From 47591e012f08f95858d444641e773f101ba41e21 Mon Sep 17 00:00:00 2001
From: Andrew Cooper <andrew.cooper3@citrix.com>
Date: Wed, 14 Dec 2016 10:58:08 +0000
Subject: [PATCH] x86/emul: Further simplify DstBitBase handling

The masking of src.val is common to both paths.  Move it later and simplify
the entry condition for adjusting the memory operand.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
---
 xen/arch/x86/x86_emulate/x86_emulate.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/xen/arch/x86/x86_emulate/x86_emulate.c b/xen/arch/x86/x86_emulate/x86_emulate.c
index 1b5becf313..05fa342a94 100644
--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -2637,11 +2637,7 @@ x86_emulate(
         }
         break;
     case DstBitBase:
-        if ( ((d & SrcMask) == SrcImmByte) || (ea.type == OP_REG) )
-        {
-            src.val &= (op_bytes << 3) - 1;
-        }
-        else
+        if ( ea.type == OP_MEM )
         {
             /*
              * Instructions such as bt can reference an arbitrary offset from
@@ -2664,8 +2660,11 @@ x86_emulate(
                     op_bytes + (((-src.val - 1) >> 3) & ~(op_bytes - 1L));
             else
                 ea.mem.off += (src.val >> 3) & ~(op_bytes - 1L);
-            src.val &= (op_bytes << 3) - 1;
         }
+
+        /* Bit index always truncated to within range. */
+        src.val &= (op_bytes << 3) - 1;
+
         d = (d & ~DstMask) | DstMem;
         /* Becomes a normal DstMem operation from here on. */
     case DstMem:
-- 
2.30.2