The SYSENTER instruction jumps to a pre-programmed address at
privilege level 0. We must not allow execution of guest code at that
privilege level, so disable sysenter when we enter the guest (and
re-enable it on return). This fixes current case where guest
userspace can crash host.
This save/restore adds 3% to guest context switch times. (If only
there were some kind of scheduler hook or something which would tell
us when we were being preempted so we could fix this up lazily. But
what kind of daredevil coder would propose such a thing?)
Signed-off-by: Rusty Russell <[email protected]>
---
drivers/lguest/core.c | 7 +++++++
1 file changed, 7 insertions(+)
===================================================================
--- a/drivers/lguest/core.c
+++ b/drivers/lguest/core.c
@@ -338,6 +338,10 @@ int run_guest(struct lguest *lg, unsigne
if (lg->ts)
set_ts();
+ /* Don't let Guest do SYSENTER: we can't handle it. */
+ if (boot_cpu_has(X86_FEATURE_SEP))
+ wrmsr(MSR_IA32_SYSENTER_CS, 0, 0);
+
run_guest_once(lg, lguest_pages(raw_smp_processor_id()));
/* Save cr2 now if we page-faulted. */
@@ -345,6 +349,9 @@ int run_guest(struct lguest *lg, unsigne
cr2 = read_cr2();
else if (lg->regs->trapnum == 7)
math_state_restore();
+
+ if (boot_cpu_has(X86_FEATURE_SEP))
+ wrmsr(MSR_IA32_SYSENTER_CS, __KERNEL_CS, 0);
local_irq_enable();
switch (lg->regs->trapnum) {
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
