From mboxrd@z Thu Jan 1 00:00:00 1970 From: Gleb Natapov Subject: Re: KVM: x86: use proper port value when checking io instruction permission Date: Tue, 24 May 2011 22:18:36 +0300 Message-ID: <20110524191836.GD22042@redhat.com> References: <20110524171120.GA19906@amt.cnet> <20110524172706.GC22042@redhat.com> <4DDC0204.9050002@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Marcelo Tosatti , kvm , Joerg Roedel To: Avi Kivity Return-path: Received: from mx1.redhat.com ([209.132.183.28]:55026 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754505Ab1EXTSi (ORCPT ); Tue, 24 May 2011 15:18:38 -0400 Content-Disposition: inline In-Reply-To: <4DDC0204.9050002@redhat.com> Sender: kvm-owner@vger.kernel.org List-ID: On Tue, May 24, 2011 at 10:07:48PM +0300, Avi Kivity wrote: > >> @@ -2955,6 +2964,15 @@ static int check_perm_out(struct x86_emulate_ctxt *ctxt) > >> { > >> struct decode_cache *c =&ctxt->decode; > >> > >> + switch (c->b) { > >> + case 0x6e: /* outsb */ > >> + case 0x6f: /* outsw/outsd */ > >> + case 0xee: /* out dx,al */ > >> + case 0xef: /* out dx,(e/r)ax */ > >> + c->dst.val = c->regs[VCPU_REGS_RDX]; > >> + break; > >> + } > >> + > >> c->src.bytes = min(c->src.bytes, 4u); > >> if (!emulator_io_permited(ctxt, c->dst.val, c->src.bytes)) > >> return emulate_gp(ctxt, 0); > >I'd rather do it at decoding stage by adding SrcDX/DstDX. > > > > Note we haven't decoded operands yet. And this doesn't fix in $imm8, %al. > We haven't? check_perm is called from x86_emulate_insn() and operands are decode in x86_decode_insn(). So $imm8, %al should work now. Or am I missing something? > Maybe we need an additional check site after operands are fetched. > > -- > I have a truly marvellous patch that fixes the bug which this > signature is too narrow to contain. -- Gleb.