redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/arch
History
Andy Honig c300aa64dd KVM: x86: fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME (CVE-2013-1796) 
If the guest sets the GPA of the time_page so that the request to update the
time straddles a page then KVM will write onto an incorrect page.  The
write is done byusing kmap atomic to get a pointer to the page for the time
structure and then performing a memcpy to that page starting at an offset
that the guest controls.  Well behaved guests always provide a 32-byte aligned
address, however a malicious guest could use this to corrupt host kernel
memory.

Tested: Tested against kvmclock unit test.

Signed-off-by: Andrew Honig <ahonig@google.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
 		2013-03-19 14:17:31 -03:00
..
alpha arch Kconfig: centralise CONFIG_ARCH_NO_VIRT_TO_BUS 2013-02-27 19:10:23 -08:00
arc ARC: split elf.h into uapi and export it for userspace 2013-02-27 20:00:26 +05:30
arm Merge branch 'for-linus' of git://git.linaro.org/people/rmk/linux-arm 2013-03-03 11:54:39 -08:00
arm64 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/signal 2013-03-02 08:34:06 -08:00
avr32 arch Kconfig: centralise CONFIG_ARCH_NO_VIRT_TO_BUS 2013-02-27 19:10:23 -08:00
blackfin Merge branch 'timer/cleanup' into late/mvebu2 2013-02-28 18:54:15 +01:00
c6x Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-02-26 20:16:07 -08:00
cris Merge branch 'timer/cleanup' into late/mvebu2 2013-02-28 18:54:15 +01:00
frv arch Kconfig: centralise CONFIG_ARCH_NO_VIRT_TO_BUS 2013-02-27 19:10:23 -08:00
h8300 arch Kconfig: centralise CONFIG_ARCH_NO_VIRT_TO_BUS 2013-02-27 19:10:23 -08:00
hexagon Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-02-26 20:16:07 -08:00
ia64 hlist: drop the node parameter from iterators 2013-02-27 19:10:24 -08:00
m32r Merge branch 'timer/cleanup' into late/mvebu2 2013-02-28 18:54:15 +01:00
m68k Merge branch 'timer/cleanup' into late/mvebu2 2013-02-28 18:54:15 +01:00
metag ImgTec Meta architecture changes for v3.9-rc1 2013-03-03 12:06:09 -08:00
microblaze arch Kconfig: centralise CONFIG_ARCH_NO_VIRT_TO_BUS 2013-02-27 19:10:23 -08:00
mips Merge git://www.linux-watchdog.org/linux-watchdog 2013-03-03 10:23:29 -08:00
mn10300 arch Kconfig: centralise CONFIG_ARCH_NO_VIRT_TO_BUS 2013-02-27 19:10:23 -08:00
openrisc arch Kconfig: centralise CONFIG_ARCH_NO_VIRT_TO_BUS 2013-02-27 19:10:23 -08:00
parisc Merge branch 'fixes-for-3.9-latest' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux 2013-03-03 12:57:38 -08:00
powerpc Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/signal 2013-03-02 08:34:06 -08:00
s390 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-03-03 13:23:03 -08:00
score arch Kconfig: centralise CONFIG_ARCH_NO_VIRT_TO_BUS 2013-02-27 19:10:23 -08:00
sh hlist: drop the node parameter from iterators 2013-02-27 19:10:24 -08:00
sparc Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/signal 2013-03-02 08:34:06 -08:00
tile arch Kconfig: centralise CONFIG_ARCH_NO_VIRT_TO_BUS 2013-02-27 19:10:23 -08:00
um Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/signal 2013-02-23 18:50:11 -08:00
unicore32 arch Kconfig: centralise CONFIG_ARCH_NO_VIRT_TO_BUS 2013-02-27 19:10:23 -08:00
x86 KVM: x86: fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME (CVE-2013-1796) 2013-03-19 14:17:31 -03:00
xtensa arch Kconfig: centralise CONFIG_ARCH_NO_VIRT_TO_BUS 2013-02-27 19:10:23 -08:00
.gitignore
Kconfig ImgTec Meta architecture changes for v3.9-rc1 2013-03-03 12:06:09 -08:00