mirror of
https://github.com/edk2-porting/linux-next.git
synced 2024-12-17 09:43:59 +08:00
KVM: x86: fix conversion of addresses to linear in 32-bit protected mode
Commite8dd2d2d64
("Silence compiler warning in arch/x86/kvm/emulate.c", 2015-09-06) broke boot of the Hurd. The bug is that the "default:" case actually could modify "la", but after the patch this change is not reflected in *linear. The bug is visible whenever a non-zero segment base causes the linear address to wrap around the 4GB mark. Fixes:e8dd2d2d64
Cc: stable@vger.kernel.org Reported-by: Aurelien Jarno <aurelien@aurel32.net> Tested-by: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This commit is contained in:
parent
172b2386ed
commit
0c1d77f4ba
@ -650,10 +650,10 @@ static __always_inline int __linearize(struct x86_emulate_ctxt *ctxt,
|
||||
u16 sel;
|
||||
|
||||
la = seg_base(ctxt, addr.seg) + addr.ea;
|
||||
*linear = la;
|
||||
*max_size = 0;
|
||||
switch (mode) {
|
||||
case X86EMUL_MODE_PROT64:
|
||||
*linear = la;
|
||||
if (is_noncanonical_address(la))
|
||||
goto bad;
|
||||
|
||||
@ -662,6 +662,7 @@ static __always_inline int __linearize(struct x86_emulate_ctxt *ctxt,
|
||||
goto bad;
|
||||
break;
|
||||
default:
|
||||
*linear = la = (u32)la;
|
||||
usable = ctxt->ops->get_segment(ctxt, &sel, &desc, NULL,
|
||||
addr.seg);
|
||||
if (!usable)
|
||||
@ -689,7 +690,6 @@ static __always_inline int __linearize(struct x86_emulate_ctxt *ctxt,
|
||||
if (size > *max_size)
|
||||
goto bad;
|
||||
}
|
||||
la &= (u32)-1;
|
||||
break;
|
||||
}
|
||||
if (insn_aligned(ctxt, size) && ((la & (size - 1)) != 0))
|
||||
|
Loading…
Reference in New Issue
Block a user