diff options
author | Laurent Vivier <Laurent.Vivier@bull.net> | 2007-09-25 13:36:40 +0200 |
---|---|---|
committer | Avi Kivity <avi@qumranet.com> | 2008-01-30 17:52:49 +0200 |
commit | b4c6abfef400c0f74d9b86a149a6719706cfdbbc (patch) | |
tree | f524e25db195f40aa70b7abf9f87ccabf137354b | |
parent | a22436b7b8ec9b14a0451d9ac0fdc9d370bd7800 (diff) |
KVM: x86 emulator: Any legacy prefix after a REX prefix nullifies its effect
This patch modifies the management of REX prefix according behavior
I saw in Xen 3.1. In Xen, this modification has been introduced by
Jan Beulich.
http://lists.xensource.com/archives/html/xen-changelog/2007-01/msg00081.html
Signed-off-by: Laurent Vivier <Laurent.Vivier@bull.net>
Signed-off-by: Avi Kivity <avi@qumranet.com>
-rw-r--r-- | drivers/kvm/x86_emulate.c | 24 |
1 files changed, 15 insertions, 9 deletions
diff --git a/drivers/kvm/x86_emulate.c b/drivers/kvm/x86_emulate.c index 0afe660aec4..e294d840957 100644 --- a/drivers/kvm/x86_emulate.c +++ b/drivers/kvm/x86_emulate.c @@ -521,7 +521,6 @@ x86_decode_insn(struct x86_emulate_ctxt *ctxt, struct x86_emulate_ops *ops) { struct decode_cache *c = &ctxt->decode; u8 sib, rex_prefix = 0; - unsigned int i; int rc = 0; int mode = ctxt->mode; int index_reg = 0, base_reg = 0, scale, rip_relative = 0; @@ -551,7 +550,7 @@ x86_decode_insn(struct x86_emulate_ctxt *ctxt, struct x86_emulate_ops *ops) } /* Legacy prefixes. */ - for (i = 0; i < 8; i++) { + for (;;) { switch (c->b = insn_fetch(u8, 1, c->eip)) { case 0x66: /* operand-size override */ c->op_bytes ^= 6; /* switch between 2/4 bytes */ @@ -582,6 +581,11 @@ x86_decode_insn(struct x86_emulate_ctxt *ctxt, struct x86_emulate_ops *ops) case 0x36: /* SS override */ c->override_base = &ctxt->ss_base; break; + case 0x40 ... 0x4f: /* REX */ + if (mode != X86EMUL_MODE_PROT64) + goto done_prefixes; + rex_prefix = c->b; + continue; case 0xf0: /* LOCK */ c->lock_prefix = 1; break; @@ -592,19 +596,21 @@ x86_decode_insn(struct x86_emulate_ctxt *ctxt, struct x86_emulate_ops *ops) default: goto done_prefixes; } + + /* Any legacy prefix after a REX prefix nullifies its effect. */ + + rex_prefix = 0; } done_prefixes: /* REX prefix. */ - if ((mode == X86EMUL_MODE_PROT64) && ((c->b & 0xf0) == 0x40)) { - rex_prefix = c->b; - if (c->b & 8) + if (rex_prefix) { + if (rex_prefix & 8) c->op_bytes = 8; /* REX.W */ - c->modrm_reg = (c->b & 4) << 1; /* REX.R */ - index_reg = (c->b & 2) << 2; /* REX.X */ - c->modrm_rm = base_reg = (c->b & 1) << 3; /* REG.B */ - c->b = insn_fetch(u8, 1, c->eip); + c->modrm_reg = (rex_prefix & 4) << 1; /* REX.R */ + index_reg = (rex_prefix & 2) << 2; /* REX.X */ + c->modrm_rm = base_reg = (rex_prefix & 1) << 3; /* REG.B */ } /* Opcode byte(s). */ |