Skip to content
Snippets Groups Projects
Commit dc82804d authored by Vitaly Kuznetsov's avatar Vitaly Kuznetsov
Browse files

KVM: x86: emulator: Fix illegal LEA handling 

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2119111



commit 4ac5b423
Author: Michal Luczaj <mhal@rbox.co>
Date:   Fri Jul 29 15:48:01 2022 +0200

    KVM: x86: emulator: Fix illegal LEA handling

    The emulator mishandles LEA with register source operand. Even though such
    LEA is illegal, it can be encoded and fed to CPU. In which case real
    hardware throws #UD. The emulator, instead, returns address of
    x86_emulate_ctxt._regs. This info leak hurts host's kASLR.

    Tell the decoder that illegal LEA is not to be emulated.

Signed-off-by: default avatarMichal Luczaj <mhal@rbox.co>
    Message-Id: <20220729134801.1120-1-mhal@rbox.co>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>

Signed-off-by: default avatarVitaly Kuznetsov <vkuznets@redhat.com>
parent 8630b2f8
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 5 additions and 1 deletion
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment