summaryrefslogtreecommitdiff
path: root/sysutils/xenkernel41/patches/patch-CVE-2015-7835
diff options
context:
space:
mode:
Diffstat (limited to 'sysutils/xenkernel41/patches/patch-CVE-2015-7835')
-rw-r--r--sysutils/xenkernel41/patches/patch-CVE-2015-783545
1 files changed, 45 insertions, 0 deletions
diff --git a/sysutils/xenkernel41/patches/patch-CVE-2015-7835 b/sysutils/xenkernel41/patches/patch-CVE-2015-7835
new file mode 100644
index 00000000000..9b38ab4435e
--- /dev/null
+++ b/sysutils/xenkernel41/patches/patch-CVE-2015-7835
@@ -0,0 +1,45 @@
+$NetBSD: patch-CVE-2015-7835,v 1.1 2015/10/29 20:29:56 bouyer Exp $
+
+Patch for CVE-2015-7835 aka XSA-148 based on
+http://xenbits.xenproject.org/xsa/xsa148-4.4.patch
+
+--- xen/include/asm-x86/x86_32/page.h.orig 2015-10-29 20:35:24.000000000 +0100
++++ xen/include/asm-x86/x86_32/page.h 2015-10-29 20:38:02.000000000 +0100
+@@ -130,7 +130,9 @@
+ #define BASE_DISALLOW_MASK (0xFFFFF198U & ~_PAGE_NX)
+
+ #define L1_DISALLOW_MASK (BASE_DISALLOW_MASK | _PAGE_GNTTAB)
+-#define L2_DISALLOW_MASK (BASE_DISALLOW_MASK & ~_PAGE_PSE)
++#define L2_DISALLOW_MASK (unlikely(opt_allow_superpage) \
++ ? BASE_DISALLOW_MASK & ~_PAGE_PSE \
++ : BASE_DISALLOW_MASK )
+ #define L3_DISALLOW_MASK 0xFFFFF1FEU /* must-be-zero */
+
+ #endif /* __X86_32_PAGE_H__ */
+--- xen/include/asm-x86/x86_64/page.h.orig 2015-10-29 20:35:36.000000000 +0100
++++ xen/include/asm-x86/x86_64/page.h 2015-10-29 20:37:33.000000000 +0100
+@@ -167,7 +167,9 @@
+ #define BASE_DISALLOW_MASK (0xFF800198U & ~_PAGE_NX)
+
+ #define L1_DISALLOW_MASK (BASE_DISALLOW_MASK | _PAGE_GNTTAB)
+-#define L2_DISALLOW_MASK (BASE_DISALLOW_MASK & ~_PAGE_PSE)
++#define L2_DISALLOW_MASK (unlikely(opt_allow_superpage) \
++ ? BASE_DISALLOW_MASK & ~_PAGE_PSE \
++ : BASE_DISALLOW_MASK )
+ #define L3_DISALLOW_MASK (BASE_DISALLOW_MASK)
+ #define L4_DISALLOW_MASK (BASE_DISALLOW_MASK)
+
+--- xen/arch/x86/mm.c.orig 2015-10-29 20:30:55.000000000 +0100
++++ xen/arch/x86/mm.c 2015-10-29 20:32:56.000000000 +0100
+@@ -1898,7 +1898,10 @@
+ }
+
+ /* Fast path for identical mapping and presence. */
+- if ( !l2e_has_changed(ol2e, nl2e, _PAGE_PRESENT) )
++ if ( !l2e_has_changed(ol2e, nl2e,
++ unlikely(opt_allow_superpage)
++ ? _PAGE_PSE | _PAGE_RW | _PAGE_PRESENT
++ : _PAGE_PRESENT) )
+ {
+ adjust_guest_l2e(nl2e, d);
+ rc = UPDATE_ENTRY(l2, pl2e, ol2e, nl2e, pfn, vcpu, preserve_ad);
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-24 19:41:06 +0000