|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v2] x86/hvm: Allow the guest to permit the use of userspace hypercalls
>>> On 11.01.16 at 17:51, <andrew.cooper3@xxxxxxxxxx> wrote:
> Currently, hypercalls issued from HVM userspace will unconditionally fail
> with
> -EPERM.
>
> This is inflexible, and a guest may wish to allow userspace to make
> hypercalls.
>
> Introduce HVMOP_set_hypercall_dpl which allows the guest to alter the
> permissions check for hypercalls. It behaves exactly like the dpl field for
> GDT/LDT/IDT entries.
>
> As the dpl is initialised to 0, hypercalls are restricted to cpl0 code until
> the OS explicitly chooses an alternative.
>
> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> --
> CC: Jan Beulich <JBeulich@xxxxxxxx>
> CC: Ian Campbell <ian.campbell@xxxxxxxxxx>
> CC: Stefano Stabellini <stefano.stabellini@xxxxxxxxxx>
>
> v2:
> * Fix rcu lock and dpl check.
That's a bold statement considering ...
> @@ -6839,6 +6840,31 @@ long do_hvm_op(unsigned long op,
> XEN_GUEST_HANDLE_PARAM(void) arg)
> rc = do_altp2m_op(arg);
> break;
>
> + case HVMOP_set_hypercall_dpl:
> + {
> + xen_hvm_hypercall_dpl_t a;
> + struct domain *d;
> +
> + if ( copy_from_guest(&a, arg, 1 ) )
> + return -EFAULT;
> +
> + d = rcu_lock_domain_by_any_id(a.domid);
> + if ( d == NULL )
> + return -ESRCH;
> +
> + if ( current->domain != d )
> + return -EPERM;
> +
> + if ( !is_hvm_domain(d) )
> + return -EINVAL;
> +
> + if ( a.dpl > 3 )
> + return -EDOM;
> +
> + d->arch.hvm_domain.hypercall_dpl = a.dpl;
> + break;
> + }
... there's no unlock anywhere here.
Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |