From mboxrd@z Thu Jan  1 00:00:00 1970
From: Gleb Natapov <gleb@redhat.com>
Subject: Re: KVM: x86: use proper port value when checking io instruction
 permission
Date: Tue, 24 May 2011 20:27:06 +0300
Message-ID: <20110524172706.GC22042@redhat.com>
References: <20110524171120.GA19906@amt.cnet>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: kvm <kvm@vger.kernel.org>, Avi Kivity <avi@redhat.com>,
	Joerg Roedel <joerg.roedel@amd.com>
To: Marcelo Tosatti <mtosatti@redhat.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx1.redhat.com ([209.132.183.28]:29759 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1754156Ab1EXR1K (ORCPT <rfc822;kvm@vger.kernel.org>);
	Tue, 24 May 2011 13:27:10 -0400
Content-Disposition: inline
In-Reply-To: <20110524171120.GA19906@amt.cnet>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On Tue, May 24, 2011 at 02:11:20PM -0300, Marcelo Tosatti wrote:
> 
> Commit fa4491a6b667304 moved the permission check for io instructions
> to the ->check_perm callback. It failed to copy the port value from RDX
> register for string and "in,out ax,dx" instructions. Fix it.
> 
> Fixes FC8.32 installation.
> 
> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
> 
> diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
> index 3bc6b7a..df354a4 100644
> --- a/arch/x86/kvm/emulate.c
> +++ b/arch/x86/kvm/emulate.c
> @@ -2944,6 +2944,15 @@ static int check_perm_in(struct x86_emulate_ctxt *ctxt)
>  {
>  	struct decode_cache *c = &ctxt->decode;
>  
> +	switch (c->b) {
> +	case 0x6c: /* insb */
> +	case 0x6d: /* insw/insd */
> +	case 0xec: /* in al,dx */
> +	case 0xed: /* in (e/r)ax,dx */
> +		c->src.val = c->regs[VCPU_REGS_RDX];
> +		break;
> +	}
> +
>  	c->dst.bytes = min(c->dst.bytes, 4u);
>  	if (!emulator_io_permited(ctxt, c->src.val, c->dst.bytes))
>  		return emulate_gp(ctxt, 0);
> @@ -2955,6 +2964,15 @@ static int check_perm_out(struct x86_emulate_ctxt *ctxt)
>  {
>  	struct decode_cache *c = &ctxt->decode;
>  
> +	switch (c->b) {
> +	case 0x6e: /* outsb */
> +	case 0x6f: /* outsw/outsd */
> +	case 0xee: /* out dx,al */
> +	case 0xef: /* out dx,(e/r)ax */
> +		c->dst.val = c->regs[VCPU_REGS_RDX];
> +		break;
> +	}
> +
>  	c->src.bytes = min(c->src.bytes, 4u);
>  	if (!emulator_io_permited(ctxt, c->dst.val, c->src.bytes))
>  		return emulate_gp(ctxt, 0);
I'd rather do it at decoding stage by adding SrcDX/DstDX.

--
			Gleb.