From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752755AbbBXQAA (ORCPT <rfc822;w@1wt.eu>);
	Tue, 24 Feb 2015 11:00:00 -0500
Received: from youngberry.canonical.com ([91.189.89.112]:40471 "EHLO
	youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752440AbbBXP76 (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Tue, 24 Feb 2015 10:59:58 -0500
Message-ID: <1424793589.20843.1.camel@fourier>
Subject: Re: [PATCH 3.13.y-ckt 100/103] KVM: x86: Fix of previously
 incomplete fix for CVE-2014-8480
From: Kamal Mostafa <kamal@canonical.com>
To: linux-kernel@vger.kernel.org
Cc: stable@vger.kernel.org, kernel-team@lists.ubuntu.com,
        Nadav Amit <namit@cs.technion.ac.il>,
        Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 24 Feb 2015 07:59:49 -0800
In-Reply-To: <1424305990-17983-101-git-send-email-kamal@canonical.com>
References: <1424305990-17983-1-git-send-email-kamal@canonical.com>
	 <1424305990-17983-101-git-send-email-kamal@canonical.com>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.10.4-0ubuntu2 
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, 2015-02-18 at 16:33 -0800, Kamal Mostafa wrote:
> 3.13.11-ckt16 -stable review patch.  If anyone has any objections, please let me know.
> 
> ------------------
> 
> From: Nadav Amit <nadav.amit@gmail.com>
> 
> commit 63ea0a49ae0b145b91ff2b070c01b66fc75854b9 upstream.
> 
> STR and SLDT with rip-relative operand can cause a host kernel oops.
> Mark them as DstMem as well.

Dropping this one from 3.13-stable, per Nadav's advice to other pre-3.17
stables.

 -Kamal


> Signed-off-by: Nadav Amit <namit@cs.technion.ac.il>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> Signed-off-by: Kamal Mostafa <kamal@canonical.com>
> ---
>  arch/x86/kvm/emulate.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
> index 4919b95..569c8ed 100644
> --- a/arch/x86/kvm/emulate.c
> +++ b/arch/x86/kvm/emulate.c
> @@ -3733,8 +3733,8 @@ static const struct opcode group5[] = {
>  };
>  
>  static const struct opcode group6[] = {
> -	DI(Prot,	sldt),
> -	DI(Prot,	str),
> +	DI(Prot | DstMem,	sldt),
> +	DI(Prot | DstMem,	str),
>  	II(Prot | Priv | SrcMem16, em_lldt, lldt),
>  	II(Prot | Priv | SrcMem16, em_ltr, ltr),
>  	N, N, N, N,