From: Roger Pau Monne <roger.pau@citrix.com>
Date: Fri, 26 Jan 2018 15:29:10 +0000 (+0000)
Subject: xen/pvshim: fix GNTTABOP_query_size hypercall forwarding with SMAP
X-Git-Tag: archive/raspbian/4.11.1-1+rpi1~1^2~66^2~674
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=1124a9a26f05439a3aa31eaea227285e50dc94c0;p=xen.git

xen/pvshim: fix GNTTABOP_query_size hypercall forwarding with SMAP

Disable SMAP in the shim before bouncing the hypercall, or else L0
will fail to get the hypercall buffer.

Reported-by: Fatih Acar <fatih.acar@gandi.net>
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Wei Liu <wei.liu2@citrix.com>
---

diff --git a/xen/arch/x86/pv/shim.c b/xen/arch/x86/pv/shim.c
index 6e4220886d..534965c92a 100644
--- a/xen/arch/x86/pv/shim.c
+++ b/xen/arch/x86/pv/shim.c
@@ -757,7 +757,10 @@ static long pv_shim_grant_table_op(unsigned int cmd,
     }
 
     case GNTTABOP_query_size:
+        /* Disable SMAP so L0 can access the buffer. */
+        stac();
         rc = xen_hypercall_grant_table_op(GNTTABOP_query_size, uop.p, count);
+        clac();
         break;
 
     default: