KVM: Fix vmload and friends misinterpreted as lidt

The AMD SVM instruction family all overload the 0f 01 /3 opcode, further multiplexing on the three r/m bits. But the code decided that anything that isn't a vmmcall must be an lidt (which shares the 0f 01 /3 opcode, for the case that mod = 3). Fix by aborting emulation if this isn't a vmmcall. Signed-off-by: Avi Kivity <avi@redhat.com>
author: Avi Kivity <avi@redhat.com> 2008-12-23 19:46:01 +0200
committer: Avi Kivity <avi@redhat.com> 2008-12-23 19:49:42 +0200
commit: e72dcf1240f59174ff7c18bd461021a00ed3e38c (patch)
tree: 45949ea38e0efc3117dd3875510e0b65c958f3c5
parent: 4a7bd5672d388e33398e7cf4d1e7f76328e9608d (diff)
1 files changed, 10 insertions, 5 deletions
diff --git a/arch/x86/kvm/x86_emulate.c b/arch/x86/kvm/x86_emulate.c
index d174db7a3370..54fb09889a80 100644
--- a/arch/x86/kvm/x86_emulate.c
+++ b/arch/x86/kvm/x86_emulate.c
@@ -1908,11 +1908,16 @@ twobyte_insn:
 			c->dst.type = OP_NONE;
 			break;
 		case 3: /* lidt/vmmcall */
-			if (c->modrm_mod == 3 && c->modrm_rm == 1) {
-				rc = kvm_fix_hypercall(ctxt->vcpu);
-				if (rc)
-					goto done;
-				kvm_emulate_hypercall(ctxt->vcpu);
+			if (c->modrm_mod == 3) {
+				switch (c->modrm_rm) {
+				case 1:
+					rc = kvm_fix_hypercall(ctxt->vcpu);
+					if (rc)
+						goto done;
+					break;
+				default:
+					goto cannot_emulate;
+				}
 			} else {
 				rc = read_descriptor(ctxt, ops, c->src.ptr,
 						     &size, &address,
author	Avi Kivity <avi@redhat.com>	2008-12-23 19:46:01 +0200
committer	Avi Kivity <avi@redhat.com>	2008-12-23 19:49:42 +0200
commit	e72dcf1240f59174ff7c18bd461021a00ed3e38c (patch)
tree	45949ea38e0efc3117dd3875510e0b65c958f3c5
parent	4a7bd5672d388e33398e7cf4d1e7f76328e9608d (diff)