From 4ccb2adb96042e0d1e334c01fe260b32e6001db9 Mon Sep 17 00:00:00 2001 From: Jan Beulich Date: Thu, 3 Nov 2016 17:23:22 +0100 Subject: [PATCH] x86emul: {L,S}{G,I}DT ignore operand size overrides in 64-bit mode This affects not only the layout of the data (always 2+8 bytes), but also the contents (no truncation to 24 bits occurs). Signed-off-by: Jan Beulich Reviewed-by: Andrew Cooper Release-acked-by: Wei Liu --- xen/arch/x86/x86_emulate/x86_emulate.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/xen/arch/x86/x86_emulate/x86_emulate.c b/xen/arch/x86/x86_emulate/x86_emulate.c index 58e1ed8e87..ec748a0d28 100644 --- a/xen/arch/x86/x86_emulate/x86_emulate.c +++ b/xen/arch/x86/x86_emulate/x86_emulate.c @@ -4424,12 +4424,17 @@ x86_emulate( fail_if(ops->read_segment == NULL); if ( (rc = ops->read_segment(seg, &sreg, ctxt)) ) goto done; - if ( op_bytes == 2 ) + if ( mode_64bit() ) + op_bytes = 8; + else if ( op_bytes == 2 ) + { sreg.base &= 0xffffff; - if ( (rc = ops->write(ea.mem.seg, ea.mem.off+0, - &sreg.limit, 2, ctxt)) || - (rc = ops->write(ea.mem.seg, ea.mem.off+2, - &sreg.base, mode_64bit() ? 8 : 4, ctxt)) ) + op_bytes = 4; + } + if ( (rc = ops->write(ea.mem.seg, ea.mem.off, &sreg.limit, + 2, ctxt)) != X86EMUL_OKAY || + (rc = ops->write(ea.mem.seg, ea.mem.off + 2, &sreg.base, + op_bytes, ctxt)) != X86EMUL_OKAY ) goto done; break; case 2: /* lgdt */ @@ -4446,7 +4451,7 @@ x86_emulate( generate_exception_if(!is_canonical_address(base), EXC_GP, 0); sreg.base = base; sreg.limit = limit; - if ( op_bytes == 2 ) + if ( !mode_64bit() && op_bytes == 2 ) sreg.base &= 0xffffff; if ( (rc = ops->write_segment(seg, &sreg, ctxt)) ) goto done; -- 2.30.2