path: root/sys/dev
diff options
authorRoger Pau Monné <royger@FreeBSD.org>2018-09-13 07:15:02 +0000
committerRoger Pau Monné <royger@FreeBSD.org>2018-09-13 07:15:02 +0000
commit5ff6c7f3638411bf7e82dedd57f0f7cba57bc77d (patch)
treedcad59ab0b534bf2fc8d76e04d4735a557d1ce0f /sys/dev
parenta74cdf4e747667a8d7db4dcdc57cf97db822444d (diff)
xen: temporary disable SMAP when forwarding hypercalls from user-space
The Xen page-table walker used to resolve the virtual addresses in the hypercalls will refuse to access user-space pages when SMAP is enabled unless the AC flag in EFLAGS is set (just like normal hardware with SMAP support would do). Since privcmd allows forwarding hypercalls (and buffers) from user-space into Xen make sure SMAP is temporary disabled for the duration of the hypercall from user-space. Approved by: re (gjb) Sponsored by: Citrix Systems R&D
Notes: svn path=/head/; revision=338632
Diffstat (limited to 'sys/dev')
1 files changed, 13 insertions, 1 deletions
diff --git a/sys/dev/xen/privcmd/privcmd.c b/sys/dev/xen/privcmd/privcmd.c
index 246390e3b7c2..e09886f42adb 100644
--- a/sys/dev/xen/privcmd/privcmd.c
+++ b/sys/dev/xen/privcmd/privcmd.c
@@ -232,9 +232,21 @@ privcmd_ioctl(struct cdev *dev, unsigned long cmd, caddr_t arg,
struct ioctl_privcmd_hypercall *hcall;
hcall = (struct ioctl_privcmd_hypercall *)arg;
+#ifdef __amd64__
+ /*
+ * The hypervisor page table walker will refuse to access
+ * user-space pages if SMAP is enabled, so temporary disable it
+ * while performing the hypercall.
+ */
+ if (cpu_stdext_feature & CPUID_STDEXT_SMAP)
+ stac();
error = privcmd_hypercall(hcall->op, hcall->arg[0],
hcall->arg[1], hcall->arg[2], hcall->arg[3], hcall->arg[4]);
+#ifdef __amd64__
+ if (cpu_stdext_feature & CPUID_STDEXT_SMAP)
+ clac();
if (error >= 0) {
hcall->retval = error;
error = 0;