Patch "Revert "KVM: X86 emulator: fix source operand decoding for 8bit mov[zs]x instructions"" has been added to the 3.4-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is a note to let you know that I've just added the patch titled

    Revert "KVM: X86 emulator: fix source operand decoding for 8bit mov[zs]x instructions"

to the 3.4-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     revert-kvm-x86-emulator-fix-source-operand-decoding-for-8bit-movx-instructions.patch
and it can be found in the queue-3.4 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From foo@baz Thu Sep 12 09:53:11 PDT 2013
Date: Thu, 12 Sep 2013 09:53:11 -0700
To: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Subject: Revert "KVM: X86 emulator: fix source operand decoding for 8bit mov[zs]x instructions"

From: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

This reverts commit 5b5b30580218eae22609989546bac6e44d0eda6e, which was
commit 660696d1d16a71e15549ce1bf74953be1592bcd3 upstream.

Paul Gortmaker <paul.gortmaker@xxxxxxxxxxxxx> writes:

[this patch] introduces the following:

arch/x86/kvm/emulate.c: In function â??decode_operandâ??:
arch/x86/kvm/emulate.c:3974:4: warning: passing argument 1 of â??decode_registerâ?? makes integer from pointer
+without a cast [enabled by default]
arch/x86/kvm/emulate.c:789:14: note: expected â??u8â?? but argument is of type â??struct x86_emulate_ctxt *â??
arch/x86/kvm/emulate.c:3974:4: warning: passing argument 2 of â??decode_registerâ?? makes pointer from integer
+without a cast [enabled by default]
arch/x86/kvm/emulate.c:789:14: note: expected â??long unsigned int *â?? but argument is of type â??u8â??

Based on the severity of the warnings above, I'm reasonably sure there will
be some kind of runtime regressions due to this, but I stopped to investigate
the warnings as soon as I saw them, before any run time testing.

It happens because mainline v3.7-rc1~113^2~40 (dd856efafe60) does this:

-static void *decode_register(u8 modrm_reg, unsigned long *regs,
+static void *decode_register(struct x86_emulate_ctxt *ctxt, u8 modrm_reg,

Since 660696d1d16a71e1 was only applied to stable 3.4, 3.8, and 3.9 -- and
the prerequisite above is in 3.7+, the issue should be limited to 3.4.44+

Reported-by: Paul Gortmaker <paul.gortmaker@xxxxxxxxxxxxx>
Acked-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
Cc: Gleb Natapov <gleb@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
 arch/x86/kvm/emulate.c |    4 ----
 1 file changed, 4 deletions(-)

--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
@@ -3737,10 +3737,6 @@ static int decode_operand(struct x86_emu
 		break;
 	case OpMem8:
 		ctxt->memop.bytes = 1;
-		if (ctxt->memop.type == OP_REG) {
-			ctxt->memop.addr.reg = decode_register(ctxt, ctxt->modrm_rm, 1);
-			fetch_register_operand(&ctxt->memop);
-		}
 		goto mem_common;
 	case OpMem16:
 		ctxt->memop.bytes = 2;


Patches currently in stable-queue which might be from gregkh@xxxxxxxxxxxxxxxxxxx are

queue-3.4/tipc-fix-lockdep-warning-during-bearer-initialization.patch
queue-3.4/neighbour-populate-neigh_parms-on-alloc-before-calling-ndo_neigh_setup.patch
queue-3.4/macvtap-do-not-zerocopy-if-iov-needs-more-pages-than-max_skb_frags.patch
queue-3.4/m32r-add-memcpy-for-config_kernel_gzip-y.patch
queue-3.4/tcp-cubic-fix-overflow-error-in-bictcp_update.patch
queue-3.4/tcp-cubic-fix-bug-in-bictcp_acked.patch
queue-3.4/revert-kvm-x86-emulator-fix-source-operand-decoding-for-8bit-movx-instructions.patch
queue-3.4/m32r-consistently-use-suffix.patch
queue-3.4/bonding-modify-only-neigh_parms-owned-by-us.patch
queue-3.4/net-bridge-convert-mldv2-query-mrc-into-msecs_to_jiffies-for-max_delay.patch
queue-3.4/net-ipv6-tcp-fix-potential-use-after-free-in-tcp_v6_do_rcv.patch
queue-3.4/ipv6-don-t-stop-backtracking-in-fib6_lookup_1-if-subtree-does-not-match.patch
queue-3.4/ipv6-don-t-depend-on-per-socket-memory-for-neighbour-discovery-messages.patch
queue-3.4/ipv6-remove-max_addresses-check-from-ipv6_create_tempaddr.patch
queue-3.4/net-check-net.core.somaxconn-sysctl-values.patch
queue-3.4/tun-signedness-bug-in-tun_get_user.patch
queue-3.4/8139cp-fix-skb-leak-in-rx_status_loop-failure-path.patch
queue-3.4/m32r-make-memset-global-for-config_kernel_bzip2-y.patch
queue-3.4/vhost-zerocopy-poll-vq-in-zerocopy-callback.patch
queue-3.4/htb-fix-sign-extension-bug.patch
queue-3.4/icmpv6-treat-dest-unreachable-codes-5-and-6-as-eacces-not-eproto.patch
queue-3.4/fib_trie-remove-potential-out-of-bound-access.patch
queue-3.4/ipv6-drop-packets-with-multiple-fragmentation-headers.patch
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]