Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752390AbdFZMu1 (ORCPT ); Mon, 26 Jun 2017 08:50:27 -0400 Received: from out3-smtp.messagingengine.com ([66.111.4.27]:50485 "EHLO out3-smtp.messagingengine.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752198AbdFZMuH (ORCPT ); Mon, 26 Jun 2017 08:50:07 -0400 X-ME-Sender: X-Sasl-enc: aZmr3L7XBH6htkSnLalxMCaeMHOoipJHiTKHFTb50wS+ 1498481405 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= To: xen-devel@lists.xenproject.org Cc: Boris Ostrovsky , Juergen Gross , Andrew Cooper , x86@kernel.org, linux-kernel@vger.kernel.org, =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= , stable@vger.kernel.org Subject: [PATCH v2] x86/xen: allow userspace access during hypercalls Date: Mon, 26 Jun 2017 14:49:46 +0200 Message-Id: <1498481386-8704-1-git-send-email-marmarek@invisiblethingslab.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <20170626124505.GV1268@mail-itl> References: <20170626124505.GV1268@mail-itl> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Organization: Invisible Things Lab Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1548 Lines: 57 Userspace application can do a hypercall through /dev/xen/privcmd, and some for some hypercalls argument is a pointers to user-provided structure. When SMAP is supported and enabled, hypervisor can't access. So, lets allow it. The same applies to HYPERVISOR_dm_op, where additionally privcmd driver carefully verify buffer addresses. Cc: stable@vger.kernel.org Signed-off-by: Marek Marczykowski-Górecki --- arch/x86/include/asm/xen/hypercall.h | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) Changes since v1: - add HYPERVISOR_dm_op diff --git a/arch/x86/include/asm/xen/hypercall.h b/arch/x86/include/asm/xen/hypercall.h index f6d20f6..32b74a8 100644 --- a/arch/x86/include/asm/xen/hypercall.h +++ b/arch/x86/include/asm/xen/hypercall.h @@ -43,6 +43,7 @@ #include #include +#include #include #include @@ -214,10 +215,12 @@ privcmd_call(unsigned call, __HYPERCALL_DECLS; __HYPERCALL_5ARG(a1, a2, a3, a4, a5); + stac(); asm volatile("call *%[call]" : __HYPERCALL_5PARAM : [call] "a" (&hypercall_page[call]) : __HYPERCALL_CLOBBER5); + clac(); return (long)__res; } @@ -476,7 +479,11 @@ static inline int HYPERVISOR_dm_op( domid_t dom, unsigned int nr_bufs, void *bufs) { - return _hypercall3(int, dm_op, dom, nr_bufs, bufs); + int ret; + stac(); + ret = _hypercall3(int, dm_op, dom, nr_bufs, bufs); + clac(); + return ret; } static inline void -- 2.7.4