From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jan =?ISO-8859-1?Q?L=FCbbe?= Subject: Re: [PATCH 04/47] KVM: x86: Disallow hypercalls for guest callers in rings > 0 Date: Wed, 30 Sep 2009 08:58:15 +0200 Message-ID: <1254293895.5468.2775.camel@localhost> References: <1251282609-12835-1-git-send-email-avi@redhat.com> <1251282609-12835-5-git-send-email-avi@redhat.com> Mime-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit To: kvm@vger.kernel.org Return-path: Received: from sirius.lasnet.de ([78.47.116.19]:45620 "EHLO sirius.lasnet.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752926AbZI3H1e (ORCPT ); Wed, 30 Sep 2009 03:27:34 -0400 Received: from f053153089.adsl.alicedsl.de ([78.53.153.89] helo=[192.168.178.36]) by sirius.lasnet.de with esmtpsa (Cipher TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63 #1) id 1Mst8i-0005yx-7P by authid with cram_md5 for ; Wed, 30 Sep 2009 08:58:19 +0200 In-Reply-To: <1251282609-12835-5-git-send-email-avi@redhat.com> Sender: kvm-owner@vger.kernel.org List-ID: Hi! On Wed, 2009-08-26 at 13:29 +0300, Avi Kivity wrote: > From: Jan Kiszka > > So far unprivileged guest callers running in ring 3 can issue, e.g., MMU > hypercalls. Normally, such callers cannot provide any hand-crafted MMU > command structure as it has to be passed by its physical address, but > they can still crash the guest kernel by passing random addresses. > > To close the hole, this patch considers hypercalls valid only if issued > from guest ring 0. This may still be relaxed on a per-hypercall base in > the future once required. Does kvm-72 (used by Debian and Ubuntu in stable releases) have the problem? If yes, would the approach in this fix also work there? Thanks, Jan