'Re: [Xen-users] Xen Security Advisory 240 (CVE-2017-15595) - Unlimited recursion in linear pagetable'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       xen-users
Subject:    Re: [Xen-users] Xen Security Advisory 240 (CVE-2017-15595) - Unlimited recursion in linear pagetable
From:       Juergen Gross <jgross () suse ! com>
Date:       2017-11-16 14:52:40
Message-ID: a22b48f4-f919-e589-68ce-f9c48677b739 () suse ! com
[Download RAW message or body]

On 16/11/17 15:39, James Dingwall wrote:
> On Thu, Nov 16, 2017 at 03:11:39PM +0100, Juergen Gross wrote:
> > On 16/11/17 14:58, James Dingwall wrote:
> > > On Wed, Nov 15, 2017 at 05:13:22PM +0000, Xen.org security team wrote:
> > > > -----BEGIN PGP SIGNED MESSAGE-----
> > > > Hash: SHA256
> > > > 
> > > > Xen Security Advisory CVE-2017-15595 / XSA-240
> > > > version 5
> > > > 
> > > > Unlimited recursion in linear pagetable de-typing
> > > <snip>
> > > > 
> > > > c0c624f51fb1bd9e31a2c120343164d545ab6e709ed4bb9e5dd89b5c4c4e49f8  \
> > > > xsa240-4.8/0001-x86-limit-linear-page-table-use-to-a-single-level.patch \
> > > > 7e3c2c4a4d0ee0a29abaa7aceffbb774b1f92aa81dfa4c5d1c5c5156b6bb0a3a  \
> > > > xsa240-4.8/0002-x86-mm-Disable-PV-linear-pagetables-by-default.patch \
> > > > f174ee608a7f7f0601ae46edafbf443c90a87632609c1b4145fb0e2e5c4b1b51  \
> > > > xsa240-4.8/0003-x86-dont-wrongly-trigger-linear-page-table-assertion.patch
> > > <snip>
> > > 
> > > I'm trying to apply patch 0003 to a 4.8.2 branch but it is rejected (patch \
> > > --verbose -p1).  The hunk it is  trying to remove does not exist in the \
> > > stable-4.8 branch or at tag RELEASE-4.8.2.  Trying to find  CONFIG_PV_LINEAR_PT \
> > > in git does not show this in stable-4.8 or stable-4.9 branches (but it is \
> > > present in the  staging branches.)  It looks like the patch issued for 4.6 \
> > > would apply, is this satisfactory for 4.8.2?
> > 
> > What about applying above patches 0001 and 0002 first?
> 
> I have, this is all on top of a checkout of xen-4.8.2.  0001 and 0002 don't appear \
> to have been changed, only  0003 added.  e1fa1c6ee152105c9adf5fb5ff4507028a87d2a3 \
> on staging-4.8 introduces the CONFIG_PV_LINEAR_PT option  so the patch doesn't \
> apply unless using code not on the stable-4.8 branch.  I think it is is small \
> enough that I  could modify it for 4.8.2 but I'd prefer not to get it wrong:)

Aah, sorry, this has meanwhile been discussed on xen-devel. Please see

https://lists.xen.org/archives/html/xen-devel/2017-11/msg00964.html

and follow-ups.


Juergen

_______________________________________________
Xen-users mailing list
Xen-users@lists.xen.org
https://lists.xen.org/xen-users


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic