On 16/09/15 15:35, Alex Bennée wrote:
>
> Christoffer Dall <christoffer.dall@xxxxxxxxxx> writes:
>
>> On Wed, Sep 16, 2015 at 11:41:10AM +0100, Marc Zyngier wrote:
>>> When setting the debug register from userspace, make sure that
>>> copy_from_user() is called with its parameters in the expected
>>> order. It otherwise doesn't do what you think.
>>>
>>> Reported-by: Peter Maydell <peter.maydell@xxxxxxxxxx>
>>> Cc: Alex Bennée <alex.bennee@xxxxxxxxxx>
>>> Fixes: 84e690bfbed1 ("KVM: arm64: introduce vcpu->arch.debug_ptr")
>>> Signed-off-by: Marc Zyngier <marc.zyngier@xxxxxxx>
>>
>> yikes!
>
> OK I'm now muchly confused as to how it could have worked...
Well, we only write the registers at boot time, and corrupting userspace
did go unnoticed. I was only able to reproduce this on a model with PAN
enabled.
Copy-paste bug.
M.
--
Jazz is not dead. It just smells funny...
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
