From: Nadav Amit Date: Thu, 2 Oct 2014 22:10:03 +0000 (+0300) Subject: KVM: x86: Emulator performs code segment checks on read access X-Git-Tag: firefly_0821_release~176^2~2635^2~105 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=c49c759f7a68b70d2fed019760a66843b3df39b8;p=firefly-linux-kernel-4.4.55.git KVM: x86: Emulator performs code segment checks on read access When read access is performed using a readable code segment, the "conforming" and "non-conforming" checks should not be done. As a result, read using non-conforming readable code segment fails. This is according to Intel SDM 5.6.1 ("Accessing Data in Code Segments"). The fix is not to perform the "non-conforming" checks if the access is not a fetch; the relevant checks are already done when loading the segment. Signed-off-by: Nadav Amit Reviewed-by: Radim Krčmář Signed-off-by: Paolo Bonzini --- diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c index bdd4197e31fa..cd2029bbab48 100644 --- a/arch/x86/kvm/emulate.c +++ b/arch/x86/kvm/emulate.c @@ -703,8 +703,8 @@ static __always_inline int __linearize(struct x86_emulate_ctxt *ctxt, if (size > *max_size) goto bad; cpl = ctxt->ops->cpl(ctxt); - if (!(desc.type & 8)) { - /* data segment */ + if (!fetch) { + /* data segment or readable code segment */ if (cpl > desc.dpl) goto bad; } else if ((desc.type & 8) && !(desc.type & 4)) {