char *)fop;
 
 	if (!(ctxt->d & ByteOp))

diff --git a/assembly/x64/assembly.asm b/assembly/x64/assembly.asm
@@ -629,11 +629,17 @@ __asm_fastop      proc frame
 
 			; save host eflags
 			pushfq
-			push qword ptr[rdi]
+			mov r10, qword ptr[rdi]
+			mov r9, qword ptr[rsp]
+			and r9d, 0fffff72ah
+			or r10, r9
+			push r10
 			popfq
 			call rsi
 			pushfq
-			pop qword ptr[rdi]
+			pop r10
+			and r10, 8D5h ; keep status flags
+			mov qword ptr[rdi], r10
 			popfq
 
 			mov qword ptr CXT_TO_DST[r8], rax
@@ -646,12 +652,6 @@ __asm_fastop      proc frame
 			ret
 __asm_fastop      endp
 
-                public kvm_fastop_exception
-kvm_fastop_exception proc
-                xor     esi, esi
-                ret
-kvm_fastop_exception endp
-
 ; ---------------------------------------------------------------------------
                 align 8