This is a note to let you know that I've just added the patch titled
KVM: x86: Emulator does not decode clflush well
to the 3.17-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
kvm-x86-emulator-does-not-decode-clflush-well.patch
and it can be found in the queue-3.17 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From 13e457e0eebf0a0c82c38ceb890d93eb826d62a6 Mon Sep 17 00:00:00 2001
From: Nadav Amit <namit@xxxxxxxxxxxxxxxxx>
Date: Mon, 13 Oct 2014 13:04:13 +0300
Subject: KVM: x86: Emulator does not decode clflush well
From: Nadav Amit <namit@xxxxxxxxxxxxxxxxx>
commit 13e457e0eebf0a0c82c38ceb890d93eb826d62a6 upstream.
Currently, all group15 instructions are decoded as clflush (e.g., mfence,
xsave). In addition, the clflush instruction requires no prefix (66/f2/f3)
would exist. If prefix exists it may encode a different instruction (e.g.,
clflushopt).
Creating a group for clflush, and different group for each prefix.
This has been the case forever, but the next patch needs the cflush group
in order to fix a bug introduced in 3.17.
Fixes: 41061cdb98a0bec464278b4db8e894a3121671f5
Signed-off-by: Nadav Amit <namit@xxxxxxxxxxxxxxxxx>
Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
arch/x86/kvm/emulate.c | 20 +++++++++++++++++---
1 file changed, 17 insertions(+), 3 deletions(-)
--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
@@ -3376,6 +3376,12 @@ static int em_bswap(struct x86_emulate_c
return X86EMUL_CONTINUE;
}
+static int em_clflush(struct x86_emulate_ctxt *ctxt)
+{
+ /* emulating clflush regardless of cpuid */
+ return X86EMUL_CONTINUE;
+}
+
static bool valid_cr(int nr)
{
switch (nr) {
@@ -3708,6 +3714,16 @@ static const struct opcode group11[] = {
X7(D(Undefined)),
};
+static const struct gprefix pfx_0f_ae_7 = {
+ I(0, em_clflush), N, N, N,
+};
+
+static const struct group_dual group15 = { {
+ N, N, N, N, N, N, N, GP(0, &pfx_0f_ae_7),
+}, {
+ N, N, N, N, N, N, N, N,
+} };
+
static const struct gprefix pfx_0f_6f_0f_7f = {
I(Mmx, em_mov), I(Sse | Aligned, em_mov), N, I(Sse | Unaligned, em_mov),
};
@@ -3967,7 +3983,7 @@ static const struct opcode twobyte_table
F(DstMem | SrcReg | ModRM | BitOp | Lock | PageTable, em_bts),
F(DstMem | SrcReg | Src2ImmByte | ModRM, em_shrd),
F(DstMem | SrcReg | Src2CL | ModRM, em_shrd),
- D(ModRM), F(DstReg | SrcMem | ModRM, em_imul),
+ GD(0, &group15), F(DstReg | SrcMem | ModRM, em_imul),
/* 0xB0 - 0xB7 */
I2bv(DstMem | SrcReg | ModRM | Lock | PageTable, em_cmpxchg),
I(DstReg | SrcMemFAddr | ModRM | Src2SS, em_lseg),
@@ -4894,8 +4910,6 @@ twobyte_insn:
case 0x90 ... 0x9f: /* setcc r/m8 */
ctxt->dst.val = test_cc(ctxt->b, ctxt->eflags);
break;
- case 0xae: /* clflush */
- break;
case 0xb6 ... 0xb7: /* movzx */
ctxt->dst.bytes = ctxt->op_bytes;
ctxt->dst.val = (ctxt->src.bytes == 1) ? (u8) ctxt->src.val
Patches currently in stable-queue which might be from namit@xxxxxxxxxxxxxxxxx are
queue-3.17/kvm-x86-emulator-fixes-for-eip-canonical-checks-on-near-branches.patch
queue-3.17/kvm-x86-check-non-canonical-addresses-upon-wrmsr.patch
queue-3.17/kvm-x86-handle-errors-when-rip-is-set-during-far-jumps.patch
queue-3.17/kvm-x86-emulator-does-not-decode-clflush-well.patch
queue-3.17/kvm-x86-prefetch-and-hint_nop-should-have-srcmem-flag.patch
queue-3.17/kvm-x86-fix-wrong-masking-on-relative-jump-call.patch
queue-3.17/kvm-x86-decoding-guest-instructions-which-cross-page-boundary-may-fail.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html