freebsd-skq

History

royger 2a27cb2b69 xen: temporary disable SMAP when forwarding hypercalls from user-space The Xen page-table walker used to resolve the virtual addresses in the hypercalls will refuse to access user-space pages when SMAP is enabled unless the AC flag in EFLAGS is set (just like normal hardware with SMAP support would do). Since privcmd allows forwarding hypercalls (and buffers) from user-space into Xen make sure SMAP is temporary disabled for the duration of the hypercall from user-space. Approved by: re (gjb) Sponsored by: Citrix Systems R&D	2018-09-13 07:15:02 +00:00
..
privcmd.c

royger 2a27cb2b69 xen: temporary disable SMAP when forwarding hypercalls from user-space

The Xen page-table walker used to resolve the virtual addresses in the
hypercalls will refuse to access user-space pages when SMAP is enabled
unless the AC flag in EFLAGS is set (just like normal hardware with
SMAP support would do).

Since privcmd allows forwarding hypercalls (and buffers) from
user-space into Xen make sure SMAP is temporary disabled for the
duration of the hypercall from user-space.

Approved by:		re (gjb)
Sponsored by:		Citrix Systems R&D

2018-09-13 07:15:02 +00:00

privcmd.c