From mboxrd@z Thu Jan  1 00:00:00 1970
From: Marcelo Tosatti <mtosatti@redhat.com>
Subject: KVM: x86: use proper port value when checking io instruction
 permission
Date: Tue, 24 May 2011 14:11:20 -0300
Message-ID: <20110524171120.GA19906@amt.cnet>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: Avi Kivity <avi@redhat.com>, Joerg Roedel <joerg.roedel@amd.com>
To: kvm <kvm@vger.kernel.org>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx1.redhat.com ([209.132.183.28]:40907 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1755986Ab1EXRLt (ORCPT <rfc822;kvm@vger.kernel.org>);
	Tue, 24 May 2011 13:11:49 -0400
Content-Disposition: inline
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>


Commit fa4491a6b667304 moved the permission check for io instructions
to the ->check_perm callback. It failed to copy the port value from RDX
register for string and "in,out ax,dx" instructions. Fix it.

Fixes FC8.32 installation.

Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>

diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
index 3bc6b7a..df354a4 100644
--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
@@ -2944,6 +2944,15 @@ static int check_perm_in(struct x86_emulate_ctxt *ctxt)
 {
 	struct decode_cache *c = &ctxt->decode;
 
+	switch (c->b) {
+	case 0x6c: /* insb */
+	case 0x6d: /* insw/insd */
+	case 0xec: /* in al,dx */
+	case 0xed: /* in (e/r)ax,dx */
+		c->src.val = c->regs[VCPU_REGS_RDX];
+		break;
+	}
+
 	c->dst.bytes = min(c->dst.bytes, 4u);
 	if (!emulator_io_permited(ctxt, c->src.val, c->dst.bytes))
 		return emulate_gp(ctxt, 0);
@@ -2955,6 +2964,15 @@ static int check_perm_out(struct x86_emulate_ctxt *ctxt)
 {
 	struct decode_cache *c = &ctxt->decode;
 
+	switch (c->b) {
+	case 0x6e: /* outsb */
+	case 0x6f: /* outsw/outsd */
+	case 0xee: /* out dx,al */
+	case 0xef: /* out dx,(e/r)ax */
+		c->dst.val = c->regs[VCPU_REGS_RDX];
+		break;
+	}
+
 	c->src.bytes = min(c->src.bytes, 4u);
 	if (!emulator_io_permited(ctxt, c->dst.val, c->src.bytes))
 		return emulate_gp(ctxt, 0);