KVM: VMX: Check cpl before emulating debug register access

Debug registers may only be accessed from cpl 0. Unfortunately, vmx will code to emulate the instruction even though it was issued from guest userspace, possibly leading to an unexpected trap later. Cc: stable@kernel.org Signed-off-by: Avi Kivity <avi@redhat.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
author: Avi Kivity <avi@redhat.com> 2009-09-01 05:03:25 -0400
committer: Avi Kivity <avi@redhat.com> 2009-09-10 11:11:10 -0400
commit: 0a79b009525b160081d75cef5dbf45817956acf2 (patch)
tree: 86dc2671cbd3326e92c8845ce699bdb651d785b5 /arch/x86/kvm/vmx.c
parent: 4da748960a6bd7b1e123e01bfa8f2dbcb6be209e (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index cc6e00a9f724..f3812014bd0b 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -2934,6 +2934,8 @@ static int handle_dr(struct kvm_vcpu *vcpu, struct kvm_run *kvm_run)
        unsigned long val;
        int dr, reg;
+        if (!kvm_require_cpl(vcpu, 0))
+                return 1;
        dr = vmcs_readl(GUEST_DR7);
        if (dr & DR7_GD) {
                /*
author	Avi Kivity <avi@redhat.com>	2009-09-01 05:03:25 -0400
committer	Avi Kivity <avi@redhat.com>	2009-09-10 11:11:10 -0400
commit	0a79b009525b160081d75cef5dbf45817956acf2 (patch)
tree	86dc2671cbd3326e92c8845ce699bdb651d785b5 /arch/x86/kvm/vmx.c
parent	4da748960a6bd7b1e123e01bfa8f2dbcb6be209e (diff)

diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index cc6e00a9f724..f3812014bd0b 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c
@@ -2934,6 +2934,8 @@ static int handle_dr(struct kvm_vcpu vcpu, struct kvm_run kvm_run)
2934	unsigned long val;	2934	unsigned long val;
2935	int dr, reg;	2935	int dr, reg;
2936		2936
		2937	if (!kvm_require_cpl(vcpu, 0))
		2938	return 1;
2937	dr = vmcs_readl(GUEST_DR7);	2939	dr = vmcs_readl(GUEST_DR7);
2938	if (dr & DR7_GD) {	2940	if (dr & DR7_GD) {
2939	/*	2941	/*