[PATCH v1 0/2] Plug ARMv7 KVM Debug Exploit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

These two patches where the start a longer series Zhichao had started
to support hardware debugging in KVM. They plug a fairly serious bug
which meant a guest could mess with the debug state and affect the
host.

With these patches applied the guest can still do normal debugging
using software breakpoints but attempts to use the hardware registers
are ignored.

The only real changes I've made have been converting to the new C
based world switch and the subsequent testing. The remaining patches
in the series will take a bit more work and I guess depends on how
many KVM guests actually need to use HW breakpoints and watchpoints.
The code is a little more hairy on ARMv7 compared to ARMv8 due to
complications accessing things like DBGDSCR.

Cheers,

Alex.

Zhichao Huang (2):
  KVM: arm: plug guest debug exploit
  KVM: arm: rename pm_fake handler to trap_raz_wi

 arch/arm/include/asm/kvm_coproc.h |   3 +-
 arch/arm/kvm/coproc.c             | 110 ++++++++++++++++++++++++++------------
 arch/arm/kvm/handle_exit.c        |   4 +-
 arch/arm/kvm/hyp/switch.c         |   4 +-
 4 files changed, 83 insertions(+), 38 deletions(-)

-- 
2.11.0




[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux