Date: Fri, 27 Oct 2017 16:25:03 +1100 From: Paul Mackerras <paulus@...abs.org> To: Paolo Bonzini <pbonzini@...hat.com> Cc: linux-kernel@...r.kernel.org, kvm@...r.kernel.org, Christoffer Dall <christoffer.dall@...aro.org>, Marc Zyngier <marc.zyngier@....com>, Christian Borntraeger <borntraeger@...ibm.com>, Cornelia Huck <cohuck@...hat.com>, James Hogan <james.hogan@...tec.com>, kernel-hardening@...ts.openwall.com, Kees Cook <keescook@...omium.org>, Radim Krčmář <rkrcmar@...hat.com> Subject: Re: [PATCH v2 0/2] KVM: fixes for the kernel-hardening tree On Thu, Oct 26, 2017 at 03:45:45PM +0200, Paolo Bonzini wrote: > Four KVM ioctls (KVM_GET/SET_CPUID2 on x86, KVM_GET/SET_ONE_REG on > ARM and s390) directly access the kvm_vcpu_arch struct. Therefore, the > new usercopy hardening work in linux-next, which forbids copies from and > to slab objects unless they are from kmalloc or explicitly whitelisted, > breaks KVM on those architectures. > > The kvm_vcpu_arch struct is embedded in the kvm_vcpu struct and the > corresponding slab cache is allocated by architecture-independent code. > It is enough, for simplicity, to whitelist the whole sub-struct and > only touch one place of the KVM code. Later, any further restrictions > can be applied in the KVM tree. I checked arch/powerpc/kvm, and all the copy_to/from_user calls are accessing the stack or memory allocated with kzalloc or kvzalloc, so if I understand correctly, we should be OK there. Paul.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.