www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Andy Lutomirski <luto@kernel.org>
	Wed, 23 Mar 2016 10:38:23 +0000 (03:38 -0700)
committer	Chuck Anderson <chuck.anderson@oracle.com>
	Wed, 23 Mar 2016 10:38:23 +0000 (03:38 -0700)
commit	fa4e60a10afdfdda1375f8f9afdd779b969cf6b7
tree	afb6be448280943a2cf8994ecc1327a20a4b2261	tree
parent	50fdb280dc02eb872912938eed842c5d472ff2ef	commit \| diff

x86/iopl/64: properly context-switch IOPL on Xen PV

On Xen PV, regs->flags doesn't reliably reflect IOPL and the
exit-to-userspace code doesn't change IOPL.  We need to context
switch it manually.

I'm doing this without going through paravirt because this is
specific to Xen PV.  After the dust settles, we can merge this with
the 32-bit code, tidy up the iopl syscall implementation, and remove
the set_iopl pvop entirely.

This is XSA-171.

Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: stable@vger.kernel.org
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Orabug: 22926124
Conflicts:
  arch/x86/kernel/process_64.c
  X86_FEATURE_XENPV not defined, too much extra to bring it in.
  Replaced with xen_pv_domain() which is trigger to set X86_FEATURE_XENPV.
CVE: CVE-2016-3157
Signed-off-by: Chuck Anderson <chuck.anderson@oracle.com>

arch/x86/include/asm/xen/hypervisor.h		diff \| blob \| history
arch/x86/kernel/process_64.c		diff \| blob \| history
arch/x86/xen/enlighten.c		diff \| blob \| history