Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a5625189 authored by Avi Kivity's avatar Avi Kivity Committed by Marcelo Tosatti
Browse files

KVM: x86 emulator: Check segment limits in real mode too 



Segment limits are verified in real mode, not just protected mode.

Signed-off-by: default avatarAvi Kivity <avi@redhat.com>
Signed-off-by: default avatarMarcelo Tosatti <mtosatti@redhat.com>
parent 03ebebeb

arch/x86/kvm/emulate.c

+4 −3
Original line number Diff line number Diff line
@@ -668,8 +668,6 @@ static int __linearize(struct x86_emulate_ctxt *ctxt, 


	la = seg_base(ctxt, addr.seg) + addr.ea;

	switch (ctxt->mode) {

	case X86EMUL_MODE_REAL:

		break;

	case X86EMUL_MODE_PROT64:

		if (((signed long)la << 16) >> 16 != la)

			return emulate_gp(ctxt, 0);
@@ -699,6 +697,9 @@ static int __linearize(struct x86_emulate_ctxt *ctxt, 
				goto bad;

		}

		cpl = ctxt->ops->cpl(ctxt);

		if (ctxt->mode == X86EMUL_MODE_REAL)

			rpl = 0;

		else

			rpl = sel & 3;

		cpl = max(cpl, rpl);

		if (!(desc.type & 8)) {