x86/HVM: memset CPU context save area

In order to prevent leaking data in the padding field. Also remove the
memset done to the fpu_regs in case of no FPU context present, since it's
already taken care by the memset of the whole CPU context structure. The
same applies to setting ctxt.flags to 0 in case there's no FPU context.

Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Reported-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>

diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index 8f98956e306b8240739dfae547c0db4fd41bfe50..674feeab7edc4e1333121426a543de1414cafcfb 100644 (file)
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -1732,6 +1732,8 @@ static int hvm_save_cpu_ctxt(struct domain *d, hvm_domain_context_t *h)
         if ( v->pause_flags & VPF_down )
             continue;
 
+        memset(&ctxt, 0, sizeof(ctxt));
+
         /* Architecture-specific vmcs/vmcb bits */
         hvm_funcs.save_cpu_ctxt(v, &ctxt);
 
@@ -1798,11 +1800,6 @@ static int hvm_save_cpu_ctxt(struct domain *d, hvm_domain_context_t *h)
             memcpy(ctxt.fpu_regs, v->arch.fpu_ctxt, sizeof(ctxt.fpu_regs));
             ctxt.flags = XEN_X86_FPU_INITIALISED;
         }
-        else
-        {
-             memset(ctxt.fpu_regs, 0, sizeof(ctxt.fpu_regs));
-             ctxt.flags = 0;
-        }
 
         ctxt.rax = v->arch.user_regs.eax;
         ctxt.rbx = v->arch.user_regs.ebx;