|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] HVMOP_guest_request_vm_event only works from guest in ring0
On 03/08/2016 21:37, Bread Cutter wrote:
> Hello all,
>
> I'm writing an executable that runs inside of a guest, and I planned
> to use vmcall to talk to a tool running in Dom0, using the vm_event
> API. It didn't work, and looking through the code, the first thing
> hvm_do_hypercall() does is check if the guest is in ring0. If not, it
> returns EPERM and exits.
>
> In the case of HVMOP_guest_request_vm_event, I'd rather it be up to my
> code if a call can be made from CPL>0. Is this done intentionally?
In general, allowing hypercalls from user context is unsafe, and the
subject of several arguments in the past.
However, in this specific case there are plenty of ways for userspace to
get the attention of an introspection agent, although in inefficient
ways. As such, blocking access is pointless. In XenServer, we have
whitelisted that specific hypercall.
You want something like:
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index c1b8392..c7a2cdf 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -5194,8 +5194,14 @@ int hvm_do_hypercall(struct cpu_user_regs *regs)
switch ( mode )
{
case 8:
+ if ( eax == __HYPERVISOR_hvm_op &&
+ regs->rdi == HVMOP_guest_request_vm_event )
+ break;
case 4:
case 2:
+ if ( eax == __HYPERVISOR_hvm_op &&
+ regs->ebx == HVMOP_guest_request_vm_event )
+ break;
hvm_get_segment_register(curr, x86_seg_ss, &sreg);
if ( unlikely(sreg.attr.fields.dpl) )
{
~Andrew
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |