x86/xsave: initialize unused register state when restoring for guest

In order to avoid leaking register contents from the prior use of the
registers restored through xrstor due to a guest enabling certain xcr0
bits late (particularly after the context restor in question), force
restoring of all known registers (the ones that never got saved would
be forced to their init state).

This is CVE-2013-1442 / XSA-62.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
master commit: 63a75ba0de817d6f384f96d25427a05c313e2179
master date: 2013-09-25 10:41:25 +0200

1 files changed, 3 insertions, 3 deletions

diff --git a/xen/arch/x86/i387.c b/xen/arch/x86/i387.c
index bba14ca978..011a55ad0c 100644
--- a/xen/arch/x86/i387.c
+++ b/xen/arch/x86/i387.c
@@ -103,9 +103,9 @@ void setup_fpu(struct vcpu *v)
     {
         /*
          * XCR0 normally represents what guest OS set. In case of Xen itself, 
-         * we set all supported feature mask before doing save/restore.
+         * we set all supported feature mask before restoring.
          */
-        set_xcr0(v->arch.xcr0_accum);
+        set_xcr0(xfeature_mask);
         xrstor(v);
         set_xcr0(v->arch.xcr0);
     }
@@ -149,7 +149,7 @@ void save_init_fpu(struct vcpu *v)
     if ( xsave_enabled(v) )
     {
         /* XCR0 normally represents what guest OS set. In case of Xen itself,
-         * we set all accumulated feature mask before doing save/restore.
+         * we set all accumulated feature mask before saving.
          */
         set_xcr0(v->arch.xcr0_accum);
         if ( cpu_has_xsaveopt )