System gates with type 0 shouldn't have what might be their DPL altered
- such descriptors can't be used anyway without incurring a #GP, and
hence adjusting its DPL is only risking to confuse the guest.
Also bail right away for non-present descriptors - no need to write
back anything in that case.
Signed-off-by: Jan Beulich <jbeul...@suse.com>
---
v2: Broken out from a larger patch.
--- a/xen/arch/x86/x86_64/mm.c
+++ b/xen/arch/x86/x86_64/mm.c
@@ -1088,7 +1088,7 @@ int check_descriptor(const struct domain
/* A not-present descriptor will always fault, so is safe. */
if ( !(b & _SEGMENT_P) )
- goto good;
+ return 1;
/* Check and fix up the DPL. */
dpl = (b >> 13) & 3;
@@ -1130,7 +1130,7 @@ int check_descriptor(const struct domain
/* Invalid type 0 is harmless. It is used for 2nd half of a call gate. */
if ( (b & _SEGMENT_TYPE) == 0x000 )
- goto good;
+ return 1;
/* Everything but a call gate is discarded here. */
if ( (b & _SEGMENT_TYPE) != 0xc00 )
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
