summaryrefslogtreecommitdiffstats
path: root/arch/x86/include
diff options
context:
space:
mode:
authorJan Kiszka <jan.kiszka@siemens.com>2009-08-03 18:43:28 +0200
committerAvi Kivity <avi@redhat.com>2009-09-10 08:33:20 +0300
commit07708c4af1346ab1521b26a202f438366b7bcffd (patch)
tree23c82057ddea6d47e74b3db6619e6098b81651b2 /arch/x86/include
parentb90c062c65cc8839edfac39778a37a55ca9bda36 (diff)
downloadkernel-crypto-07708c4af1346ab1521b26a202f438366b7bcffd.tar.gz
kernel-crypto-07708c4af1346ab1521b26a202f438366b7bcffd.tar.xz
kernel-crypto-07708c4af1346ab1521b26a202f438366b7bcffd.zip
KVM: x86: Disallow hypercalls for guest callers in rings > 0
So far unprivileged guest callers running in ring 3 can issue, e.g., MMU hypercalls. Normally, such callers cannot provide any hand-crafted MMU command structure as it has to be passed by its physical address, but they can still crash the guest kernel by passing random addresses. To close the hole, this patch considers hypercalls valid only if issued from guest ring 0. This may still be relaxed on a per-hypercall base in the future once required. Cc: stable@kernel.org Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Avi Kivity <avi@redhat.com>
Diffstat (limited to 'arch/x86/include')
0 files changed, 0 insertions, 0 deletions