KVM: emulator: Fix permission checking in io permission bitmap

Currently if io port + len crosses 8bit boundary in io permission bitmap the
check may allow IO that otherwise should not be allowed. The patch fixes that.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Avi Kivity <avi@redhat.com>
This commit is contained in:
Gleb Natapov 2011-03-07 14:55:07 +02:00 committed by Marcelo Tosatti
parent 5601d05b8c
commit 399a40c92d

View File

@ -1769,8 +1769,7 @@ static bool emulator_io_port_access_allowed(struct x86_emulate_ctxt *ctxt,
struct desc_struct tr_seg; struct desc_struct tr_seg;
u32 base3; u32 base3;
int r; int r;
u16 io_bitmap_ptr; u16 io_bitmap_ptr, perm, bit_idx = port & 0x7;
u8 perm, bit_idx = port & 0x7;
unsigned mask = (1 << len) - 1; unsigned mask = (1 << len) - 1;
unsigned long base; unsigned long base;
@ -1788,7 +1787,7 @@ static bool emulator_io_port_access_allowed(struct x86_emulate_ctxt *ctxt,
return false; return false;
if (io_bitmap_ptr + port/8 > desc_limit_scaled(&tr_seg)) if (io_bitmap_ptr + port/8 > desc_limit_scaled(&tr_seg))
return false; return false;
r = ops->read_std(base + io_bitmap_ptr + port/8, &perm, 1, ctxt->vcpu, r = ops->read_std(base + io_bitmap_ptr + port/8, &perm, 2, ctxt->vcpu,
NULL); NULL);
if (r != X86EMUL_CONTINUE) if (r != X86EMUL_CONTINUE)
return false; return false;