From: Jan Beulich <jbeulich@suse.com>
Date: Tue, 14 Apr 2020 12:32:33 +0000 (+0200)
Subject: xenoprof: clear buffer intended to be shared with guests
X-Git-Tag: archive/raspbian/4.14.0+80-gd101b417b7-1+rpi1^2~63^2~409
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=0763a7ebfcdad66cf9e5475a1301eefb29bae9ed;p=xen.git

xenoprof: clear buffer intended to be shared with guests

alloc_xenheap_pages() making use of MEMF_no_scrub is fine for Xen
internally used allocations, but buffers allocated to be shared with
(unpriviliged) guests need to be zapped of their prior content.

This is part of XSA-313.

Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Wei Liu <wl@xen.org>
---

diff --git a/xen/common/xenoprof.c b/xen/common/xenoprof.c
index 4f3e799ebb..4d909fd5d6 100644
--- a/xen/common/xenoprof.c
+++ b/xen/common/xenoprof.c
@@ -253,6 +253,9 @@ static int alloc_xenoprof_struct(
         return -ENOMEM;
     }
 
+    for ( i = 0; i < npages; ++i )
+        clear_page(d->xenoprof->rawbuf + i * PAGE_SIZE);
+
     d->xenoprof->npages = npages;
     d->xenoprof->nbuf = nvcpu;
     d->xenoprof->bufsize = bufsize;