| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 26 Jun 2017 14:05:48 +0200
From: Juergen Groß <jgross@...e.com>
To: Marek Marczykowski-Górecki
<marmarek@...isiblethingslab.com>, xen-devel@...ts.xenproject.org
Cc: Boris Ostrovsky <boris.ostrovsky@...cle.com>,
Andrew Cooper <andrew.cooper3@...rix.com>, x86@...nel.org,
linux-kernel@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [PATCH] x86/xen: allow userspace access during hypercalls
On 06/23/2017 02:47 PM, Marek Marczykowski-Górecki wrote:
> Userspace application can do a hypercall through /dev/xen/privcmd, and
> some for some hypercalls argument is a pointers to user-provided
> structure. When SMAP is supported and enabled, hypervisor can't access.
> So, lets allow it.
What about HYPERVISOR_dm_op?
Juergen
>
> Cc: stable@...r.kernel.org
> Signed-off-by: Marek Marczykowski-Górecki <marmarek@...isiblethingslab.com>
> ---
> arch/x86/include/asm/xen/hypercall.h | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/arch/x86/include/asm/xen/hypercall.h b/arch/x86/include/asm/xen/hypercall.h
> index f6d20f6..a1d2c5d 100644
> --- a/arch/x86/include/asm/xen/hypercall.h
> +++ b/arch/x86/include/asm/xen/hypercall.h
> @@ -43,6 +43,7 @@
>
> #include <asm/page.h>
> #include <asm/pgtable.h>
> +#include <asm/smap.h>
>
> #include <xen/interface/xen.h>
> #include <xen/interface/sched.h>
> @@ -214,10 +215,12 @@ privcmd_call(unsigned call,
> __HYPERCALL_DECLS;
> __HYPERCALL_5ARG(a1, a2, a3, a4, a5);
>
> + stac();
> asm volatile("call *%[call]"
> : __HYPERCALL_5PARAM
> : [call] "a" (&hypercall_page[call])
> : __HYPERCALL_CLOBBER5);
> + clac();
>
> return (long)__res;
> }
>
Powered by blists - more mailing lists