From mboxrd@z Thu Jan 1 00:00:00 1970 From: Paolo Bonzini Subject: Re: [Question] Switching VCPU CPL from the hypervisor ? Date: Tue, 15 Dec 2015 17:53:12 +0100 Message-ID: <56704578.8080803@redhat.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit To: Yacine HEBBAL , kvm@vger.kernel.org Return-path: Received: from mail-wm0-f44.google.com ([74.125.82.44]:36943 "EHLO mail-wm0-f44.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932408AbbLOQxP (ORCPT ); Tue, 15 Dec 2015 11:53:15 -0500 Received: by mail-wm0-f44.google.com with SMTP id n186so35131844wmn.0 for ; Tue, 15 Dec 2015 08:53:15 -0800 (PST) In-Reply-To: Sender: kvm-owner@vger.kernel.org List-ID: On 15/12/2015 17:20, Yacine HEBBAL wrote: > Hi, > I working on an application in which I control an arbitrary process to > execute an a given code (injected code for example). I want the process I'm > controlling to execute my code with root privilege. Is it possible to > arbitrary switch vcpu cpl to 0 from the hypervisor level (process is in user > mode) ? I'm aware that I can do this using some hacks and emulation or by > controlling the process just after it enters or just before it quits kernel > mode (but I need to wait and intercept these events). Is there a > straightforward technique to switch vcpu cpl from the hypervisor level at > demand ? Would a hypercall do? VMCALL can be executed from CPL 3. Paolo