Skip to content

Commit

Permalink
KVM: VMX: make rmode_segment_valid() more strict.
Browse files Browse the repository at this point in the history 
Currently it allows entering vm86 mode if segment limit is greater than
0xffff and db bit is set. Both of those can cause incorrect execution of
instruction by cpu since in vm86 mode limit will be set to 0xffff and db
will be forced to 0.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
  • Loading branch information
Gleb Natapov authored and Marcelo Tosatti committed Jan 2, 2013
1 parent 045a282 commit 89efbed
Showing 1 changed file with 1 addition and 3 deletions.
4 changes: 1 addition & 3 deletions arch/x86/kvm/vmx.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3341,15 +3341,13 @@ static bool rmode_segment_valid(struct kvm_vcpu *vcpu, int seg)

vmx_get_segment(vcpu, &var, seg);
var.dpl = 0x3;
var.g = 0;
var.db = 0;
if (seg == VCPU_SREG_CS)
var.type = 0x3;
ar = vmx_segment_access_rights(&var);

if (var.base != (var.selector << 4))
return false;
if (var.limit < 0xffff)
if (var.limit != 0xffff)
return false;
if (ar != 0xf3)
return false;
Expand Down

0 comments on commit 89efbed

Please sign in to comment.