[3.16.y-ckt stable] Patch "KVM: x86: Fix of previously incomplete fix for CVE-2014-8480" has been added to staging queue

[Luis Henriques]

This is a note to let you know that I have just added a patch titled

    KVM: x86: Fix of previously incomplete fix for CVE-2014-8480

to the linux-3.16.y-queue branch of the 3.16.y-ckt extended stable tree 
which can be found at:

 http://kernel.ubuntu.com/git?p=ubuntu/linux.git;a=shortlog;h=refs/heads/linux-3.16.y-queue

This patch is scheduled to be released in version 3.16.7-ckt6.

If you, or anyone else, feels it should not be added to this tree, please 
reply to this email.

For more information about the 3.16.y-ckt tree, see
https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable

Thanks.
-Luis

------

>From 331184f0ef8a4be2dbc365c057ad9e9ef1ac0e6a Mon Sep 17 00:00:00 2001
From: Nadav Amit <nadav.amit at gmail.com>
Date: Thu, 8 Jan 2015 11:59:03 +0100
Subject: KVM: x86: Fix of previously incomplete fix for CVE-2014-8480

commit 63ea0a49ae0b145b91ff2b070c01b66fc75854b9 upstream.

STR and SLDT with rip-relative operand can cause a host kernel oops.
Mark them as DstMem as well.

Signed-off-by: Nadav Amit <namit at cs.technion.ac.il>
Signed-off-by: Paolo Bonzini <pbonzini at redhat.com>
Signed-off-by: Luis Henriques <luis.henriques at canonical.com>
---
 arch/x86/kvm/emulate.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
index bf9e8fdc2425..47af1ca4adaa 100644
--- a/arch/x86/kvm/emulate.c
+++ b/arch/x86/kvm/emulate.c
@@ -3737,8 +3737,8 @@ static const struct opcode group5[] = {
 };

 static const struct opcode group6[] = {
-	DI(Prot,	sldt),
-	DI(Prot,	str),
+	DI(Prot | DstMem,	sldt),
+	DI(Prot | DstMem,	str),
 	II(Prot | Priv | SrcMem16, em_lldt, lldt),
 	II(Prot | Priv | SrcMem16, em_ltr, ltr),
 	N, N, N, N,
--
2.1.4