|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen master] x86/emul: Correct the behaviour of pop %ss and interrupt shadowing
commit 8d246db03eaa339c88e04ba5bea356164ea26d2a
Author: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
AuthorDate: Tue Nov 29 18:35:46 2016 +0000
Commit: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Fri Dec 2 17:23:01 2016 +0000
x86/emul: Correct the behaviour of pop %ss and interrupt shadowing
The mov_ss retire flag should only be set once load_seg() has returned
success. In particular, it should not be set if an exception occured when
trying to load %ss.
_hvm_emulate_one(), currently the sole user of mov_ss, only consideres it in
the case that x86_emulate() returns X86EMUL_OKAY, so this bug isn't actually
exposed to guests.
Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
---
xen/arch/x86/x86_emulate/x86_emulate.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/xen/arch/x86/x86_emulate/x86_emulate.c
b/xen/arch/x86/x86_emulate/x86_emulate.c
index 2ead6db..bfcc05d 100644
--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -2656,6 +2656,8 @@ x86_emulate(
&dst.val, op_bytes, ctxt, ops)) != 0 ||
(rc = load_seg(src.val, dst.val, 0, NULL, ctxt, ops)) != 0 )
goto done;
+ if ( src.val == x86_seg_ss )
+ ctxt->retire.mov_ss = true;
break;
case 0x0e: /* push %%cs */
@@ -2668,7 +2670,6 @@ x86_emulate(
case 0x17: /* pop %%ss */
src.val = x86_seg_ss;
- ctxt->retire.mov_ss = true;
goto pop_seg;
case 0x1e: /* push %%ds */
--
generated by git-patchbot for /home/xen/git/xen.git#master
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |