From mboxrd@z Thu Jan  1 00:00:00 1970
From: Avi Kivity <avi@redhat.com>
Subject: Re: [PATCH v2] KVM: x86: Disallow hypercalls for guest callers in
 rings > 0
Date: Tue, 04 Aug 2009 15:00:57 +0300
Message-ID: <4A7822F9.7030706@redhat.com>
References: <4A76EA7B.4080509@siemens.com> <4A76F3D5.20703@redhat.com> <4A7713B0.8080803@siemens.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 7bit
Cc: kvm-devel <kvm@vger.kernel.org>
To: Jan Kiszka <jan.kiszka@siemens.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx2.redhat.com ([66.187.237.31]:58928 "EHLO mx2.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1753281AbZHDLzh (ORCPT <rfc822;kvm@vger.kernel.org>);
	Tue, 4 Aug 2009 07:55:37 -0400
In-Reply-To: <4A7713B0.8080803@siemens.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On 08/03/2009 07:43 PM, Jan Kiszka wrote:
>
> Yes, that's much nicer.
>
> --------->
>
> So far unprivileged guest callers running in ring 3 can issue, e.g., MMU
> hypercalls. Normally, such callers cannot provide any hand-crafted MMU
> command structure as it has to be passed by its physical address, but
> they can still crash the guest kernel by passing random addresses.
>
> To close the hole, this patch considers hypercalls valid only if issued
> from guest ring 0. This may still be relaxed on a per-hypercall base in
> the future once required.
>
> Changes v1 ->  v2:
>   - use kvm_x86_ops->get_cpl() in favor of kvm_get_segment()
>
>    

Applied, thanks.

-- 
error compiling committee.c: too many arguments to function