Re: [PATCH 3.13.y-ckt 100/103] KVM: x86: Fix of previously incomplete fix for CVE-2014-8480
From: Kamal Mostafa
Date: Tue Feb 24 2015 - 11:00:03 EST
On Wed, 2015-02-18 at 16:33 -0800, Kamal Mostafa wrote:
> 3.13.11-ckt16 -stable review patch. If anyone has any objections, please let me know.
>
> ------------------
>
> From: Nadav Amit <nadav.amit@xxxxxxxxx>
>
> commit 63ea0a49ae0b145b91ff2b070c01b66fc75854b9 upstream.
>
> STR and SLDT with rip-relative operand can cause a host kernel oops.
> Mark them as DstMem as well.
Dropping this one from 3.13-stable, per Nadav's advice to other pre-3.17
stables.
-Kamal
> Signed-off-by: Nadav Amit <namit@xxxxxxxxxxxxxxxxx>
> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
> Signed-off-by: Kamal Mostafa <kamal@xxxxxxxxxxxxx>
> ---
> arch/x86/kvm/emulate.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
> index 4919b95..569c8ed 100644
> --- a/arch/x86/kvm/emulate.c
> +++ b/arch/x86/kvm/emulate.c
> @@ -3733,8 +3733,8 @@ static const struct opcode group5[] = {
> };
>
> static const struct opcode group6[] = {
> - DI(Prot, sldt),
> - DI(Prot, str),
> + DI(Prot | DstMem, sldt),
> + DI(Prot | DstMem, str),
> II(Prot | Priv | SrcMem16, em_lldt, lldt),
> II(Prot | Priv | SrcMem16, em_ltr, ltr),
> N, N, N, N,
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/