From mboxrd@z Thu Jan  1 00:00:00 1970
From: Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: [PATCH v2] KVM: x86 emulator: add LDS/LES/LFS/LGS/LSS instruction
 emulation
Date: Fri, 20 Aug 2010 11:09:12 +0200
Message-ID: <4C6E4638.7070507@redhat.com>
References: <4C6BA1D4.5040503@cn.fujitsu.com> <4C6DF3CA.80709@cn.fujitsu.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=GB2312
Content-Transfer-Encoding: 7bit
Cc: Avi Kivity <avi@redhat.com>, kvm@vger.kernel.org
To: Wei Yongjun <yjwei@cn.fujitsu.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mail-vw0-f46.google.com ([209.85.212.46]:56954 "EHLO
	mail-vw0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751967Ab0HTJJQ (ORCPT <rfc822;kvm@vger.kernel.org>);
	Fri, 20 Aug 2010 05:09:16 -0400
Received: by vws3 with SMTP id 3so2833484vws.19
        for <kvm@vger.kernel.org>; Fri, 20 Aug 2010 02:09:16 -0700 (PDT)
In-Reply-To: <4C6DF3CA.80709@cn.fujitsu.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On 08/20/2010 05:17 AM, Wei Yongjun wrote:
> Add LDS/LES/LFS/LGS/LSS instruction emulation.
> (opcode 0xc4, 0xc5, 0x0f 0xb2, 0x0f 0xb4~0xb5)
> 
> Signed-off-by: Wei Yongjun<yjwei@cn.fujitsu.com>
> ---
> v1 ->  v2: mask LES/LDS as No64.

The whole "case SrcMemFAddr" should refuse a register operand, so that
"JMP FAR PTR reg" (0xff 0xeb for example) and "LDS reg, reg" (0xc4
0xc3), would raise a #UD.  I'm pretty sure it is handled incorrectly
right now, and I'm wondering if the resulting access to
ctxt->decode->src.valptr would allow a small information leak from the
kernel...

This bug is preexisting however, so I think it can be done as a
follow-up patch.

Thanks!

Paolo