From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from out1-smtp.messagingengine.com ([66.111.4.25]:48477 "EHLO out1-smtp.messagingengine.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752577AbdGYAdQ (ORCPT ); Mon, 24 Jul 2017 20:33:16 -0400 Date: Tue, 25 Jul 2017 02:33:09 +0200 From: Marek =?utf-8?Q?Marczykowski-G=C3=B3recki?= To: gregkh@linuxfoundation.org Cc: jgross@suse.com, stable@vger.kernel.org Subject: Re: FAILED: patch "[PATCH] x86/xen: allow userspace access during hypercalls" failed to apply to 4.9-stable tree Message-ID: <20170725003309.GA13907@mail-itl> References: <1500941635254168@kroah.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="LZvS9be/3tNcYl/X" Content-Disposition: inline In-Reply-To: <1500941635254168@kroah.com> Sender: stable-owner@vger.kernel.org List-ID: --LZvS9be/3tNcYl/X Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jul 24, 2017 at 05:13:55PM -0700, gregkh@linuxfoundation.org wrote: > The patch below does not apply to the 4.9-stable tree. > If someone wants it applied there, or to any other stable or longterm > tree, then please email the backport, including the original git commit > id to . Backport for both 4.9 and 4.4 here: -----8<----- =46rom 1821e7b5d09cc4d6501d26a65fbe9f9dde403f26 Mon Sep 17 00:00:00 2001 =46rom: =3D?UTF-8?q?Marek=3D20Marczykowski-G=3DC3=3DB3recki?=3D Date: Mon, 26 Jun 2017 14:49:46 +0200 Subject: [PATCH] x86/xen: allow userspace access during hypercalls MIME-Version: 1.0 Content-Type: text/plain; charset=3DUTF-8 Content-Transfer-Encoding: 8bit commit c54590cac51db8ab5fd30156bdaba34af915e629 upstream. Userspace application can do a hypercall through /dev/xen/privcmd, and some for some hypercalls argument is a pointers to user-provided structure. When SMAP is supported and enabled, hypervisor can't access. So, lets allow it. The same applies to HYPERVISOR_dm_op, where additionally privcmd driver carefully verify buffer addresses. Cc: stable@vger.kernel.org Signed-off-by: Marek Marczykowski-G=C3=B3recki Reviewed-by: Juergen Gross Signed-off-by: Juergen Gross [HYPERVISOR_dm_op dropped - not present until 4.11] --- arch/x86/include/asm/xen/hypercall.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/include/asm/xen/hypercall.h b/arch/x86/include/asm/xe= n/hypercall.h index a12a047..8b678af 100644 --- a/arch/x86/include/asm/xen/hypercall.h +++ b/arch/x86/include/asm/xen/hypercall.h @@ -43,6 +43,7 @@ =20 #include #include +#include =20 #include #include @@ -214,10 +215,12 @@ privcmd_call(unsigned call, __HYPERCALL_DECLS; __HYPERCALL_5ARG(a1, a2, a3, a4, a5); =20 + stac(); asm volatile("call *%[call]" : __HYPERCALL_5PARAM : [call] "a" (&hypercall_page[call]) : __HYPERCALL_CLOBBER5); + clac(); =20 return (long)__res; } --=20 2.7.5 --=20 Best Regards, Marek Marczykowski-G=C3=B3recki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? --LZvS9be/3tNcYl/X Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJZdpHGAAoJENuP0xzK19csIoUH/jTtu7Ddgso+DxDNMIe/xJq8 jLLYKmsE9C2OnCNCQ48MkDK7UVXEptd/7HxdVXfbrey9crPPHZ/36lm9IHGOKn4m 4Xt3RM8/jt39DNCgeAzVt9yVOBeMMV7MWiuJR3CIbgSg0ZIvOD/k3bV9MRigusCH y5x/LTWI5iwSo2dd2wPHVWvXU6It2Q+lCdQi9eujOKnkFT0Xfb2+shkbpbBSfiQs fKwrj5DfPC1NQ5FGcAmFs03xsJuyNEE/N8xn8IHCD6If0k6HgQU94aUnu4pbJstc CGQou1zWL6NfIMlGBh9OBfPXBRWmV/jCdPoiMIjiEdXqHRXRBRy+3i4qKokBlyM= =xPFx -----END PGP SIGNATURE----- --LZvS9be/3tNcYl/X--