rpms/qemu
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
cf8819083b
qemu/0003-target-ppc-fix-xscmpodp-and-xscmpudp-decoding.patch
Cole Robinson cf8819083b CVE-2015-6815: net: e1000: infinite loop issue (bz #1260225) 
CVE-2015-6855: ide: divide by zero issue (bz #1261793)
CVE-2015-5278: Infinite loop in ne2000_receive() (bz #1263284)
CVE-2015-5279: Heap overflow vulnerability in ne2000_receive() (bz #1263287)
2015-09-21 18:01:46 -04:00

50 lines
2.2 KiB
Diff
Raw Blame History

From: Aurelien Jarno <aurelien@aurel32.net>
Date: Sun, 13 Sep 2015 23:03:45 +0200
Subject: [PATCH] target-ppc: fix xscmpodp and xscmpudp decoding
The xscmpodp and xscmpudp instructions only have the AX, BX bits in
there encoding, the lowest bit (usually TX) is marked as an invalid
bit. We therefore can't decode them with GEN_XX2FORM, which decodes
the two lowest bit.
Introduce a new form GEN_XX2FORM, which decodes AX and BX and mark
the lowest bit as invalid.
Cc: Tom Musta <tommusta@gmail.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: qemu-stable@nongnu.org
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
---
target-ppc/translate.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/target-ppc/translate.c b/target-ppc/translate.c
index 84c5cea..c0eed13 100644
--- a/target-ppc/translate.c
+++ b/target-ppc/translate.c
@@ -10670,6 +10670,13 @@ GEN_HANDLER2_E(name, #name, 0x3C, opc2 | 1, opc3, 0, PPC_NONE, fl2), \
GEN_HANDLER2_E(name, #name, 0x3C, opc2 | 2, opc3, 0, PPC_NONE, fl2), \
GEN_HANDLER2_E(name, #name, 0x3C, opc2 | 3, opc3, 0, PPC_NONE, fl2)
+#undef GEN_XX2IFORM
+#define GEN_XX2IFORM(name, opc2, opc3, fl2) \
+GEN_HANDLER2_E(name, #name, 0x3C, opc2 | 0, opc3, 1, PPC_NONE, fl2), \
+GEN_HANDLER2_E(name, #name, 0x3C, opc2 | 1, opc3, 1, PPC_NONE, fl2), \
+GEN_HANDLER2_E(name, #name, 0x3C, opc2 | 2, opc3, 1, PPC_NONE, fl2), \
+GEN_HANDLER2_E(name, #name, 0x3C, opc2 | 3, opc3, 1, PPC_NONE, fl2)
+
#undef GEN_XX3_RC_FORM
#define GEN_XX3_RC_FORM(name, opc2, opc3, fl2) \
GEN_HANDLER2_E(name, #name, 0x3C, opc2 | 0x00, opc3 | 0x00, 0, PPC_NONE, fl2), \
@@ -10731,8 +10738,8 @@ GEN_XX3FORM(xsnmaddadp, 0x04, 0x14, PPC2_VSX),
GEN_XX3FORM(xsnmaddmdp, 0x04, 0x15, PPC2_VSX),
GEN_XX3FORM(xsnmsubadp, 0x04, 0x16, PPC2_VSX),
GEN_XX3FORM(xsnmsubmdp, 0x04, 0x17, PPC2_VSX),
-GEN_XX2FORM(xscmpodp, 0x0C, 0x05, PPC2_VSX),
-GEN_XX2FORM(xscmpudp, 0x0C, 0x04, PPC2_VSX),
+GEN_XX2IFORM(xscmpodp, 0x0C, 0x05, PPC2_VSX),
+GEN_XX2IFORM(xscmpudp, 0x0C, 0x04, PPC2_VSX),
GEN_XX3FORM(xsmaxdp, 0x00, 0x14, PPC2_VSX),
GEN_XX3FORM(xsmindp, 0x00, 0x15, PPC2_VSX),
GEN_XX2FORM(xscvdpsp, 0x12, 0x10, PPC2_VSX),
Reference in New Issue View Git Blame Copy Permalink