diff options
Diffstat (limited to 'sysutils/xenkernel41/patches/patch-CVE-2015-7835')
-rw-r--r-- | sysutils/xenkernel41/patches/patch-CVE-2015-7835 | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/sysutils/xenkernel41/patches/patch-CVE-2015-7835 b/sysutils/xenkernel41/patches/patch-CVE-2015-7835 new file mode 100644 index 00000000000..9b38ab4435e --- /dev/null +++ b/sysutils/xenkernel41/patches/patch-CVE-2015-7835 @@ -0,0 +1,45 @@ +$NetBSD: patch-CVE-2015-7835,v 1.1 2015/10/29 20:29:56 bouyer Exp $ + +Patch for CVE-2015-7835 aka XSA-148 based on +http://xenbits.xenproject.org/xsa/xsa148-4.4.patch + +--- xen/include/asm-x86/x86_32/page.h.orig 2015-10-29 20:35:24.000000000 +0100 ++++ xen/include/asm-x86/x86_32/page.h 2015-10-29 20:38:02.000000000 +0100 +@@ -130,7 +130,9 @@ + #define BASE_DISALLOW_MASK (0xFFFFF198U & ~_PAGE_NX) + + #define L1_DISALLOW_MASK (BASE_DISALLOW_MASK | _PAGE_GNTTAB) +-#define L2_DISALLOW_MASK (BASE_DISALLOW_MASK & ~_PAGE_PSE) ++#define L2_DISALLOW_MASK (unlikely(opt_allow_superpage) \ ++ ? BASE_DISALLOW_MASK & ~_PAGE_PSE \ ++ : BASE_DISALLOW_MASK ) + #define L3_DISALLOW_MASK 0xFFFFF1FEU /* must-be-zero */ + + #endif /* __X86_32_PAGE_H__ */ +--- xen/include/asm-x86/x86_64/page.h.orig 2015-10-29 20:35:36.000000000 +0100 ++++ xen/include/asm-x86/x86_64/page.h 2015-10-29 20:37:33.000000000 +0100 +@@ -167,7 +167,9 @@ + #define BASE_DISALLOW_MASK (0xFF800198U & ~_PAGE_NX) + + #define L1_DISALLOW_MASK (BASE_DISALLOW_MASK | _PAGE_GNTTAB) +-#define L2_DISALLOW_MASK (BASE_DISALLOW_MASK & ~_PAGE_PSE) ++#define L2_DISALLOW_MASK (unlikely(opt_allow_superpage) \ ++ ? BASE_DISALLOW_MASK & ~_PAGE_PSE \ ++ : BASE_DISALLOW_MASK ) + #define L3_DISALLOW_MASK (BASE_DISALLOW_MASK) + #define L4_DISALLOW_MASK (BASE_DISALLOW_MASK) + +--- xen/arch/x86/mm.c.orig 2015-10-29 20:30:55.000000000 +0100 ++++ xen/arch/x86/mm.c 2015-10-29 20:32:56.000000000 +0100 +@@ -1898,7 +1898,10 @@ + } + + /* Fast path for identical mapping and presence. */ +- if ( !l2e_has_changed(ol2e, nl2e, _PAGE_PRESENT) ) ++ if ( !l2e_has_changed(ol2e, nl2e, ++ unlikely(opt_allow_superpage) ++ ? _PAGE_PSE | _PAGE_RW | _PAGE_PRESENT ++ : _PAGE_PRESENT) ) + { + adjust_guest_l2e(nl2e, d); + rc = UPDATE_ENTRY(l2, pl2e, ol2e, nl2e, pfn, vcpu, preserve_ad); |