From debb5289c9a237a14370a46c2d5f0d26c1297393 Mon Sep 17 00:00:00 2001
From: Avi Kivity <avi@redhat.com>
Date: Wed, 10 Feb 2010 13:48:13 -0200
Subject: [PATCH 3/3] KVM: VMX: Check cpl before emulating debug register access
RH-Author: Avi Kivity <avi@redhat.com>
Message-id: <1265809693-22625-1-git-send-email-avi@redhat.com>
Patchwork-id: 7030
O-Subject: [PATCH RHEL5.5 EGG-ON-FACE] KVM: VMX: Check cpl before emulating
debug register access
Bugzilla: 563517
RH-Acked-by: Gleb Natapov <gleb@redhat.com>
RH-Acked-by: Juan Quintela <quintela@redhat.com>
RH-Acked-by: Marcelo Tosatti <mtosatti@redhat.com>
Bugzilla: 563517
Upstream: 0a79b00
Debug registers may only be accessed from cpl 0. Unfortunately, vmx will
request to emulate the instruction even though it was issued from guest
userspace, possibly leading to an unexpected trap later.
Cc: stable@kernel.org
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/vmx.c | 2 ++
arch/x86/kvm/x86.c | 13 +++++++++++++
3 files changed, 16 insertions(+), 0 deletions(-)
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
---
arch/x86/include/asm/kvm_host.h | 1 +
arch/x86/kvm/vmx.c | 2 ++
arch/x86/kvm/x86.c | 13 +++++++++++++
3 files changed, 16 insertions(+), 0 deletions(-)
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h
index 8a0a3fa..f0b9976 100644
--- a/arch/x86/include/asm/kvm_host.h
+++ b/arch/x86/include/asm/kvm_host.h
@@ -591,6 +591,7 @@ void kvm_queue_exception(struct kvm_vcpu *vcpu, unsigned nr);
void kvm_queue_exception_e(struct kvm_vcpu *vcpu, unsigned nr, u32 error_code);
void kvm_inject_page_fault(struct kvm_vcpu *vcpu, unsigned long cr2,
u32 error_code);
+bool kvm_require_cpl(struct kvm_vcpu *vcpu, int required_cpl);
int kvm_pic_set_irq(void *opaque, int irq, int level);
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index b1832e4..d76c028 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -2865,6 +2865,8 @@ static int handle_dr(struct kvm_vcpu *vcpu, struct kvm_run *kvm_run)
unsigned long val;
int dr, reg;
+ if (!kvm_require_cpl(vcpu, 0))
+ return 1;
/*
* FIXME: this code assumes the host is debugging the guest.
* need to deal with guest debugging itself too.
diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index 24e4bd5..d4cbf5e 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -254,6 +254,19 @@ static void __queue_exception(struct kvm_vcpu *vcpu)
}
/*
+ * Checks if cpl <= required_cpl; if true, return true. Otherwise queue
+ * a #GP and return false.
+ */
+bool kvm_require_cpl(struct kvm_vcpu *vcpu, int required_cpl)
+{
+ if (kvm_x86_ops->get_cpl(vcpu) <= required_cpl)
+ return true;
+ kvm_queue_exception_e(vcpu, GP_VECTOR, 0);
+ return false;
+}
+EXPORT_SYMBOL_GPL(kvm_require_cpl);
+
+/*
* Load the pae pdptrs. Return true is they are all valid.
*/
int load_pdptrs(struct kvm_vcpu *vcpu, unsigned long cr3)
--
1.6.3.rc4.29.g8146
distrib
>
Scientific%20Linux
>
5x
>
x86_64
>
by-pkgid
>
340e01248478ba8b78a6d4d1809b1eff
>
files
>
488
