From f2d4f4ba80de8a03a1b0f300d271715a88a8433d Mon Sep 17 00:00:00 2001
From: Jan Beulich <jbeulich@suse.com>
Date: Fri, 20 Jan 2017 14:37:33 +0100
Subject: [PATCH] x86emul: LOCK check adjustments

BT, being encoded as DstBitBase just like BT{C,R,S}, nevertheless does
not write its (register or memory) operand and hence also doesn't allow
a LOCK prefix to be used.

At the same time CLAC/STAC have no need to explicitly check lock_prefix
- this is being taken care of by generic code.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
 xen/arch/x86/x86_emulate/x86_emulate.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/xen/arch/x86/x86_emulate/x86_emulate.c b/xen/arch/x86/x86_emulate/x86_emulate.c
index 520311f930..1c76379bb6 100644
--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -4668,8 +4668,7 @@ x86_emulate(
         case 0xca: /* clac */
         case 0xcb: /* stac */
             vcpu_must_have(smap);
-            generate_exception_if(lock_prefix || vex.pfx || !mode_ring0(),
-                                  EXC_UD);
+            generate_exception_if(vex.pfx || !mode_ring0(), EXC_UD);
 
             _regs._eflags &= ~EFLG_AC;
             if ( modrm == 0xcb )
@@ -5475,6 +5474,7 @@ x86_emulate(
         break;
 
     case X86EMUL_OPC(0x0f, 0xa3): bt: /* bt */
+        generate_exception_if(lock_prefix, EXC_UD);
         emulate_2op_SrcV_nobyte("bt", src, dst, _regs._eflags);
         dst.type = OP_NONE;
         break;
-- 
2.30.2