From eb6fa6f6dc51534508ca6089d0acdbe60983711d Mon Sep 17 00:00:00 2001
From: cracyc <cracyc@users.noreply.github.com>
Date: Tue, 20 May 2025 18:52:27 -0500
Subject: [PATCH] i386: check cpl in verr and verw

---
 src/devices/cpu/i386/i386.h       |  1 +
 src/devices/cpu/i386/i386op16.hxx | 13 ++++++++-----
 src/devices/cpu/i386/i386op32.hxx | 13 ++++++++-----
 3 files changed, 17 insertions(+), 10 deletions(-)

diff --git a/src/devices/cpu/i386/i386.h b/src/devices/cpu/i386/i386.h
index a7a5c0c7df7..9bc5a7b6bcd 100644
--- a/src/devices/cpu/i386/i386.h
+++ b/src/devices/cpu/i386/i386.h
@@ -15,6 +15,7 @@
 #include "divtlb.h"
 
 #include "i386dasm.h"
+#include <algorithm>
 
 #define INPUT_LINE_A20      1
 #define INPUT_LINE_SMI      2
diff --git a/src/devices/cpu/i386/i386op16.hxx b/src/devices/cpu/i386/i386op16.hxx
index a68c1656b1f..aa0223f0b18 100644
--- a/src/devices/cpu/i386/i386op16.hxx
+++ b/src/devices/cpu/i386/i386op16.hxx
@@ -3260,14 +3260,18 @@ void i386_device::i386_group0F00_16()          // Opcode 0x0f 00
 						{  // check if conforming, these are always readable, regardless of privilege
 							if(!(seg.flags & 0x04))
 							{
-								// if not conforming, then we must check privilege levels (TODO: current privilege level check)
-								if(((seg.flags >> 5) & 0x03) < (address & 0x03))
+								// if not conforming, then we must check privilege levels
+								if(((seg.flags >> 5) & 0x03) < std::max(m_CPL, (uint8_t)(address & 0x03)))
 									result = 0;
 							}
 						}
 					}
+					else
+					{
+						if(((seg.flags >> 5) & 0x03) < std::max(m_CPL, (uint8_t)(address & 0x03)))
+							result = 0;
+					}
 				}
-				// check that the descriptor privilege is greater or equal to the selector's privilege level and the current privilege (TODO)
 				SetZF(result);
 			}
 			else
@@ -3308,8 +3312,7 @@ void i386_device::i386_group0F00_16()          // Opcode 0x0f 00
 							result = 0;
 					}
 				}
-				// check that the descriptor privilege is greater or equal to the selector's privilege level and the current privilege (TODO)
-				if(((seg.flags >> 5) & 0x03) < (address & 0x03))
+				if(((seg.flags >> 5) & 0x03) < std::max(m_CPL, (uint8_t)(address & 0x03)))
 					result = 0;
 				SetZF(result);
 			}
diff --git a/src/devices/cpu/i386/i386op32.hxx b/src/devices/cpu/i386/i386op32.hxx
index 1bf3793ef45..ae61a21d594 100644
--- a/src/devices/cpu/i386/i386op32.hxx
+++ b/src/devices/cpu/i386/i386op32.hxx
@@ -3061,14 +3061,18 @@ void i386_device::i386_group0F00_32()          // Opcode 0x0f 00
 						{  // check if conforming, these are always readable, regardless of privilege
 							if(!(seg.flags & 0x04))
 							{
-								// if not conforming, then we must check privilege levels (TODO: current privilege level check)
-								if(((seg.flags >> 5) & 0x03) < (address & 0x03))
+								// if not conforming, then we must check privilege levels
+								if(((seg.flags >> 5) & 0x03) < std::max(m_CPL, (uint8_t)(address & 0x03)))
 									result = 0;
 							}
 						}
 					}
+					else
+					{
+						if(((seg.flags >> 5) & 0x03) < std::max(m_CPL, (uint8_t)(address & 0x03)))
+							result = 0;
+					}
 				}
-				// check that the descriptor privilege is greater or equal to the selector's privilege level and the current privilege (TODO)
 				SetZF(result);
 			}
 			else
@@ -3108,8 +3112,7 @@ void i386_device::i386_group0F00_32()          // Opcode 0x0f 00
 							result = 0;
 					}
 				}
-				// check that the descriptor privilege is greater or equal to the selector's privilege level and the current privilege (TODO)
-				if(((seg.flags >> 5) & 0x03) < (address & 0x03))
+				if(((seg.flags >> 5) & 0x03) < std::max(m_CPL, (uint8_t)(address & 0x03)))
 					result = 0;
 				SetZF(result);
 			}