Commit 2b3d2a20 authored by Avi Kivity's avatar Avi Kivity

KVM: Fix vmload and friends misinterpreted as lidt

The AMD SVM instruction family all overload the 0f 01 /3 opcode, further
multiplexing on the three r/m bits.  But the code decided that anything that
isn't a vmmcall must be an lidt (which shares the 0f 01 /3 opcode, for the
case that mod = 3).

Fix by aborting emulation if this isn't a vmmcall.
Signed-off-by: default avatarAvi Kivity <avi@redhat.com>
parent e2078318
...@@ -1908,11 +1908,16 @@ x86_emulate_insn(struct x86_emulate_ctxt *ctxt, struct x86_emulate_ops *ops) ...@@ -1908,11 +1908,16 @@ x86_emulate_insn(struct x86_emulate_ctxt *ctxt, struct x86_emulate_ops *ops)
c->dst.type = OP_NONE; c->dst.type = OP_NONE;
break; break;
case 3: /* lidt/vmmcall */ case 3: /* lidt/vmmcall */
if (c->modrm_mod == 3 && c->modrm_rm == 1) { if (c->modrm_mod == 3) {
switch (c->modrm_rm) {
case 1:
rc = kvm_fix_hypercall(ctxt->vcpu); rc = kvm_fix_hypercall(ctxt->vcpu);
if (rc) if (rc)
goto done; goto done;
kvm_emulate_hypercall(ctxt->vcpu); break;
default:
goto cannot_emulate;
}
} else { } else {
rc = read_descriptor(ctxt, ops, c->src.ptr, rc = read_descriptor(ctxt, ops, c->src.ptr,
&size, &address, &size, &address,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment