From: Avi Kivity <avi@redhat.com>
To: kvm@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Subject: [PATCH 15/20] KVM: x86 emulator: Fix popf emulation
Date: Wed, 17 Feb 2010 15:45:25 +0200 [thread overview]
Message-ID: <1266414330-27444-16-git-send-email-avi@redhat.com> (raw)
In-Reply-To: <1266414330-27444-1-git-send-email-avi@redhat.com>
From: Gleb Natapov <gleb@redhat.com>
POPF behaves differently depending on current CPU mode. Emulate correct
logic to prevent guest from changing flags that it can't change otherwise.
Signed-off-by: Gleb Natapov <gleb@redhat.com>
Cc: stable@kernel.org
Signed-off-by: Avi Kivity <avi@redhat.com>
---
arch/x86/kvm/emulate.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++-
1 files changed, 54 insertions(+), 1 deletions(-)
diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
index 296e851..1782387 100644
--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
@@ -343,11 +343,18 @@ static u32 group2_table[] = {
};
/* EFLAGS bit definitions. */
+#define EFLG_ID (1<<21)
+#define EFLG_VIP (1<<20)
+#define EFLG_VIF (1<<19)
+#define EFLG_AC (1<<18)
#define EFLG_VM (1<<17)
#define EFLG_RF (1<<16)
+#define EFLG_IOPL (3<<12)
+#define EFLG_NT (1<<14)
#define EFLG_OF (1<<11)
#define EFLG_DF (1<<10)
#define EFLG_IF (1<<9)
+#define EFLG_TF (1<<8)
#define EFLG_SF (1<<7)
#define EFLG_ZF (1<<6)
#define EFLG_AF (1<<4)
@@ -1214,6 +1221,49 @@ static int emulate_pop(struct x86_emulate_ctxt *ctxt,
return rc;
}
+static int emulate_popf(struct x86_emulate_ctxt *ctxt,
+ struct x86_emulate_ops *ops,
+ void *dest, int len)
+{
+ int rc;
+ unsigned long val, change_mask;
+ int iopl = (ctxt->eflags & X86_EFLAGS_IOPL) >> IOPL_SHIFT;
+ int cpl = kvm_x86_ops->get_cpl(ctxt->vcpu);
+
+ rc = emulate_pop(ctxt, ops, &val, len);
+ if (rc != X86EMUL_CONTINUE)
+ return rc;
+
+ change_mask = EFLG_CF | EFLG_PF | EFLG_AF | EFLG_ZF | EFLG_SF | EFLG_OF
+ | EFLG_TF | EFLG_DF | EFLG_NT | EFLG_RF | EFLG_AC | EFLG_ID;
+
+ switch(ctxt->mode) {
+ case X86EMUL_MODE_PROT64:
+ case X86EMUL_MODE_PROT32:
+ case X86EMUL_MODE_PROT16:
+ if (cpl == 0)
+ change_mask |= EFLG_IOPL;
+ if (cpl <= iopl)
+ change_mask |= EFLG_IF;
+ break;
+ case X86EMUL_MODE_VM86:
+ if (iopl < 3) {
+ kvm_inject_gp(ctxt->vcpu, 0);
+ return X86EMUL_PROPAGATE_FAULT;
+ }
+ change_mask |= EFLG_IF;
+ break;
+ default: /* real mode */
+ change_mask |= (EFLG_IOPL | EFLG_IF);
+ break;
+ }
+
+ *(unsigned long *)dest =
+ (ctxt->eflags & ~change_mask) | (val & change_mask);
+
+ return rc;
+}
+
static void emulate_push_sreg(struct x86_emulate_ctxt *ctxt, int seg)
{
struct decode_cache *c = &ctxt->decode;
@@ -2099,7 +2149,10 @@ special_insn:
c->dst.type = OP_REG;
c->dst.ptr = (unsigned long *) &ctxt->eflags;
c->dst.bytes = c->op_bytes;
- goto pop_instruction;
+ rc = emulate_popf(ctxt, ops, &c->dst.val, c->op_bytes);
+ if (rc != X86EMUL_CONTINUE)
+ goto done;
+ break;
case 0xa0 ... 0xa1: /* mov */
c->dst.ptr = (unsigned long *)&c->regs[VCPU_REGS_RAX];
c->dst.val = c->src.val;
--
1.6.5.3
next prev parent reply other threads:[~2010-02-17 13:45 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-02-17 13:45 [PATCH 00/20] KVM updates for the 2.6.34 merge window (batch 4/4) Avi Kivity
2010-02-17 13:45 ` [PATCH 01/20] KVM: Fix Codestyle in virt/kvm/coalesced_mmio.c Avi Kivity
2010-02-17 13:45 ` [PATCH 02/20] KVM: MMU: Add tracepoint for guest page aging Avi Kivity
2010-02-17 13:45 ` [PATCH 03/20] KVM: VMX: Rename VMX_EPT_IGMT_BIT to VMX_EPT_IPAT_BIT Avi Kivity
2010-02-17 13:45 ` [PATCH 04/20] KVM: PIT: unregister kvm irq notifier if fail to create pit Avi Kivity
2010-02-17 13:45 ` [PATCH 05/20] KVM: kvm->arch.vioapic should be NULL if kvm_ioapic_init() failure Avi Kivity
2010-02-17 13:45 ` [PATCH 06/20] KVM: cleanup the failure path of KVM_CREATE_IRQCHIP ioctrl Avi Kivity
2010-02-17 13:45 ` [PATCH 07/20] KVM: ia64: destroy ioapic device if fail to setup default irq routing Avi Kivity
2010-02-17 13:45 ` [PATCH 08/20] KVM: ppc/booke: Set ESR and DEAR when inject interrupt to guest Avi Kivity
2010-02-17 13:45 ` [PATCH 09/20] KVM: do not store wqh in irqfd Avi Kivity
2010-02-17 13:45 ` [PATCH 10/20] KVM: x86 emulator: Add group8 instruction decoding Avi Kivity
2010-02-17 13:45 ` [PATCH 11/20] KVM: x86 emulator: Add group9 " Avi Kivity
2010-02-17 13:45 ` [PATCH 12/20] KVM: x86 emulator: Add Virtual-8086 mode of emulation Avi Kivity
2010-02-17 13:45 ` [PATCH 13/20] KVM: x86 emulator: fix memory access during x86 emulation Avi Kivity
2010-03-06 13:53 ` Stefan Bader
2010-03-07 10:07 ` Avi Kivity
2010-03-08 14:10 ` Stefan Bader
2010-03-08 14:12 ` Avi Kivity
2010-03-08 14:17 ` Stefan Bader
2010-03-08 20:48 ` Stefan Bader
2010-03-09 15:49 ` Stefan Bader
2010-02-17 13:45 ` [PATCH 14/20] KVM: x86 emulator: Check IOPL level during io instruction emulation Avi Kivity
2010-02-17 13:45 ` Avi Kivity [this message]
2010-02-17 13:45 ` [PATCH 16/20] KVM: x86 emulator: Check CPL level during privilege " Avi Kivity
2010-02-17 13:45 ` [PATCH 17/20] KVM: x86 emulator: Add LOCK prefix validity checking Avi Kivity
2010-02-17 13:45 ` [PATCH 18/20] KVM: Plan obsolescence of kernel allocated slots, paravirt mmu Avi Kivity
2010-02-17 13:45 ` [PATCH 19/20] KVM: x86 emulator: code style cleanup Avi Kivity
2010-02-17 13:45 ` [PATCH 20/20] KVM: x86 emulator: disallow opcode 82 in 64-bit mode Avi Kivity
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1266414330-27444-16-git-send-email-avi@redhat.com \
--to=avi@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).