[Linux-6.12.y] XEN: CVE-2024-53241 / XSA-466 and Clang-kCFI

From: Sedat Dilek
Date: Thu Dec 19 2024 - 11:16:13 EST

Next message: Tejun Heo: "Re: [PATCH] workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker"
Previous message: Suren Baghdasaryan: "Re: [PATCH v6 10/16] mm: replace vm_lock and detached flag with a reference count"
Next in thread: Greg Kroah-Hartman: "Re: [Linux-6.12.y] XEN: CVE-2024-53241 / XSA-466 and Clang-kCFI"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

Linux v6.12.6 will include XEN CVE fixes from mainline.

Here, I use Debian/unstable AMD64 and the SLIM LLVM toolchain 19.1.x
from kernel.org.

What does it mean in ISSUE DESCRIPTION...

Furthermore, the hypercall page has no provision for Control-flow
Integrity schemes (e.g. kCFI/CET-IBT/FineIBT), and will simply
malfunction in such configurations.

...when someone uses Clang-kCFI?

My full kernel-config is attached.

Thanks in advance.

Best regards,
-Sedat-

https://xenbits.xen.org/xsa/advisory-466.html
https://www.phoronix.com/news/Xen-XSA-466-Linux
https://mirrors.edge.kernel.org/pub/tools/llvm/files/

Attachment: config-6.12.5-1-amd64-clang19-kcfi
Description: Binary data

Next message: Tejun Heo: "Re: [PATCH] workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker"
Previous message: Suren Baghdasaryan: "Re: [PATCH v6 10/16] mm: replace vm_lock and detached flag with a reference count"
Next in thread: Greg Kroah-Hartman: "Re: [Linux-6.12.y] XEN: CVE-2024-53241 / XSA-466 and Clang-kCFI"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]