Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 9924a199 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge git://git.kernel.org/pub/scm/virt/kvm/kvm 

Pull KVM fix from Marcelo Tosatti:
 "A correction for user triggerable oops"

* git://git.kernel.org/pub/scm/virt/kvm/kvm:
  KVM: x86: invalid opcode oops on SET_SREGS with OSXSAVE bit set (CVE-2012-4461)
parents 946edc47 6d1068b3

arch/x86/kvm/cpuid.h

+3 −0
Original line number Diff line number Diff line
@@ -24,6 +24,9 @@ static inline bool guest_cpuid_has_xsave(struct kvm_vcpu *vcpu) 
{

	struct kvm_cpuid_entry2 *best;



	if (!static_cpu_has(X86_FEATURE_XSAVE))

		return 0;



	best = kvm_find_cpuid_entry(vcpu, 1, 0);

	return best && (best->ecx & bit(X86_FEATURE_XSAVE));

}

arch/x86/kvm/x86.c

+3 −0
Original line number Diff line number Diff line
@@ -5781,6 +5781,9 @@ int kvm_arch_vcpu_ioctl_set_sregs(struct kvm_vcpu *vcpu, 
	int pending_vec, max_bits, idx;

	struct desc_ptr dt;



	if (!guest_cpuid_has_xsave(vcpu) && (sregs->cr4 & X86_CR4_OSXSAVE))

		return -EINVAL;



	dt.size = sregs->idt.limit;

	dt.address = sregs->idt.base;

	kvm_x86_ops->set_idt(vcpu, &dt);