KVM: x86: Fix of previously incomplete fix for CVE-2014-8480

commit 63ea0a49 upstream. STR and SLDT with rip-relative operand can cause a host kernel oops. Mark them as DstMem as well. Signed-off-by: Nadav Amit <namit@cs.technion.ac.il> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

KVM: x86: Fix of previously incomplete fix for CVE-2014-8480
commit 63ea0a49 upstream. STR and SLDT with rip-relative operand can cause a host kernel oops. Mark them as DstMem as well. Signed-off-by: Nadav Amit <namit@cs.technion.ac.il> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
f84d9d8d · Nadav Amit · Greg Kroah-Hartman · cb2567bf · f84d9d8d
Commit f84d9d8d authored Jan 08, 2015 by Nadav Amit Committed by Greg Kroah-Hartman Jan 29, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

arch/x86/kvm/emulate.c arch/x86/kvm/emulate.c +2 -2

No files found.
--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
@@ -3777,8 +3777,8 @@ static const struct opcode group5[] = {
 };

 static const struct opcode group6[] = {
-	DI(Prot,	sldt),
-	DI(Prot,	str),
+	DI(Prot | DstMem,	sldt),
+	DI(Prot | DstMem,	str),
 	II(Prot | Priv | SrcMem16, em_lldt, lldt),
 	II(Prot | Priv | SrcMem16, em_ltr, ltr),
 	N, N, N, N,