KVM: x86: Handle 32-bit wrap of EIP for EMULTYPE_SKIP with flat code seg
[ Upstream commit5e854864ee
] Truncate the new EIP to a 32-bit value when handling EMULTYPE_SKIP as the decode phase does not truncate _eip. Wrapping the 32-bit boundary is legal if and only if CS is a flat code segment, but that check is implicitly handled in the form of limit checks in the decode phase. Opportunstically prepare for a future fix by storing the result of any truncation in "eip" instead of "_eip". Fixes:1957aa63be
("KVM: VMX: Handle single-step #DB for EMULTYPE_SKIP on EPT misconfig") Signed-off-by: Sean Christopherson <seanjc@google.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-Id: <093eabb1eab2965201c9b018373baf26ff256d85.1635842679.git.houwenlong93@linux.alibaba.com> Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
Родитель
00542cbacf
Коммит
3d8468045e
|
@ -7999,7 +7999,12 @@ int x86_emulate_instruction(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa,
|
||||||
* updating interruptibility state and injecting single-step #DBs.
|
* updating interruptibility state and injecting single-step #DBs.
|
||||||
*/
|
*/
|
||||||
if (emulation_type & EMULTYPE_SKIP) {
|
if (emulation_type & EMULTYPE_SKIP) {
|
||||||
kvm_rip_write(vcpu, ctxt->_eip);
|
if (ctxt->mode != X86EMUL_MODE_PROT64)
|
||||||
|
ctxt->eip = (u32)ctxt->_eip;
|
||||||
|
else
|
||||||
|
ctxt->eip = ctxt->_eip;
|
||||||
|
|
||||||
|
kvm_rip_write(vcpu, ctxt->eip);
|
||||||
if (ctxt->eflags & X86_EFLAGS_RF)
|
if (ctxt->eflags & X86_EFLAGS_RF)
|
||||||
kvm_set_rflags(vcpu, ctxt->eflags & ~X86_EFLAGS_RF);
|
kvm_set_rflags(vcpu, ctxt->eflags & ~X86_EFLAGS_RF);
|
||||||
return 1;
|
return 1;
|
||||||
|
|
Загрузка…
Ссылка в новой задаче