提交 03ebebeb 编写于 作者: A Avi Kivity 提交者: Marcelo Tosatti

KVM: x86 emulator: Leave segment limit and attributs alone in real mode

When loading a segment in real mode, only the base and selector must
be modified.  The limit needs to be left alone, otherwise big real mode
users will hit a #GP due to limit checking (currently this is suppressed
because we don't check limits in real mode).
Signed-off-by: NAvi Kivity <avi@redhat.com>
Signed-off-by: NMarcelo Tosatti <mtosatti@redhat.com>
上级 e2a610d7
...@@ -1388,19 +1388,15 @@ static int load_segment_descriptor(struct x86_emulate_ctxt *ctxt, ...@@ -1388,19 +1388,15 @@ static int load_segment_descriptor(struct x86_emulate_ctxt *ctxt,
bool null_selector = !(selector & ~0x3); /* 0000-0003 are null */ bool null_selector = !(selector & ~0x3); /* 0000-0003 are null */
ulong desc_addr; ulong desc_addr;
int ret; int ret;
u16 dummy;
memset(&seg_desc, 0, sizeof seg_desc); memset(&seg_desc, 0, sizeof seg_desc);
if ((seg <= VCPU_SREG_GS && ctxt->mode == X86EMUL_MODE_VM86) if ((seg <= VCPU_SREG_GS && ctxt->mode == X86EMUL_MODE_VM86)
|| ctxt->mode == X86EMUL_MODE_REAL) { || ctxt->mode == X86EMUL_MODE_REAL) {
/* set real mode segment descriptor */ /* set real mode segment descriptor */
ctxt->ops->get_segment(ctxt, &dummy, &seg_desc, NULL, seg);
set_desc_base(&seg_desc, selector << 4); set_desc_base(&seg_desc, selector << 4);
set_desc_limit(&seg_desc, 0xffff);
seg_desc.type = 3;
seg_desc.p = 1;
seg_desc.s = 1;
if (ctxt->mode == X86EMUL_MODE_VM86)
seg_desc.dpl = 3;
goto load; goto load;
} }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册