Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
xen.196
54216882-x86-emulate-check-cpl-for-all-privileg...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 54216882-x86-emulate-check-cpl-for-all-privileged-instructions.patch of Package xen.196
References: bnc#895799 CVE-2014-7155 XSA-105 # Commit 0e442727ceccfa32a7276cccd205b4722e68fdc1 # Date 2014-09-23 14:33:06 +0200 # Author Andrew Cooper <andrew.cooper3@citrix.com> # Committer Jan Beulich <jbeulich@suse.com> x86/emulate: check cpl for all privileged instructions Without this, it is possible for userspace to load its own IDT or GDT. This is XSA-105. Reported-by: Andrei LUTAS <vlutas@bitdefender.com> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Tested-by: Andrei LUTAS <vlutas@bitdefender.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> --- a/xen/arch/x86/x86_emulate/x86_emulate.c +++ b/xen/arch/x86/x86_emulate/x86_emulate.c @@ -3314,6 +3314,7 @@ x86_emulate( goto swint; case 0xf4: /* hlt */ + generate_exception_if(!mode_ring0(), EXC_GP, 0); ctxt->retire.flags.hlt = 1; break; @@ -3710,6 +3711,7 @@ x86_emulate( break; case 2: /* lgdt */ case 3: /* lidt */ + generate_exception_if(!mode_ring0(), EXC_GP, 0); generate_exception_if(ea.type != OP_MEM, EXC_UD, -1); fail_if(ops->write_segment == NULL); memset(®, 0, sizeof(reg)); @@ -3738,6 +3740,7 @@ x86_emulate( case 6: /* lmsw */ fail_if(ops->read_cr == NULL); fail_if(ops->write_cr == NULL); + generate_exception_if(!mode_ring0(), EXC_GP, 0); if ( (rc = ops->read_cr(0, &cr0, ctxt)) ) goto done; if ( ea.type == OP_REG )
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor