kvm: whitelist struct kvm_vcpu_arch - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Paolo Bonzini <[email protected]>	2017-10-26 15:45:46 +0200
committer	Kees Cook <[email protected]>	2018-01-15 12:08:07 -0800
commit	46515736f8687c5dbde5637ca2f2678055c9c0f7 (patch)
tree	dc606a9321bb99525c243973734447d2c8cd1b4a /net/unix/sysctl_net_unix.c
parent	08626a6056aad824c43d34ce587ab2b01f49d1a4 (diff)

kvm: whitelist struct kvm_vcpu_arch

On x86, ARM and s390, struct kvm_vcpu_arch has a usercopy region that is read and written by the KVM_GET/SET_CPUID2 ioctls (x86) or KVM_GET/SET_ONE_REG (ARM/s390). Without whitelisting the area, KVM is completely broken on those architectures with usercopy hardening enabled. For now, allow writing to the entire struct on all architectures. The KVM tree will not refine this to an architecture-specific subset of struct kvm_vcpu_arch. Cc: [email protected] Cc: Kees Cook <[email protected]> Cc: Christian Borntraeger <[email protected]> Cc: Christoffer Dall <[email protected]> Cc: Radim Krčmář <[email protected]> Signed-off-by: Paolo Bonzini <[email protected]> Acked-by: Christoffer Dall <[email protected]> Acked-by: Marc Zyngier <[email protected]> Acked-by: Christian Borntraeger <[email protected]> Signed-off-by: Kees Cook <[email protected]>

Diffstat (limited to 'net/unix/sysctl_net_unix.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: