xen: prevent a 64 bit guest setting reserved bits in DR7

The upper 32 bits of this register are reserved and should be written as zero. This is XSA-12 / CVE-2012-3494 Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Ian Campbell <ian.campbell@citrix.com>
author: Ian Jackson <Ian.Jackson@eu.citrix.com> 2012-09-05 12:27:25 +0100
committer: Ian Jackson <Ian.Jackson@eu.citrix.com> 2012-09-05 12:27:25 +0100
commit: e89c6d05737c46f4ebee1f02138acf1cb1a48291 (patch)
tree: bb1caea4c941f4bc9e627f249dc68fe877ec958d
parent: 6b9c334b696fd4a01c9d2e237efda7c5dc3de7e8 (diff)
download: xen-e89c6d05737c46f4ebee1f02138acf1cb1a48291.tar.gz
xen-e89c6d05737c46f4ebee1f02138acf1cb1a48291.tar.bz2
xen-e89c6d05737c46f4ebee1f02138acf1cb1a48291.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/xen/include/asm-x86/debugreg.h b/xen/include/asm-x86/debugreg.h
index 9b7e9717cb..24021b8734 100644
--- a/xen/include/asm-x86/debugreg.h
+++ b/xen/include/asm-x86/debugreg.h
@@ -58,7 +58,7 @@
    We can slow the instruction pipeline for instructions coming via the
    gdt or the ldt if we want to.  I am not sure why this is an advantage */
 
-#define DR_CONTROL_RESERVED_ZERO (0x0000d800ul) /* Reserved, read as zero */
+#define DR_CONTROL_RESERVED_ZERO (~0xffff27fful) /* Reserved, read as zero */
 #define DR_CONTROL_RESERVED_ONE  (0x00000400ul) /* Reserved, read as one */
 #define DR_LOCAL_EXACT_ENABLE    (0x00000100ul) /* Local exact enable */
 #define DR_GLOBAL_EXACT_ENABLE   (0x00000200ul) /* Global exact enable */
author	Ian Jackson <Ian.Jackson@eu.citrix.com>	2012-09-05 12:27:25 +0100
committer	Ian Jackson <Ian.Jackson@eu.citrix.com>	2012-09-05 12:27:25 +0100
commit	e89c6d05737c46f4ebee1f02138acf1cb1a48291 (patch)
tree	bb1caea4c941f4bc9e627f249dc68fe877ec958d
parent	6b9c334b696fd4a01c9d2e237efda7c5dc3de7e8 (diff)
download	xen-e89c6d05737c46f4ebee1f02138acf1cb1a48291.tar.gz xen-e89c6d05737c46f4ebee1f02138acf1cb1a48291.tar.bz2 xen-e89c6d05737c46f4ebee1f02138acf1cb1a48291.zip