KVM: x86: em_ret_far overrides cpl

commit d50eaa18 ("KVM: x86: Perform limit checks when assigning EIP") mistakenly used zero as cpl on em_ret_far. Use the actual one. Fixes: d50eaa18 Cc: stable@vger.kernel.org Signed-off-by: N Nadav Amit <namit@cs.technion.ac.il> Signed-off-by: N Paolo Bonzini <pbonzini@redhat.com>

KVM: x86: em_ret_far overrides cpl
commit d50eaa18 ("KVM: x86: Perform limit checks when assigning EIP") mistakenly used zero as cpl on em_ret_far. Use the actual one. Fixes: d50eaa18 Cc: stable@vger.kernel.org Signed-off-by: N Nadav Amit <namit@cs.technion.ac.il> Signed-off-by: N Paolo Bonzini <pbonzini@redhat.com>
ab646f54 · Nadav Amit · Paolo Bonzini · 78051e3b · ab646f54
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

arch/x86/kvm/emulate.c arch/x86/kvm/emulate.c +1 -1

未找到文件。
--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
@@ -2130,7 +2130,7 @@ static int em_ret_far(struct x86_emulate_ctxt *ctxt)
 	/* Outer-privilege level return is not implemented */
 	if (ctxt->mode >= X86EMUL_MODE_PROT16 && (cs & 3) > cpl)
 		return X86EMUL_UNHANDLEABLE;
-	rc = __load_segment_descriptor(ctxt, (u16)cs, VCPU_SREG_CS, 0, false,
+	rc = __load_segment_descriptor(ctxt, (u16)cs, VCPU_SREG_CS, cpl, false,
 				       &new_desc);
 	if (rc != X86EMUL_CONTINUE)
 		return rc;