diff mbox

[2/2] x86/emul: Avoid #UD when emulating v{, u}comis{s, d}

Message ID 1488929565-15663-2-git-send-email-andrew.cooper3@citrix.com (mailing list archive)
State New, archived
Headers show

Commit Message

Andrew Cooper March 7, 2017, 11:32 p.m. UTC 
v{,u}comis{s,d} have two operands, so require vex.reg set to ~0.

Spotted by AFL
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Jan Beulich <JBeulich@suse.com>
---
 xen/arch/x86/x86_emulate/x86_emulate.c | 1 +
 1 file changed, 1 insertion(+)

Comments

Jan Beulich March 8, 2017, 8:30 a.m. UTC | #1 
>>> On 08.03.17 at 00:32, <andrew.cooper3@citrix.com> wrote:
> v{,u}comis{s,d} have two operands, so require vex.reg set to ~0.
> 
> Spotted by AFL
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>

Reviewed-by: Jan Beulich <jbeulich@suse.com>

I'm sorry for the oversight.

Jan
diff mbox

Patch

diff --git a/xen/arch/x86/x86_emulate/x86_emulate.c b/xen/arch/x86/x86_emulate/x86_emulate.c
index e09975c..08bd818 100644
--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -5673,6 +5673,7 @@  x86_emulate(
         }
         else
         {
+            generate_exception_if(vex.reg != 0xf, EXC_UD);
             host_and_vcpu_must_have(avx);
             get_fpu(X86EMUL_FPU_ymm, &fic);
         }