KVM: x86: emulator: Fix illegal LEA handling (4ac5b423) · Commits · CodeLinaro / la / kernel / msm · GitLab

Snippets Groups Projects

Commit 4ac5b423 authored 2 years ago by Michal Luczaj Committed by Paolo Bonzini 2 years ago

KVM: x86: emulator: Fix illegal LEA handling


The emulator mishandles LEA with register source operand. Even though such
LEA is illegal, it can be encoded and fed to CPU. In which case real
hardware throws #UD. The emulator, instead, returns address of
x86_emulate_ctxt._regs. This info leak hurts host's kASLR.

Tell the decoder that illegal LEA is not to be emulated.

Signed-off-by: Michal Luczaj <mhal@rbox.co>
Message-Id: <20220729134801.1120-1-mhal@rbox.co>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

parent 2bc685e6

No related branches found

No related tags found

No related merge requests found

Hide whitespace changes

Inline Side-by-side

Showing with 5 additions and 1 deletion

CodeLinaro @codelinaro
mentioned in commit dc82804d
· 2 years ago

mentioned in commit dc82804d

mentioned in commit dc82804d7ad735359ee1d7a2b712c0cede311163

Toggle commit list

Please register or to comment