rpms/kernel/F-10 kvm-x86-disallow-hypercalls-for-guest-callers-in-rings-0.patch, NONE, 1.1.2.1 kernel.spec, 1.1206.2.92, 1.1206.2.93
Chuck Ebbert
cebbert at fedoraproject.org
Sat Sep 26 16:20:46 UTC 2009
- Previous message (by thread): rpms/rubygem-rails/F-11 rubygem-rails.spec,1.14,1.15
- Next message (by thread): rpms/rmol/devel .cvsignore, 1.5, 1.6 import.log, 1.7, 1.8 rmol.spec, 1.7, 1.8 sources, 1.8, 1.9
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: cebbert
Update of /cvs/pkgs/rpms/kernel/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv570
Modified Files:
Tag: private-fedora-10-2_6_27
kernel.spec
Added Files:
Tag: private-fedora-10-2_6_27
kvm-x86-disallow-hypercalls-for-guest-callers-in-rings-0.patch
Log Message:
Backport "KVM: x86: Disallow hypercalls for guest callers in rings > 0"
kvm-x86-disallow-hypercalls-for-guest-callers-in-rings-0.patch:
arch/x86/kvm/x86.c | 6 ++++++
include/linux/kvm_para.h | 1 +
2 files changed, 7 insertions(+)
--- NEW FILE kvm-x86-disallow-hypercalls-for-guest-callers-in-rings-0.patch ---
>From 07708c4af1346ab1521b26a202f438366b7bcffd Mon Sep 17 00:00:00 2001
From: Jan Kiszka <jan.kiszka at siemens.com>
Date: Mon, 3 Aug 2009 18:43:28 +0200
Subject: KVM: x86: Disallow hypercalls for guest callers in rings > 0
From: Jan Kiszka <jan.kiszka at siemens.com>
[ backport to 2.6.27 by <cebbert at redhat.com> ]
commit 07708c4af1346ab1521b26a202f438366b7bcffd upstream.
So far unprivileged guest callers running in ring 3 can issue, e.g., MMU
hypercalls. Normally, such callers cannot provide any hand-crafted MMU
command structure as it has to be passed by its physical address, but
they can still crash the guest kernel by passing random addresses.
To close the hole, this patch considers hypercalls valid only if issued
from guest ring 0. This may still be relaxed on a per-hypercall base in
the future once required.
Signed-off-by: Jan Kiszka <jan.kiszka at siemens.com>
Signed-off-by: Avi Kivity <avi at redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
---
arch/x86/kvm/x86.c | 6 ++++++
include/linux/kvm_para.h | 1 +
2 files changed, 7 insertions(+)
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -2576,6 +2576,11 @@ int kvm_emulate_hypercall(struct kvm_vcp
a3 &= 0xFFFFFFFF;
}
+ if (kvm_x86_ops->get_cpl(vcpu) != 0) {
+ ret = -KVM_EPERM;
+ goto out;
+ }
+
switch (nr) {
case KVM_HC_VAPIC_POLL_IRQ:
ret = 0;
@@ -2587,6 +2592,7 @@ int kvm_emulate_hypercall(struct kvm_vcp
ret = -KVM_ENOSYS;
break;
}
+out:
vcpu->arch.regs[VCPU_REGS_RAX] = ret;
kvm_x86_ops->decache_regs(vcpu);
++vcpu->stat.hypercalls;
--- a/include/linux/kvm_para.h
+++ b/include/linux/kvm_para.h
@@ -13,6 +13,7 @@
#define KVM_ENOSYS 1000
#define KVM_EFAULT EFAULT
#define KVM_E2BIG E2BIG
+#define KVM_EPERM EPERM
#define KVM_HC_VAPIC_POLL_IRQ 1
#define KVM_HC_MMU_OP 2
Index: kernel.spec
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/F-10/kernel.spec,v
retrieving revision 1.1206.2.92
retrieving revision 1.1206.2.93
diff -u -p -r1.1206.2.92 -r1.1206.2.93
--- kernel.spec 24 Sep 2009 20:02:57 -0000 1.1206.2.92
+++ kernel.spec 26 Sep 2009 16:20:45 -0000 1.1206.2.93
@@ -783,6 +783,9 @@ Patch15000: linux-2.6-ppc64-vs-broadcom.
Patch15001: linux-2.6-ppc64-vs-broadcom-lmb-no-init-1.patch
Patch15002: linux-2.6-ppc64-vs-broadcom-lmb-no-init-2.patch
+# kvm hypercall must be from cpl0 on guest
+Patch15100: kvm-x86-disallow-hypercalls-for-guest-callers-in-rings-0.patch
+
%endif
BuildRoot: %{_tmppath}/kernel-%{KVERREL}-root
@@ -1415,6 +1418,9 @@ ApplyPatch linux-2.6-ppc64-vs-broadcom.p
ApplyPatch linux-2.6-ppc64-vs-broadcom-lmb-no-init-1.patch
ApplyPatch linux-2.6-ppc64-vs-broadcom-lmb-no-init-2.patch
+# kvm hypercall must be from cpl0 on guest
+ApplyPatch kvm-x86-disallow-hypercalls-for-guest-callers-in-rings-0.patch
+
# END OF PATCH APPLICATIONS
%endif
@@ -1990,6 +1996,9 @@ fi
%kernel_variant_files -k vmlinux %{with_kdump} kdump
%changelog
+* Sat Sep 26 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.27.35-170.2.93
+- Backport "KVM: x86: Disallow hypercalls for guest callers in rings > 0"
+
* Thu Sep 24 2009 Chuck Ebbert <cebbert at redhat.com> 2.6.27.35-170.2.92
- Linux 2.6.27.35
- Drop merged patches:
- Previous message (by thread): rpms/rubygem-rails/F-11 rubygem-rails.spec,1.14,1.15
- Next message (by thread): rpms/rmol/devel .cvsignore, 1.5, 1.6 import.log, 1.7, 1.8 rmol.spec, 1.7, 1.8 sources, 1.8, 1.9
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list