Changeset 43068 in vbox

Timestamp:

Aug 29, 2012 11:37:14 AM (13 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

80410

Message:

recompiler: Missing privilege check for task gate switches (Fixes kernel panic when invoking the double fault handler from user space on Linux and maybe other guests)

File:

: 1 edited

trunk/src/recompiler/target-i386/op_helper.c (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/src/recompiler/target-i386/op_helper.c

-              r42829
+              r43068
     switch(type) {
     case 5: /* task gate */
+#ifdef VBOX
+        dpl = (e2 >> DESC_DPL_SHIFT) & 3;
+        cpl = env->hflags & HF_CPL_MASK;
+        /* check privilege if software int */
+        if (is_int && dpl < cpl)
+            raise_exception_err(EXCP0D_GPF, intno * 8 + 2);
+#endif
         /* must do that check here to return the correct error code */
         if (!(e2 & DESC_P_MASK))

Note: See TracChangeset for help on using the changeset viewer.

Changeset 43068 in vbox

Legend:

trunk/src/recompiler/target-i386/op_helper.c

Download in other formats: