Prev: [patch 122/149] sctp: Fix skb_over_panic resulting from multiple invalid parameter errors (CVE-2010-1173) (v4)
Next: [patch 143/149] jbd: jbd-debug and jbd2-debug should be writable
From: Greg KH on 1 Jul 2010 14:30
2.6.32-stable review patch. If anyone has any objections, please let us know.

------------------

From: Avi Kivity <avi(a)redhat.com>

The current lmsw implementation allows the guest to clear cr0.pe, contrary
to the manual, which breaks EMM386.EXE.

Fix by ORing the old cr0.pe with lmsw's operand.

Signed-off-by: Avi Kivity <avi(a)redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti(a)redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh(a)suse.de>
(cherry picked from commit f78e917688edbf1f14c318d2e50dc8e7dad20445)
---
arch/x86/kvm/x86.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -345,7 +345,7 @@ EXPORT_SYMBOL_GPL(kvm_set_cr0);

void kvm_lmsw(struct kvm_vcpu *vcpu, unsigned long msw)
{
- kvm_set_cr0(vcpu, (vcpu->arch.cr0 & ~0x0ful) | (msw & 0x0f));
+ kvm_set_cr0(vcpu, (vcpu->arch.cr0 & ~0x0eul) | (msw & 0x0f));
}
EXPORT_SYMBOL_GPL(kvm_lmsw);



--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
 | 
Pages: 1
Prev: [patch 122/149] sctp: Fix skb_over_panic resulting from multiple invalid parameter errors (CVE-2010-1173) (v4)
Next: [patch 143/149] jbd: jbd-debug and jbd2-debug should be writable