projects / platform / kernel / linux-stable.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: cb2567b)
KVM: x86: Fix of previously incomplete fix for CVE-2014-8480
authorNadav Amit <nadav.amit@gmail.com>
Thu, 8 Jan 2015 10:59:03 +0000 (11:59 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 30 Jan 2015 01:40:45 +0000 (17:40 -0800)
commit 63ea0a49ae0b145b91ff2b070c01b66fc75854b9 upstream.

STR and SLDT with rip-relative operand can cause a host kernel oops.
Mark them as DstMem as well.

Signed-off-by: Nadav Amit <namit@cs.technion.ac.il>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
arch/x86/kvm/emulate.c patch | blob | history

diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
index ac640d47c28dfa628750a11740ac23b2ab8fbd7d..c7327a7761caf679c1d3d8c56d26671011a5eba1 100644 (file)
--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
@@ -3777,8 +3777,8 @@ static const struct opcode group5[] = {
 };
 
 static const struct opcode group6[] = {
-       DI(Prot       sldt),
-       DI(Prot       str),
+       DI(Prot | DstMem,       sldt),
+       DI(Prot | DstMem,       str),
        II(Prot | Priv | SrcMem16, em_lldt, lldt),
        II(Prot | Priv | SrcMem16, em_ltr, ltr),
        N, N, N, N,
Domain: System / Kernel;