path: root/virt/kvm/kvm_main.c
diff options
authorMarc Zyngier <maz@kernel.org>2019-11-13 16:05:23 +0000
committerPaolo Bonzini <pbonzini@redhat.com>2019-11-13 17:13:12 +0100
commitb9876e6de123adb52ac693bac08c493e989bd93e (patch)
treece6d3de7b302079d4b624276a18007a9118ba838 /virt/kvm/kvm_main.c
parentKVM: X86: Reset the three MSR list number variables to 0 in kvm_init_msr_list() (diff)
KVM: Forbid /dev/kvm being opened by a compat task when CONFIG_KVM_COMPAT=n
On a system without KVM_COMPAT, we prevent IOCTLs from being issued by a compat task. Although this prevents most silly things from happening, it can still confuse a 32bit userspace that is able to open the kvm device (the qemu test suite seems to be pretty mad with this behaviour). Take a more radical approach and return a -ENODEV to the compat task. Reported-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Marc Zyngier <maz@kernel.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'virt/kvm/kvm_main.c')
1 files changed, 7 insertions, 1 deletions
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
index 524cff24a68d..6a65ed915c7a 100644
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@ -124,7 +124,13 @@ static long kvm_vcpu_compat_ioctl(struct file *file, unsigned int ioctl,
static long kvm_no_compat_ioctl(struct file *file, unsigned int ioctl,
unsigned long arg) { return -EINVAL; }
-#define KVM_COMPAT(c) .compat_ioctl = kvm_no_compat_ioctl
+static int kvm_no_compat_open(struct inode *inode, struct file *file)
+ return is_compat_task() ? -ENODEV : 0;
+#define KVM_COMPAT(c) .compat_ioctl = kvm_no_compat_ioctl, \
+ .open = kvm_no_compat_open
static int hardware_enable_all(void);
static void hardware_disable_all(void);