KVM: VMX: Check cpl before emulating debug register access
authorAvi Kivity <avi@redhat.com>
Tue, 1 Sep 2009 09:03:25 +0000 (12:03 +0300)
committerAvi Kivity <avi@redhat.com>
Thu, 10 Sep 2009 15:11:10 +0000 (18:11 +0300)
Debug registers may only be accessed from cpl 0.  Unfortunately, vmx will
code to emulate the instruction even though it was issued from guest
userspace, possibly leading to an unexpected trap later.

Cc: stable@kernel.org
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
arch/x86/include/asm/kvm_host.h
arch/x86/kvm/vmx.c
arch/x86/kvm/x86.c

index e8f166a02c79c6a978391acb6ae892507358f09d..3be000435fadd763c806460d54a6c0893a1245fa 100644 (file)
@@ -620,6 +620,7 @@ void kvm_queue_exception(struct kvm_vcpu *vcpu, unsigned nr);
 void kvm_queue_exception_e(struct kvm_vcpu *vcpu, unsigned nr, u32 error_code);
 void kvm_inject_page_fault(struct kvm_vcpu *vcpu, unsigned long cr2,
                           u32 error_code);
+bool kvm_require_cpl(struct kvm_vcpu *vcpu, int required_cpl);
 
 int kvm_pic_set_irq(void *opaque, int irq, int level);
 
index cc6e00a9f724cc14c830f78c07e7af8683344371..f3812014bd0b3e4d04ecd5c0645eb0dad9baa0e9 100644 (file)
@@ -2934,6 +2934,8 @@ static int handle_dr(struct kvm_vcpu *vcpu, struct kvm_run *kvm_run)
        unsigned long val;
        int dr, reg;
 
+       if (!kvm_require_cpl(vcpu, 0))
+               return 1;
        dr = vmcs_readl(GUEST_DR7);
        if (dr & DR7_GD) {
                /*
index 7627ff607a90cb15def2e0cfa42af09bf9f002cd..4137cc579ba59b9a916885c950e551e33a441077 100644 (file)
@@ -222,6 +222,19 @@ void kvm_queue_exception_e(struct kvm_vcpu *vcpu, unsigned nr, u32 error_code)
 }
 EXPORT_SYMBOL_GPL(kvm_queue_exception_e);
 
+/*
+ * Checks if cpl <= required_cpl; if true, return true.  Otherwise queue
+ * a #GP and return false.
+ */
+bool kvm_require_cpl(struct kvm_vcpu *vcpu, int required_cpl)
+{
+       if (kvm_x86_ops->get_cpl(vcpu) <= required_cpl)
+               return true;
+       kvm_queue_exception_e(vcpu, GP_VECTOR, 0);
+       return false;
+}
+EXPORT_SYMBOL_GPL(kvm_require_cpl);
+
 /*
  * Load the pae pdptrs.  Return true is they are all valid.
  */