From: Nadav Amit Date: Sun, 2 Nov 2014 09:54:41 +0000 (+0200) Subject: KVM: x86: decode_modrm does not regard modrm correctly X-Git-Tag: firefly_0821_release~176^2~2635^2~88 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=5b38ab877e5bd6c6564f2f23f25e0c3d4768728a;p=firefly-linux-kernel-4.4.55.git KVM: x86: decode_modrm does not regard modrm correctly In one occassion, decode_modrm uses the rm field after it is extended with REX.B to determine the addressing mode. Doing so causes it not to read the offset for rip-relative addressing with REX.B=1. This patch moves the fetch where we already mask REX.B away instead. Signed-off-by: Nadav Amit Signed-off-by: Paolo Bonzini --- diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c index cd2029bbab48..a4703eb9c1ed 100644 --- a/arch/x86/kvm/emulate.c +++ b/arch/x86/kvm/emulate.c @@ -1223,6 +1223,7 @@ static int decode_modrm(struct x86_emulate_ctxt *ctxt, if (index_reg != 4) modrm_ea += reg_read(ctxt, index_reg) << scale; } else if ((ctxt->modrm_rm & 7) == 5 && ctxt->modrm_mod == 0) { + modrm_ea += insn_fetch(s32, ctxt); if (ctxt->mode == X86EMUL_MODE_PROT64) ctxt->rip_relative = 1; } else { @@ -1231,10 +1232,6 @@ static int decode_modrm(struct x86_emulate_ctxt *ctxt, adjust_modrm_seg(ctxt, base_reg); } switch (ctxt->modrm_mod) { - case 0: - if (ctxt->modrm_rm == 5) - modrm_ea += insn_fetch(s32, ctxt); - break; case 1: modrm_ea += insn_fetch(s8, ctxt); break;