From mboxrd@z Thu Jan 1 00:00:00 1970 From: Avi Kivity Subject: Re: KVM: x86: use proper port value when checking io instruction permission (v2) Date: Thu, 26 May 2011 10:02:31 +0300 Message-ID: <4DDDFB07.2050909@redhat.com> References: <20110524171120.GA19906@amt.cnet> <20110524172706.GC22042@redhat.com> <20110525181820.GA14921@amt.cnet> <4DDDF3D6.3000505@redhat.com> <20110526065511.GA29458@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Marcelo Tosatti , kvm , Joerg Roedel To: Gleb Natapov Return-path: Received: from mx1.redhat.com ([209.132.183.28]:42988 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751339Ab1EZHCh (ORCPT ); Thu, 26 May 2011 03:02:37 -0400 In-Reply-To: <20110526065511.GA29458@redhat.com> Sender: kvm-owner@vger.kernel.org List-ID: On 05/26/2011 09:55 AM, Gleb Natapov wrote: > > > > > >+ case SrcDX: > > >+ c->src.type = OP_REG; > > >+ c->src.bytes = c->op_bytes; > > > > Needs to be 2. Otherwise we'll see extra bits from edx, or lose > > bits from dx if it's a 1-byte instruction. > > > But those extra bits will be dropped by check_perm_in() anyway. It isn't nice to depend on it. btw, Marcelo, the patch should also make use of the decode during execution: case 0xef: /* out dx,(e/r)ax */ c->dst.val = c->regs[VCPU_REGS_RDX]; ^^ can drop do_io_out: ops->pio_out_emulated(ctxt, c->src.bytes, c->dst.val, &c->src.val, 1); c->dst.type = OP_NONE; /* Disable writeback. */ break; > Can > c->op_bytes ever be 1? in %dx, %al -- I have a truly marvellous patch that fixes the bug which this signature is too narrow to contain.