Date: Thu, 22 Dec 2016 09:52:26 +0000 (UTC) From: =?UTF-8?Q?Roger_Pau_Monn=c3=a9?= <royger@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r429150 - in branches/2016Q4/emulators/xen-kernel: . files Message-ID: <201612220952.uBM9qQAt067661@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: royger (src committer) Date: Thu Dec 22 09:52:25 2016 New Revision: 429150 URL: https://svnweb.freebsd.org/changeset/ports/429150 Log: MFH: r429074 xen: apply XSA-202 Sponsored by: Citrix Systems R&D Approved by: ports-secteam (junovitch) Added: branches/2016Q4/emulators/xen-kernel/files/xsa202.patch - copied unchanged from r429074, head/emulators/xen-kernel/files/xsa202.patch Modified: branches/2016Q4/emulators/xen-kernel/Makefile Directory Properties: branches/2016Q4/ (props changed) Modified: branches/2016Q4/emulators/xen-kernel/Makefile ============================================================================== --- branches/2016Q4/emulators/xen-kernel/Makefile Thu Dec 22 09:01:01 2016 (r429149) +++ branches/2016Q4/emulators/xen-kernel/Makefile Thu Dec 22 09:52:25 2016 (r429150) @@ -3,7 +3,7 @@ PORTNAME= xen PKGNAMESUFFIX= -kernel PORTVERSION= 4.7.1 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= emulators MASTER_SITES= http://downloads.xenproject.org/release/xen/${PORTVERSION}/ @@ -46,7 +46,8 @@ EXTRA_PATCHES= ${FILESDIR}/0001-xen-logd ${FILESDIR}/xsa194.patch \ ${FILESDIR}/xsa195.patch \ ${FILESDIR}/xsa200-4.7.patch \ - ${FILESDIR}/xsa204-4.7.patch + ${FILESDIR}/xsa204-4.7.patch \ + ${FILESDIR}/xsa202.patch .include <bsd.port.options.mk> Copied: branches/2016Q4/emulators/xen-kernel/files/xsa202.patch (from r429074, head/emulators/xen-kernel/files/xsa202.patch) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2016Q4/emulators/xen-kernel/files/xsa202.patch Thu Dec 22 09:52:25 2016 (r429150, copy of r429074, head/emulators/xen-kernel/files/xsa202.patch) @@ -0,0 +1,75 @@ +From: Jan Beulich <jbeulich@suse.com> +Subject: x86: force EFLAGS.IF on when exiting to PV guests + +Guest kernels modifying instructions in the process of being emulated +for another of their vCPU-s may effect EFLAGS.IF to be cleared upon +next exiting to guest context, by converting the being emulated +instruction to CLI (at the right point in time). Prevent any such bad +effects by always forcing EFLAGS.IF on. And to cover hypothetical other +similar issues, also force EFLAGS.{IOPL,NT,VM} to zero. + +This is XSA-202. + +Signed-off-by: Jan Beulich <jbeulich@suse.com> +Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> +--- + +--- a/xen/arch/x86/x86_64/compat/entry.S ++++ b/xen/arch/x86/x86_64/compat/entry.S +@@ -109,6 +109,8 @@ compat_process_trap: + /* %rbx: struct vcpu, interrupts disabled */ + ENTRY(compat_restore_all_guest) + ASSERT_INTERRUPTS_DISABLED ++ mov $~(X86_EFLAGS_IOPL|X86_EFLAGS_NT|X86_EFLAGS_VM),%r11d ++ and UREGS_eflags(%rsp),%r11d + .Lcr4_orig: + .skip .Lcr4_alt_end - .Lcr4_alt, 0x90 + .Lcr4_orig_end: +@@ -144,6 +146,8 @@ ENTRY(compat_restore_all_guest) + (.Lcr4_orig_end - .Lcr4_orig), \ + (.Lcr4_alt_end - .Lcr4_alt) + .popsection ++ or $X86_EFLAGS_IF,%r11 ++ mov %r11d,UREGS_eflags(%rsp) + RESTORE_ALL adj=8 compat=1 + .Lft0: iretq + _ASM_PRE_EXTABLE(.Lft0, handle_exception) +--- a/xen/arch/x86/x86_64/entry.S ++++ b/xen/arch/x86/x86_64/entry.S +@@ -40,28 +40,29 @@ restore_all_guest: + testw $TRAP_syscall,4(%rsp) + jz iret_exit_to_guest + ++ movq 24(%rsp),%r11 # RFLAGS ++ andq $~(X86_EFLAGS_IOPL|X86_EFLAGS_NT|X86_EFLAGS_VM),%r11 ++ orq $X86_EFLAGS_IF,%r11 ++ + /* Don't use SYSRET path if the return address is not canonical. */ + movq 8(%rsp),%rcx + sarq $47,%rcx + incl %ecx + cmpl $1,%ecx +- ja .Lforce_iret ++ movq 8(%rsp),%rcx # RIP ++ ja iret_exit_to_guest + + cmpw $FLAT_USER_CS32,16(%rsp)# CS +- movq 8(%rsp),%rcx # RIP +- movq 24(%rsp),%r11 # RFLAGS + movq 32(%rsp),%rsp # RSP + je 1f + sysretq + 1: sysretl + +-.Lforce_iret: +- /* Mimic SYSRET behavior. */ +- movq 8(%rsp),%rcx # RIP +- movq 24(%rsp),%r11 # RFLAGS + ALIGN + /* No special register assumptions. */ + iret_exit_to_guest: ++ andl $~(X86_EFLAGS_IOPL|X86_EFLAGS_NT|X86_EFLAGS_VM),24(%rsp) ++ orl $X86_EFLAGS_IF,24(%rsp) + addq $8,%rsp + .Lft0: iretq + _ASM_PRE_EXTABLE(.Lft0, handle_exception)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201612220952.uBM9qQAt067661>