From 0665373fa35ded380c3fe6f25a6ae06c96927eb2 Mon Sep 17 00:00:00 2001
From: "leendert@watson.ibm.com[kaf24]" <leendert@watson.ibm.com[kaf24]>
Date: Mon, 23 May 2005 08:51:36 +0000
Subject: [PATCH] bitkeeper revision 1.1509 (42919998wk9fYs94aYbRCzMaqW0N5w)

[PATCH] [PATCH] VMX: bad PIO/MMIO effective address computations

The PIO/MMIO effective address computations in VMX for partitions running
in VM8086 mode are wrong. This bug prevented FreeDOS and Lilo to work under
VMX. The following patches fix this.

	Leendert

Signed-Off-By: Leendert van Doorn <leendert@watson.ibm.com>
---
 xen/arch/x86/vmx.c          | 5 ++---
 xen/arch/x86/vmx_platform.c | 8 ++++----
 2 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/xen/arch/x86/vmx.c b/xen/arch/x86/vmx.c
index fecc98f791..c98913f578 100644
--- a/xen/arch/x86/vmx.c
+++ b/xen/arch/x86/vmx.c
@@ -366,11 +366,11 @@ static void vmx_io_instruction(struct cpu_user_regs *regs,
             if (p->dir == IOREQ_WRITE) {
                 __vmread(GUEST_DS_SELECTOR, &seg);
                 p->u.pdata = (void *)
-                        ((seg << 4) | (regs->esi & 0xFFFF));
+                        ((seg << 4) + (regs->esi & 0xFFFF));
             } else {
                 __vmread(GUEST_ES_SELECTOR, &seg);
                 p->u.pdata = (void *)
-                        ((seg << 4) | (regs->edi & 0xFFFF));
+                        ((seg << 4) + (regs->edi & 0xFFFF));
             }
         } else {
                p->u.pdata = (void *) ((p->dir == IOREQ_WRITE) ?
@@ -378,7 +378,6 @@ static void vmx_io_instruction(struct cpu_user_regs *regs,
         }
         p->u.pdata = (void *) gva_to_gpa(p->u.data);
 
-
         if (test_bit(5, &exit_qualification))
 	    p->count = vm86 ? regs->ecx & 0xFFFF : regs->ecx;
         if ((p->u.data & PAGE_MASK) != 
diff --git a/xen/arch/x86/vmx_platform.c b/xen/arch/x86/vmx_platform.c
index 1b304acb53..14ef2d2d24 100644
--- a/xen/arch/x86/vmx_platform.c
+++ b/xen/arch/x86/vmx_platform.c
@@ -544,7 +544,7 @@ void handle_mmio(unsigned long va, unsigned long gpa)
 
     if (vm86) {
         __vmread(GUEST_CS_SELECTOR, &cs);
-        inst_addr = (cs << 4) | eip;
+        inst_addr = (cs << 4) + eip;
     } else
         inst_addr = eip; /* XXX should really look at GDT[cs].base too */
 
@@ -592,13 +592,13 @@ void handle_mmio(unsigned long va, unsigned long gpa)
 	    unsigned long seg;
 
 	    __vmread(GUEST_ES_SELECTOR, &seg);
-	    if (((seg << 4) | (inst_decoder_regs->edi & 0xFFFF)) == va) {
+	    if (((seg << 4) + (inst_decoder_regs->edi & 0xFFFF)) == va) {
 		dir = IOREQ_WRITE;
 		__vmread(GUEST_DS_SELECTOR, &seg);
-		addr = (seg << 4) | (inst_decoder_regs->esi & 0xFFFF);
+		addr = (seg << 4) + (inst_decoder_regs->esi & 0xFFFF);
 	    } else {
 		dir = IOREQ_READ;
-		addr = (seg << 4) | (inst_decoder_regs->edi & 0xFFFF);
+		addr = (seg << 4) + (inst_decoder_regs->edi & 0xFFFF);
 	    }
 	} else { /* XXX should really look at GDT[ds/es].base too */
 	    if (va == inst_decoder_regs->edi) {
-- 
2.30.2