FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team
Reload this Page KVM: Remove ability to assign a device without iommu support

 
 
LinkBack Thread Tools
 
Old 03-12-2012, 01:06 PM
Andy Whitcroft
 
Default KVM: Remove ability to assign a device without iommu support
From: Alex Williamson <alex.williamson@redhat.com>

This option has no users and it exposes a security hole that we
can allow devices to be assigned without iommu protection. Make
KVM_DEV_ASSIGN_ENABLE_IOMMU a mandatory option.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>

(cherry picked from commit 423873736b78f549fbfa2f715f2e4de7e6c5e1e9)
CVE-2011-4347
BugLink: http://bugs.launchpad.net/bugs/897812
Signed-off-by: Andy Whitcroft <apw@canonical.com>
---
Documentation/virtual/kvm/api.txt | 3 +++
virt/kvm/assigned-dev.c | 18 +++++++++---------
2 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/Documentation/virtual/kvm/api.txt b/Documentation/virtual/kvm/api.txt
index 42542eb..3628be1 100644
--- a/Documentation/virtual/kvm/api.txt
+++ b/Documentation/virtual/kvm/api.txt
@@ -1118,6 +1118,9 @@ following flags are specified:
/* Depends on KVM_CAP_IOMMU */
#define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0)

+The KVM_DEV_ASSIGN_ENABLE_IOMMU flag is a mandatory option to ensure
+isolation of the device. Usages not specifying this flag are deprecated.
+
4.49 KVM_DEASSIGN_PCI_DEVICE

Capability: KVM_CAP_DEVICE_DEASSIGNMENT
diff --git a/virt/kvm/assigned-dev.c b/virt/kvm/assigned-dev.c
index 2e8c727..49b402c 100644
--- a/virt/kvm/assigned-dev.c
+++ b/virt/kvm/assigned-dev.c
@@ -544,6 +544,9 @@ static int kvm_vm_ioctl_assign_device(struct kvm *kvm,
struct pci_dev *dev;
u8 header_type;

+ if (!(assigned_dev->flags & KVM_DEV_ASSIGN_ENABLE_IOMMU))
+ return -EINVAL;
+
mutex_lock(&kvm->lock);
idx = srcu_read_lock(&kvm->srcu);

@@ -613,16 +616,14 @@ static int kvm_vm_ioctl_assign_device(struct kvm *kvm,

list_add(&match->list, &kvm->arch.assigned_dev_head);

- if (assigned_dev->flags & KVM_DEV_ASSIGN_ENABLE_IOMMU) {
- if (!kvm->arch.iommu_domain) {
- r = kvm_iommu_map_guest(kvm);
- if (r)
- goto out_list_del;
- }
- r = kvm_assign_device(kvm, match);
+ if (!kvm->arch.iommu_domain) {
+ r = kvm_iommu_map_guest(kvm);
if (r)
goto out_list_del;
}
+ r = kvm_assign_device(kvm, match);
+ if (r)
+ goto out_list_del;

out:
srcu_read_unlock(&kvm->srcu, idx);
@@ -662,8 +663,7 @@ static int kvm_vm_ioctl_deassign_device(struct kvm *kvm,
goto out;
}

- if (match->flags & KVM_DEV_ASSIGN_ENABLE_IOMMU)
- kvm_deassign_device(kvm, match);
+ kvm_deassign_device(kvm, match);

kvm_free_assigned_device(kvm, match);

--
1.7.9.1


--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 

Thread Tools




All times are GMT. The time now is 12:27 AM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org

Contact Us - Linux Archive - Archive - Top -