From mboxrd@z Thu Jan 1 00:00:00 1970 From: AL13N Subject: Re: xen-CVE-2013-1442-XSA-62.patch Date: Wed, 02 Oct 2013 21:12:43 +0200 Message-ID: <1538598.QC6NsvogIo@localhost> References: <20131003004744.711eaaae@archtester.homenetwork> <2646280.LpbgWksbOs@localhost> <524C6B92.7090606@citrix.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <524C6B92.7090606@citrix.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: xen-devel@lists.xen.org Cc: Andrew Cooper , IAN DELANEY List-Id: xen-devel@lists.xenproject.org Op woensdag 2 oktober 2013 19:53:06 schreef Andrew Cooper: [...] > You have a few options > > 1) Unconditionally force xsave off. It is at the very least buggy if > you are missing the patches causing your patch application problems. i can do this programmatorically, so that noone in Mageia 3 will be able to use it? does this mean xsave has been buggy on the released 4.2.1 in any case? > 2) Backport the xsave patches as well. > http://xenbits.xen.org/gitweb/?p=xen.git;a=history;f=xen/arch/x86/xstate.c;h > b=12b0ee04a16194f064d5b895a844fcdc6414bfc0 should give you a good idea of > the patches. > http://xenbits.xen.org/gitweb/?p=xen.git;a=commitdiff;h=0bda88abe18029c2bbe9 > dc5d07cc706bd775c9b7 is probably the main patch needed. > > 3) Rework the security patch yourself using > 0bda88abe18029c2bbe9dc5d07cc706bd775c9b7 as a reference of where and how > to patch in arch/x86/traps.c > > > I highly recommend option 2. thanks for the quick assistance