summaryrefslogtreecommitdiff
path: root/sysutils/xenkernel42/patches/patch-CVE-2015-8555
diff options
context:
space:
mode:
Diffstat (limited to 'sysutils/xenkernel42/patches/patch-CVE-2015-8555')
-rw-r--r--sysutils/xenkernel42/patches/patch-CVE-2015-855580
1 files changed, 80 insertions, 0 deletions
diff --git a/sysutils/xenkernel42/patches/patch-CVE-2015-8555 b/sysutils/xenkernel42/patches/patch-CVE-2015-8555
new file mode 100644
index 00000000000..303a781da92
--- /dev/null
+++ b/sysutils/xenkernel42/patches/patch-CVE-2015-8555
@@ -0,0 +1,80 @@
+$NetBSD: patch-CVE-2015-8555,v 1.1.2.2 2016/01/11 20:37:17 bsiegert Exp $
+
+Patch for CVE-2015-8555 aka XSA-165, based on
+http://xenbits.xenproject.org/xsa/xsa165-4.3.patch
+
+--- xen/arch/x86/domain.c.orig
++++ xen/arch/x86/domain.c
+@@ -730,6 +730,17 @@ int arch_set_info_guest(
+
+ if ( flags & VGCF_I387_VALID )
+ memcpy(v->arch.fpu_ctxt, &c.nat->fpu_ctxt, sizeof(c.nat->fpu_ctxt));
++ else if ( v->arch.xsave_area )
++ memset(&v->arch.xsave_area->xsave_hdr, 0,
++ sizeof(v->arch.xsave_area->xsave_hdr));
++ else
++ {
++ typeof(v->arch.xsave_area->fpu_sse) *fpu_sse = v->arch.fpu_ctxt;
++
++ memset(fpu_sse, 0, sizeof(*fpu_sse));
++ fpu_sse->fcw = FCW_DEFAULT;
++ fpu_sse->mxcsr = MXCSR_DEFAULT;
++ }
+
+ if ( !compat )
+ {
+--- xen/arch/x86/i387.c.orig
++++ xen/arch/x86/i387.c
+@@ -17,19 +17,6 @@
+ #include <asm/xstate.h>
+ #include <asm/asm_defns.h>
+
+-static void fpu_init(void)
+-{
+- unsigned long val;
+-
+- asm volatile ( "fninit" );
+- if ( cpu_has_xmm )
+- {
+- /* load default value into MXCSR control/status register */
+- val = MXCSR_DEFAULT;
+- asm volatile ( "ldmxcsr %0" : : "m" (val) );
+- }
+-}
+-
+ /*******************************/
+ /* FPU Restore Functions */
+ /*******************************/
+@@ -254,15 +241,8 @@ void vcpu_restore_fpu_lazy(struct vcpu *
+
+ if ( cpu_has_xsave )
+ fpu_xrstor(v, XSTATE_LAZY);
+- else if ( v->fpu_initialised )
+- {
+- if ( cpu_has_fxsr )
+- fpu_fxrstor(v);
+- else
+- fpu_frstor(v);
+- }
+ else
+- fpu_init();
++ fpu_fxrstor(v);
+
+ v->fpu_initialised = 1;
+ v->fpu_dirtied = 1;
+@@ -323,7 +303,14 @@ int vcpu_init_fpu(struct vcpu *v)
+ else
+ {
+ v->arch.fpu_ctxt = _xzalloc(sizeof(v->arch.xsave_area->fpu_sse), 16);
+- if ( !v->arch.fpu_ctxt )
++ if ( v->arch.fpu_ctxt )
++ {
++ typeof(v->arch.xsave_area->fpu_sse) *fpu_sse = v->arch.fpu_ctxt;
++
++ fpu_sse->fcw = FCW_DEFAULT;
++ fpu_sse->mxcsr = MXCSR_DEFAULT;
++ }
++ else
+ {
+ rc = -ENOMEM;
+ goto done;
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 07:59:49 +0000