projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c0020e0) | patch
xen: arm: Correctly handle do_sysreg exception injection from 64-bit userspace
authorIan Campbell <ian.campbell@citrix.com>
Tue, 12 Aug 2014 13:38:01 +0000 (15:38 +0200)
committerJan Beulich <jbeulich@suse.com>
Tue, 12 Aug 2014 13:38:01 +0000 (15:38 +0200)
commitf2ae8bfa498831ee6343d672066b898d3cd73892
treeff1774503d2dca8c9d7f0f4fe60cabf1950a8963tree | snapshot
parentc0020e0997024eb741d60de9a480bf2878f891afcommit | diff
xen: arm: Correctly handle do_sysreg exception injection from 64-bit userspace

The do_sysreg case was missing a return, so it would increment PC and
inject the trap to the second instruction of the handler.

This is CVE-2014-5148 / XSA-103.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Acked-by: Julien Grall <julien.grall@linaro.org>
xen/arch/arm/traps.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.