From: Gleb Natapov <gleb@redhat.com>
Date: Tue, 11 Dec 2012 13:14:10 +0000 (+0200)
Subject: KVM: VMX: fix DPL during entry to protected mode
X-Git-Tag: Ubuntu-5.13.0-19.19~23255^2~2
X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;h=a4d3326c2de46fd7bcc47d1e8786efccfc152f81;p=mirror_ubuntu-jammy-kernel.git

KVM: VMX: fix DPL during entry to protected mode

On CPUs without support for unrestricted guests DPL cannot be smaller
than RPL for data segments during guest entry, but this state can occurs
if a data segment selector changes while vcpu is in real mode to a value
with lowest two bits != 00. Fix that by forcing DPL == RPL on transition
to protected mode.

This is a regression introduced by c865c43de66dc97.

Signed-off-by: Gleb Natapov <gleb@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
---

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 1a30fd5c3fb2..feab3d973b68 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -2766,6 +2766,7 @@ static void fix_pmode_dataseg(struct kvm_vcpu *vcpu, int seg, struct kvm_segment
 	if (!(vmcs_readl(sf->base) == tmp.base && tmp.s)) {
 		tmp.base = vmcs_readl(sf->base);
 		tmp.selector = vmcs_read16(sf->selector);
+		tmp.dpl = tmp.selector & SELECTOR_RPL_MASK;
 		tmp.s = 1;
 	}
 	vmx_set_segment(vcpu, &tmp, seg);