From: Roger Pau Monne <roger.pau@citrix.com>
Date: Tue, 19 Jan 2016 17:47:19 +0000 (+0000)
Subject: x86/HVM: memset CPU context save area
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=1949868d640427dc91bfb23741d78eb1d86841c8;p=people%2Fliuw%2Flibxenctrl-split%2Fxen.git

x86/HVM: memset CPU context save area

In order to prevent leaking data in the padding field. Also remove the
memset done to the fpu_regs in case of no FPU context present, since it's
already taken care by the memset of the whole CPU context structure. The
same applies to setting ctxt.flags to 0 in case there's no FPU context.

Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Reported-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
---

diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index 8f98956e30..674feeab7e 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -1732,6 +1732,8 @@ static int hvm_save_cpu_ctxt(struct domain *d, hvm_domain_context_t *h)
         if ( v->pause_flags & VPF_down )
             continue;
 
+        memset(&ctxt, 0, sizeof(ctxt));
+
         /* Architecture-specific vmcs/vmcb bits */
         hvm_funcs.save_cpu_ctxt(v, &ctxt);
 
@@ -1798,11 +1800,6 @@ static int hvm_save_cpu_ctxt(struct domain *d, hvm_domain_context_t *h)
             memcpy(ctxt.fpu_regs, v->arch.fpu_ctxt, sizeof(ctxt.fpu_regs));
             ctxt.flags = XEN_X86_FPU_INITIALISED;
         }
-        else
-        {
-             memset(ctxt.fpu_regs, 0, sizeof(ctxt.fpu_regs));
-             ctxt.flags = 0;
-        }
 
         ctxt.rax = v->arch.user_regs.eax;
         ctxt.rbx = v->arch.user_regs.ebx;