diff options
| author | Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> | 2017-06-26 14:49:46 +0200 |
|---|---|---|
| committer | Sasha Levin <alexander.levin@verizon.com> | 2017-09-10 10:59:17 -0400 |
| commit | bf6f66de890795c43c6d3a1f73b1f37a84e9e74a (patch) | |
| tree | c37bd68004cf387709c1381d792331a899d923a0 /arch | |
| parent | 1799763df3b6d47d6f5f267a6e8974cd5b7e8adb (diff) | |
x86/xen: allow userspace access during hypercalls
[ Upstream commit c54590cac51db8ab5fd30156bdaba34af915e629 ]
Userspace application can do a hypercall through /dev/xen/privcmd, and
some for some hypercalls argument is a pointers to user-provided
structure. When SMAP is supported and enabled, hypervisor can't access.
So, lets allow it.
The same applies to HYPERVISOR_dm_op, where additionally privcmd driver
carefully verify buffer addresses.
Cc: stable@vger.kernel.org
Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
Diffstat (limited to 'arch')
| -rw-r--r-- | arch/x86/include/asm/xen/hypercall.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/arch/x86/include/asm/xen/hypercall.h b/arch/x86/include/asm/xen/hypercall.h index ca08a27b90b3..4ad5a91aea79 100644 --- a/arch/x86/include/asm/xen/hypercall.h +++ b/arch/x86/include/asm/xen/hypercall.h @@ -43,6 +43,7 @@ #include <asm/page.h> #include <asm/pgtable.h> +#include <asm/smap.h> #include <xen/interface/xen.h> #include <xen/interface/sched.h> @@ -213,10 +214,12 @@ privcmd_call(unsigned call, __HYPERCALL_DECLS; __HYPERCALL_5ARG(a1, a2, a3, a4, a5); + stac(); asm volatile("call *%[call]" : __HYPERCALL_5PARAM : [call] "a" (&hypercall_page[call]) : __HYPERCALL_CLOBBER5); + clac(); return (long)__res; } |