From a61e7a356536aaa9f9700544907e07c32a8f591e Mon Sep 17 00:00:00 2001
From: Keir Fraser <keir.fraser@citrix.com>
Date: Wed, 30 Jun 2010 18:12:43 +0100
Subject: [PATCH] Fix #GPF injection into compat guests in vm86 code

not to let the guest disable interrupts in the real EFLAGS.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
---
 xen/arch/x86/x86_64/compat/traps.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/xen/arch/x86/x86_64/compat/traps.c b/xen/arch/x86/x86_64/compat/traps.c
index 69014383c7..a9ee983a90 100644
--- a/xen/arch/x86/x86_64/compat/traps.c
+++ b/xen/arch/x86/x86_64/compat/traps.c
@@ -127,9 +127,8 @@ unsigned int compat_iret(void)
         ti = &v->arch.guest_context.trap_ctxt[13];
         if ( TI_GET_IF(ti) )
             eflags &= ~X86_EFLAGS_IF;
-        regs->_eflags = eflags & ~(X86_EFLAGS_VM|X86_EFLAGS_RF|
-                                   X86_EFLAGS_NT|X86_EFLAGS_TF);
-
+        regs->_eflags &= ~(X86_EFLAGS_VM|X86_EFLAGS_RF|
+                           X86_EFLAGS_NT|X86_EFLAGS_TF);
         if ( unlikely(__put_user(0, (u32 *)regs->rsp)) )
             goto exit_and_crash;
         regs->_eip = ti->address;
-- 
2.30.2