From mboxrd@z Thu Jan 1 00:00:00 1970 From: Nadav Amit Subject: [PATCH 06/21] KVM: x86: Emulator MOV-sreg uses incorrect size Date: Sun, 2 Nov 2014 11:54:46 +0200 Message-ID: <1414922101-17626-7-git-send-email-namit@cs.technion.ac.il> References: <1414922101-17626-1-git-send-email-namit@cs.technion.ac.il> Cc: kvm@vger.kernel.org, nadav.amit@gmail.com, Nadav Amit To: pbonzini@redhat.com Return-path: Received: from mailgw12.technion.ac.il ([132.68.225.12]:52328 "EHLO mailgw12.technion.ac.il" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751280AbaKBJz0 (ORCPT ); Sun, 2 Nov 2014 04:55:26 -0500 In-Reply-To: <1414922101-17626-1-git-send-email-namit@cs.technion.ac.il> Sender: kvm-owner@vger.kernel.org List-ID: In x86, you cannot MOV-sreg to memory is either 16-bits or 64-bits. When destination is registers, and the operand size is 32-bits, the high 16-bits in modern CPUs is filled with zero. In contrast, KVM may write to memory 32-bits on MOV-sreg. This patch fixes KVM behavior, and sets the destination operand size to two, if the destination is memory. Signed-off-by: Nadav Amit --- arch/x86/kvm/emulate.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c index 273c37e..f456783 100644 --- a/arch/x86/kvm/emulate.c +++ b/arch/x86/kvm/emulate.c @@ -3187,6 +3187,8 @@ static int em_mov_rm_sreg(struct x86_emulate_ctxt *ctxt) return emulate_ud(ctxt); ctxt->dst.val = get_segment_selector(ctxt, ctxt->modrm_reg); + if (ctxt->dst.bytes == 4 && ctxt->dst.type == OP_MEM) + ctxt->dst.bytes = 2; return X86EMUL_CONTINUE; } -- 1.9.1