kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access - kernel/linux.git

diff options

author	Paolo Bonzini <pbonzini@redhat.com>	2018-06-06 18:38:09 +0300
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2018-06-16 10:18:20 +0300
commit	0c950f7417267db597e73170d7694ba7f09f77a0 (patch)
tree	24afa9d28ba493c188967aed9d832378f5ac597d /lib/locking-selftest-rsem.h
parent	3842b793ee401393f2befdd39d22d1fea6b5c5a2 (diff)
download	linux-0c950f7417267db597e73170d7694ba7f09f77a0.tar.xz

kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access

commit 3c9fa24ca7c9c47605672916491f79e8ccacb9e6 upstream. The functions that were used in the emulation of fxrstor, fxsave, sgdt and sidt were originally meant for task switching, and as such they did not check privilege levels. This is very bad when the same functions are used in the emulation of unprivileged instructions. This is CVE-2018-10853. The obvious fix is to add a new argument to ops->read_std and ops->write_std, which decides whether the access is a "system" access or should use the processor's CPL. Fixes: 129a72a0d3c8 ("KVM: x86: Introduce segmented_write_std", 2017-01-12) Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'lib/locking-selftest-rsem.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: