projects / platform / kernel / linux-rpi.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 08626a6) | patch
kvm: whitelist struct kvm_vcpu_arch
authorPaolo Bonzini <pbonzini@redhat.com>
Thu, 26 Oct 2017 13:45:46 +0000 (15:45 +0200)
committerKees Cook <keescook@chromium.org>
Mon, 15 Jan 2018 20:08:07 +0000 (12:08 -0800)
commit46515736f8687c5dbde5637ca2f2678055c9c0f7
treedc606a9321bb99525c243973734447d2c8cd1b4atree | snapshot
parent08626a6056aad824c43d34ce587ab2b01f49d1a4commit | diff
kvm: whitelist struct kvm_vcpu_arch

On x86, ARM and s390, struct kvm_vcpu_arch has a usercopy region
that is read and written by the KVM_GET/SET_CPUID2 ioctls (x86)
or KVM_GET/SET_ONE_REG (ARM/s390).  Without whitelisting the area,
KVM is completely broken on those architectures with usercopy hardening
enabled.

For now, allow writing to the entire struct on all architectures.
The KVM tree will not refine this to an architecture-specific
subset of struct kvm_vcpu_arch.

Cc: kernel-hardening@lists.openwall.com
Cc: Kees Cook <keescook@chromium.org>
Cc: Christian Borntraeger <borntraeger@redhat.com>
Cc: Christoffer Dall <cdall@linaro.org>
Cc: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Acked-by: Christoffer Dall <christoffer.dall@linaro.org>
Acked-by: Marc Zyngier <marc.zyngier@arm.com>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
virt/kvm/kvm_main.c diff | blob | history
Domain: System / Kernel;