Hi Jim, 2017-12-02 2:21 GMT+08:00 Jim Mattson <jmattson@xxxxxxxxxx>: > From: Andrew Honig <ahonig@xxxxxxxxxx> > > This fixes CVE-2017-1000407. Do you observe a real issue on recent Intel boxes? In addition, how to reproduce? Actually there is a testcase in kvm-unit-tests which can run 10 million times ioport 0x80 write and I didn't observe any issue before. :) Regards, Wanpeng Li > > KVM allows guests to directly access I/O port 0x80 on Intel hosts. If > the guest floods this port with writes it generates exceptions and > instability in the host kernel, leading to a crash. With this change > guest writes to port 0x80 on Intel will behave the same as they > currently behave on AMD systems. > > Prevent the flooding by removing the code that sets port 0x80 as a > passthrough port. This is essentially the same as upstream patch > 99f85a28a78e96d28907fe036e1671a218fee597, except that patch was > for AMD chipsets and this patch is for Intel. > > Signed-off-by: Andrew Honig <ahonig@xxxxxxxxxx> > Signed-off-by: Jim Mattson <jmattson@xxxxxxxxxx> > --- > arch/x86/kvm/vmx.c | 5 ----- > 1 file changed, 5 deletions(-) > > diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c > index d2b452d66363..d16abd1808eb 100644 > --- a/arch/x86/kvm/vmx.c > +++ b/arch/x86/kvm/vmx.c > @@ -6753,12 +6753,7 @@ static __init int hardware_setup(void) > memset(vmx_vmread_bitmap, 0xff, PAGE_SIZE); > memset(vmx_vmwrite_bitmap, 0xff, PAGE_SIZE); > > - /* > - * Allow direct access to the PC debug port (it is often used for I/O > - * delays, but the vmexits simply slow things down). > - */ > memset(vmx_io_bitmap_a, 0xff, PAGE_SIZE); > - clear_bit(0x80, vmx_io_bitmap_a); > > memset(vmx_io_bitmap_b, 0xff, PAGE_SIZE); > > -- > 2.15.0.531.g2ccb3012c9-goog >
