Message ID | 57EE86710200007800114497@prv-mh.provo.novell.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
On 30/09/16 14:36, Jan Beulich wrote: > System gates with type 0 shouldn't have what might be their DPL altered > - such descriptors can't be used anyway without incurring a #GP, and > hence adjusting its DPL is only risking to confuse the guest. > > Also bail right away for non-present descriptors - no need to write > back anything in that case. > > Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
--- a/xen/arch/x86/x86_64/mm.c +++ b/xen/arch/x86/x86_64/mm.c @@ -1088,7 +1088,7 @@ int check_descriptor(const struct domain /* A not-present descriptor will always fault, so is safe. */ if ( !(b & _SEGMENT_P) ) - goto good; + return 1; /* Check and fix up the DPL. */ dpl = (b >> 13) & 3; @@ -1130,7 +1130,7 @@ int check_descriptor(const struct domain /* Invalid type 0 is harmless. It is used for 2nd half of a call gate. */ if ( (b & _SEGMENT_TYPE) == 0x000 ) - goto good; + return 1; /* Everything but a call gate is discarded here. */ if ( (b & _SEGMENT_TYPE) != 0xc00 )
System gates with type 0 shouldn't have what might be their DPL altered - such descriptors can't be used anyway without incurring a #GP, and hence adjusting its DPL is only risking to confuse the guest. Also bail right away for non-present descriptors - no need to write back anything in that case. Signed-off-by: Jan Beulich <jbeulich@suse.com> --- v2: Broken out from a larger patch.