From: Andrew Cooper <andrew.cooper3@citrix.com>
Date: Fri, 6 Jan 2017 20:05:36 +0000 (+0000)
Subject: x86/pv: Check that emulate_privileged_op() don't change any unexpected flags
X-Git-Tag: archive/raspbian/4.11.1-1+rpi1~1^2~66^2~2978
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=e5c98b0e6059b8a108ef78ec4448c91af1f8232b;p=xen.git

x86/pv: Check that emulate_privileged_op() don't change any unexpected flags

No bits, other than arithmetic ones and the resume flag (which will most
likely change from 1 to 0), can be changed by the instructions we permit.
Extend the check to cover other flags.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
---

diff --git a/xen/arch/x86/traps.c b/xen/arch/x86/traps.c
index 4f29c3af93..ea0ce528f3 100644
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -3012,9 +3012,11 @@ static int emulate_privileged_op(struct cpu_user_regs *regs)
 
     /*
      * Un-mirror virtualized state from EFLAGS.
-     * Nothing we allow to be emulated can change TF, IF, or IOPL.
+     * Nothing we allow to be emulated can change anything other than the
+     * arithmetic bits, and the resume flag.
      */
-    ASSERT(!((regs->_eflags ^ eflags) & (X86_EFLAGS_IF | X86_EFLAGS_IOPL)));
+    ASSERT(!((regs->_eflags ^ eflags) &
+             ~(X86_EFLAGS_RF | X86_EFLAGS_ARITH_MASK)));
     regs->_eflags |= X86_EFLAGS_IF;
     regs->_eflags &= ~X86_EFLAGS_IOPL;