Xen project Mailing List

[Xen-changelog] [xen-4.0-testing] xen: prevent a 64 bit guest setting reserved bits in DR7

From: Xen patchbot-4.0-testing <patchbot@xxxxxxx>

Date: Wed, 05 Sep 2012 21:11:07 +0000

Delivery-date: Wed, 05 Sep 2012 21:11:15 +0000

List-id: "Change log for Mercurial \(receive only\)" <xen-changelog.lists.xen.org>

# HG changeset patch # User Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx> # Date 1346844478 -3600 # Node ID 92334c7f577e04ab121ee4ce1252ed7edb2a6892 # Parent 228e6f382d5d239d969c04448e045e2b74077f10 xen: prevent a 64 bit guest setting reserved bits in DR7 The upper 32 bits of this register are reserved and should be written as zero. This is XSA-12 / CVE-2012-3494 Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Ian Campbell <ian.campbell@xxxxxxxxxx> --- diff -r 228e6f382d5d -r 92334c7f577e xen/include/asm-x86/debugreg.h --- a/xen/include/asm-x86/debugreg.h Thu Aug 09 16:48:19 2012 +0100 +++ b/xen/include/asm-x86/debugreg.h Wed Sep 05 12:27:58 2012 +0100 @@ -58,7 +58,7 @@ We can slow the instruction pipeline for instructions coming via the gdt or the ldt if we want to. I am not sure why this is an advantage */ -#define DR_CONTROL_RESERVED_ZERO (0x0000d800ul) /* Reserved, read as zero */ +#define DR_CONTROL_RESERVED_ZERO (~0xffff27fful) /* Reserved, read as zero */ #define DR_CONTROL_RESERVED_ONE (0x00000400ul) /* Reserved, read as one */ #define DR_LOCAL_EXACT_ENABLE (0x00000100ul) /* Local exact enable */ #define DR_GLOBAL_EXACT_ENABLE (0x00000200ul) /* Global exact enable */ _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxx http://lists.xensource.com/xen-changelog

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.