On 07/31/2015 05:10 AM, Andrew Cooper wrote:
On 30/07/15 22:31, Andy Lutomirski wrote:
This is intended for x86/urgent. Sorry for taking so long, but it
seemed nice to avoid breaking Xen.
Very much appreciated. Thanks!
This fixes the "dazed and confused" issue which was exposed by the
CVE-2015-5157 fix. It's also probably a good general attack surface
reduction, and it replaces some scary code with IMO less scary code.
Also, servers and embedded systems should probably turn off modify_ldt.
This makes that possible.
Xen people, can you test patch 1? It works for me on my evil 32-bit
Xen virtio setup.
So the LDT issue seems to have gone away, which is good.
However, I did get this from my single vcpu guest test
[OK] LDT entry 0 is invalid
[SKIP] Cannot set affinity to CPU 1
[RUN] Test exec
[ 3.638967] CPU 0 set the LDT
[OK] LDT entry 0 has AR 0x0040FA00 and limit 0x0000002A
[ 3.639380] ------------[ cut here ]------------
[ 3.639389] WARNING: CPU: 0 PID: 383 at
/local/linux-mainline.git/arch/x86/include/asm/mmu_context.h:96
flush_old_exec+0x7fd/0xb70()
[ 3.639397] DEBUG_LOCKS_WARN_ON(!irqs_disabled())
You must be running v5 (or earlier). This is fixed in v6 --- it is now
'DEBUG_LOCKS_WARN_ON(preemptible());'
-boris
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
