projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 60f7376) | patch
xen/arm: Don't let the guest access the coprocessors registers
authorJulien Grall <julien.grall@linaro.org>
Mon, 14 Apr 2014 19:37:16 +0000 (20:37 +0100)
committerIan Campbell <ian.campbell@citrix.com>
Wed, 23 Apr 2014 09:30:34 +0000 (10:30 +0100)
commit5496c642535da9c5738a3e19276de564304a5082
tree501abf63d663b4978dc781545d7423b71fd41f65tree | snapshot
parent60f737636c2be52fe1af2f1a3a2f66acacdc6a30commit | diff
xen/arm: Don't let the guest access the coprocessors registers

In Xen we only handle save/restore for coprocessor 10 and 11 (NEON). Other
coprocessors (0-9, 12-13) are currently exposed to the guest and may lead
to data shared between guest.

Disable access to all coprocessor except 10 and 11 by setting correctly
HCTPR.

This is CVE-2014-2915 / XSA-93.

Signed-off-by: Julien Grall <julien.grall@linaro.org>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
xen/arch/arm/traps.c diff | blob | history
xen/include/asm-arm/cpregs.h diff | blob | history
xen/include/asm-arm/processor.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.