summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAvi Kivity <avi@redhat.com>2012-08-21 17:07:04 +0300
committerMarcelo Tosatti <mtosatti@redhat.com>2012-08-27 20:02:20 -0300
commit03ebebeb1ff5d1d6209fd8df4ffc9204df82bd55 (patch)
tree47af40344c5f609e34acbc9136fe5c04b2893282
parente2a610d7fc3e285af8061ff071761752255d95f6 (diff)
downloadlinux-stable-03ebebeb1ff5d1d6209fd8df4ffc9204df82bd55.tar.gz
linux-stable-03ebebeb1ff5d1d6209fd8df4ffc9204df82bd55.tar.bz2
linux-stable-03ebebeb1ff5d1d6209fd8df4ffc9204df82bd55.zip
KVM: x86 emulator: Leave segment limit and attributs alone in real mode
When loading a segment in real mode, only the base and selector must be modified. The limit needs to be left alone, otherwise big real mode users will hit a #GP due to limit checking (currently this is suppressed because we don't check limits in real mode). Signed-off-by: Avi Kivity <avi@redhat.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
-rw-r--r--arch/x86/kvm/emulate.c8
1 files changed, 2 insertions, 6 deletions
diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
index 5e27ba532613..f8b27cd2a6cb 100644
--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
@@ -1388,19 +1388,15 @@ static int load_segment_descriptor(struct x86_emulate_ctxt *ctxt,
bool null_selector = !(selector & ~0x3); /* 0000-0003 are null */
ulong desc_addr;
int ret;
+ u16 dummy;
memset(&seg_desc, 0, sizeof seg_desc);
if ((seg <= VCPU_SREG_GS && ctxt->mode == X86EMUL_MODE_VM86)
|| ctxt->mode == X86EMUL_MODE_REAL) {
/* set real mode segment descriptor */
+ ctxt->ops->get_segment(ctxt, &dummy, &seg_desc, NULL, seg);
set_desc_base(&seg_desc, selector << 4);
- set_desc_limit(&seg_desc, 0xffff);
- seg_desc.type = 3;
- seg_desc.p = 1;
- seg_desc.s = 1;
- if (ctxt->mode == X86EMUL_MODE_VM86)
- seg_desc.dpl = 3;
goto load;
}