kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/sysutils/xenkernel42/patches/patch-CVE-2015-8555
bouyer cbfec52636 pply patches from Xen repository, fixing: 
CVE-2015-5307 and CVE-2015-8104 aka XSA-156
CVE-2015-8339 and CVE-2015-8340 aka XSA-159
CVE-2015-8555 aka XSA-165
XSA-166
CVE-2015-8550 aka XSA-155
CVE-2015-8554 aka XSA-164
Bump pkgrevision
2016-01-07 17:53:58 +00:00

80 lines
2.1 KiB
Text
Raw Blame History

$NetBSD: patch-CVE-2015-8555,v 1.1 2016/01/07 17:53:58 bouyer Exp $
Patch for CVE-2015-8555 aka XSA-165, based on
http://xenbits.xenproject.org/xsa/xsa165-4.3.patch
--- xen/arch/x86/domain.c.orig
+++ xen/arch/x86/domain.c
@@ -730,6 +730,17 @@ int arch_set_info_guest(
if ( flags & VGCF_I387_VALID )
memcpy(v->arch.fpu_ctxt, &c.nat->fpu_ctxt, sizeof(c.nat->fpu_ctxt));
+ else if ( v->arch.xsave_area )
+ memset(&v->arch.xsave_area->xsave_hdr, 0,
+ sizeof(v->arch.xsave_area->xsave_hdr));
+ else
+ {
+ typeof(v->arch.xsave_area->fpu_sse) *fpu_sse = v->arch.fpu_ctxt;
+
+ memset(fpu_sse, 0, sizeof(*fpu_sse));
+ fpu_sse->fcw = FCW_DEFAULT;
+ fpu_sse->mxcsr = MXCSR_DEFAULT;
+ }
if ( !compat )
{
--- xen/arch/x86/i387.c.orig
+++ xen/arch/x86/i387.c
@@ -17,19 +17,6 @@
#include <asm/xstate.h>
#include <asm/asm_defns.h>
-static void fpu_init(void)
-{
- unsigned long val;
-
- asm volatile ( "fninit" );
- if ( cpu_has_xmm )
- {
- /* load default value into MXCSR control/status register */
- val = MXCSR_DEFAULT;
- asm volatile ( "ldmxcsr %0" : : "m" (val) );
- }
-}
-
/*******************************/
/* FPU Restore Functions */
/*******************************/
@@ -254,15 +241,8 @@ void vcpu_restore_fpu_lazy(struct vcpu *
if ( cpu_has_xsave )
fpu_xrstor(v, XSTATE_LAZY);
- else if ( v->fpu_initialised )
- {
- if ( cpu_has_fxsr )
- fpu_fxrstor(v);
- else
- fpu_frstor(v);
- }
else
- fpu_init();
+ fpu_fxrstor(v);
v->fpu_initialised = 1;
v->fpu_dirtied = 1;
@@ -323,7 +303,14 @@ int vcpu_init_fpu(struct vcpu *v)
else
{
v->arch.fpu_ctxt = _xzalloc(sizeof(v->arch.xsave_area->fpu_sse), 16);
- if ( !v->arch.fpu_ctxt )
+ if ( v->arch.fpu_ctxt )
+ {
+ typeof(v->arch.xsave_area->fpu_sse) *fpu_sse = v->arch.fpu_ctxt;
+
+ fpu_sse->fcw = FCW_DEFAULT;
+ fpu_sse->mxcsr = MXCSR_DEFAULT;
+ }
+ else
{
rc = -ENOMEM;
goto done;
Reference in a new issue View git blame Copy permalink