KVM: Fix vmload and friends misinterpreted as lidt
The AMD SVM instruction family all overload the 0f 01 /3 opcode, further multiplexing on the three r/m bits. But the code decided that anything that isn't a vmmcall must be an lidt (which shares the 0f 01 /3 opcode, for the case that mod = 3). Fix by aborting emulation if this isn't a vmmcall. Signed-off-by: Avi Kivity <avi@redhat.com>
This commit is contained in:
Avi Kivity
parent
e207831804
commit
2b3d2a2060
@ -1908,11 +1908,16 @@ twobyte_insn:
|
|||||||
c->dst.type = OP_NONE;
|
c->dst.type = OP_NONE;
|
||||||
break;
|
break;
|
||||||
case 3: /* lidt/vmmcall */
|
case 3: /* lidt/vmmcall */
|
||||||
if (c->modrm_mod == 3 && c->modrm_rm == 1) {
|
if (c->modrm_mod == 3) {
|
||||||
|
switch (c->modrm_rm) {
|
||||||
|
case 1:
|
||||||
rc = kvm_fix_hypercall(ctxt->vcpu);
|
rc = kvm_fix_hypercall(ctxt->vcpu);
|
||||||
if (rc)
|
if (rc)
|
||||||
goto done;
|
goto done;
|
||||||
kvm_emulate_hypercall(ctxt->vcpu);
|
break;
|
||||||
|
default:
|
||||||
|
goto cannot_emulate;
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
rc = read_descriptor(ctxt, ops, c->src.ptr,
|
rc = read_descriptor(ctxt, ops, c->src.ptr,
|
||||||
&size, &address,
|
&size, &address,
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user