[Xen-devel] [PATCH] x86emul: correct behavior for single iteration REP INS/OUTS

Jan Beulich Wed, 01 Feb 2017 03:00:08 -0800

The initial operation done on these paths may raise an exception (for
->read_io() that's possible only on the PV path, when the I/O port
access check has been deferred). We have to suppress put_rep_prefix()
updating rCX in that case. From an abstract perspective this also
applies to RETRY being returned.


Reported-by: Wei Liu <wei.l...@citrix.com>
Signed-off-by: Jan Beulich <jbeul...@suse.com>

--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -3116,7 +3116,7 @@ x86_emulate(
         if ( nr_reps == 1 && ops->read_io && ops->write )
         {
             rc = ops->read_io(port, dst.bytes, &dst.val, ctxt);
-            if ( rc == X86EMUL_OKAY )
+            if ( rc != X86EMUL_UNHANDLEABLE )
                 nr_reps = 0;
         }
         if ( (nr_reps > 1 || rc == X86EMUL_UNHANDLEABLE) && ops->rep_ins )
@@ -3157,7 +3157,7 @@ x86_emulate(
         {
             rc = read_ulong(ea.mem.seg, ea.mem.off, &dst.val, dst.bytes,
                             ctxt, ops);
-            if ( rc == X86EMUL_OKAY )
+            if ( rc != X86EMUL_UNHANDLEABLE )
                 nr_reps = 0;
         }
         if ( (nr_reps > 1 || rc == X86EMUL_UNHANDLEABLE) && ops->rep_outs )

x86emul: correct behavior for single iteration REP INS/OUTS

The initial operation done on these paths may raise an exception (for
->read_io() that's possible only on the PV path, when the I/O port
access check has been deferred). We have to suppress put_rep_prefix()
updating rCX in that case. From an abstract perspective this also
applies to RETRY being returned.

Reported-by: Wei Liu <wei.l...@citrix.com>
Signed-off-by: Jan Beulich <jbeul...@suse.com>

--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -3116,7 +3116,7 @@ x86_emulate(
         if ( nr_reps == 1 && ops->read_io && ops->write )
         {
             rc = ops->read_io(port, dst.bytes, &dst.val, ctxt);
-            if ( rc == X86EMUL_OKAY )
+            if ( rc != X86EMUL_UNHANDLEABLE )
                 nr_reps = 0;
         }
         if ( (nr_reps > 1 || rc == X86EMUL_UNHANDLEABLE) && ops->rep_ins )
@@ -3157,7 +3157,7 @@ x86_emulate(
         {
             rc = read_ulong(ea.mem.seg, ea.mem.off, &dst.val, dst.bytes,
                             ctxt, ops);
-            if ( rc == X86EMUL_OKAY )
+            if ( rc != X86EMUL_UNHANDLEABLE )
                 nr_reps = 0;
         }
         if ( (nr_reps > 1 || rc == X86EMUL_UNHANDLEABLE) && ops->rep_outs )

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

[Xen-devel] [PATCH] x86emul: correct behavior for single iteration REP INS/OUTS

Reply via email to