Google Git
Sign in
kernel / pub / scm / linux / kernel / git / kvms390 / linux / 3c9fa24ca7c9c47605672916491f79e8ccacb9e6
commit3c9fa24ca7c9c47605672916491f79e8ccacb9e6[log] [tgz]
authorPaolo Bonzini <pbonzini@redhat.com>Wed Jun 06 17:38:09 2018 +0200
committerPaolo Bonzini <pbonzini@redhat.com>Tue Jun 12 15:06:34 2018 +0200
tree938330204174cabc88a26f00f72ce8652bcb49c0
parentce14e868a54edeb2e30cb7a7b104a2fc4b9d76ca [diff]
kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access

The functions that were used in the emulation of fxrstor, fxsave, sgdt and
sidt were originally meant for task switching, and as such they did not
check privilege levels.  This is very bad when the same functions are used
in the emulation of unprivileged instructions.  This is CVE-2018-10853.

The obvious fix is to add a new argument to ops->read_std and ops->write_std,
which decides whether the access is a "system" access or should use the
processor's CPL.

Fixes: 129a72a0d3c8 ("KVM: x86: Introduce segmented_write_std", 2017-01-12)
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
3 files changed
tree: 938330204174cabc88a26f00f72ce8652bcb49c0
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. LICENSES/
  15. mm/
  16. net/
  17. samples/
  18. scripts/
  19. security/
  20. sound/
  21. tools/
  22. usr/
  23. virt/
  24. .clang-format
  25. .cocciconfig
  26. .get_maintainer.ignore
  27. .gitattributes
  28. .gitignore
  29. .mailmap
  30. COPYING
  31. CREDITS
  32. Kbuild
  33. Kconfig
  34. MAINTAINERS
  35. Makefile
  36. README