diff options
| author | Avi Kivity <avi@redhat.com> | 2012-08-21 10:07:05 -0400 |
|---|---|---|
| committer | Marcelo Tosatti <mtosatti@redhat.com> | 2012-08-27 19:02:20 -0400 |
| commit | a5625189f6810ef79ced53989c794acfa10d3370 (patch) | |
| tree | aa496405cc5ee69b88f88228c1958cb7b51e7fa8 /arch/x86/kvm | |
| parent | 03ebebeb1ff5d1d6209fd8df4ffc9204df82bd55 (diff) | |
KVM: x86 emulator: Check segment limits in real mode too
Segment limits are verified in real mode, not just protected mode.
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Diffstat (limited to 'arch/x86/kvm')
| -rw-r--r-- | arch/x86/kvm/emulate.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c index f8b27cd2a6cb..5b1c701cd6d0 100644 --- a/arch/x86/kvm/emulate.c +++ b/arch/x86/kvm/emulate.c | |||
| @@ -668,8 +668,6 @@ static int __linearize(struct x86_emulate_ctxt *ctxt, | |||
| 668 | 668 | ||
| 669 | la = seg_base(ctxt, addr.seg) + addr.ea; | 669 | la = seg_base(ctxt, addr.seg) + addr.ea; |
| 670 | switch (ctxt->mode) { | 670 | switch (ctxt->mode) { |
| 671 | case X86EMUL_MODE_REAL: | ||
| 672 | break; | ||
| 673 | case X86EMUL_MODE_PROT64: | 671 | case X86EMUL_MODE_PROT64: |
| 674 | if (((signed long)la << 16) >> 16 != la) | 672 | if (((signed long)la << 16) >> 16 != la) |
| 675 | return emulate_gp(ctxt, 0); | 673 | return emulate_gp(ctxt, 0); |
| @@ -699,7 +697,10 @@ static int __linearize(struct x86_emulate_ctxt *ctxt, | |||
| 699 | goto bad; | 697 | goto bad; |
| 700 | } | 698 | } |
| 701 | cpl = ctxt->ops->cpl(ctxt); | 699 | cpl = ctxt->ops->cpl(ctxt); |
| 702 | rpl = sel & 3; | 700 | if (ctxt->mode == X86EMUL_MODE_REAL) |
| 701 | rpl = 0; | ||
| 702 | else | ||
| 703 | rpl = sel & 3; | ||
| 703 | cpl = max(cpl, rpl); | 704 | cpl = max(cpl, rpl); |
| 704 | if (!(desc.type & 8)) { | 705 | if (!(desc.type & 8)) { |
| 705 | /* data segment */ | 706 | /* data segment */ |