sync with -r1.95 of amd64/vmm.c: - wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

diff options

author	reyk <reyk@openbsd.org>	2016-10-29 09:32:47 +0000
committer	reyk <reyk@openbsd.org>	2016-10-29 09:32:47 +0000
commit	f90adbc7971caca46e076d64b3ad360789b5d263 (patch)
tree	85f895d54569d6052b548c1518dd1e17446cbea4 /lib/libc/stdlib/malloc.c
parent	Further improve vmm's security model by restricting pledged vmm (diff)
download	wireguard-openbsd-f90adbc7971caca46e076d64b3ad360789b5d263.tar.xz wireguard-openbsd-f90adbc7971caca46e076d64b3ad360789b5d263.zip

sync with -r1.95 of amd64/vmm.c:

Further improve vmm's security model by restricting pledged vmm processes to only do VMM_IOC_ ioctls on their associated VM (these ioctls are _RUN, _RESETCPU, _INTR, _READREGS, or _WRITEREGS at present). The vmm monitor (parent) process or any non-pledged processes can still do ioctls on any VM. For example, a VM can only terminate itself but vmctl or the monitor can terminate any VM. This prevents reachover into other VMs: while escaping from a VM to the host side (eg. through a bug in virtio etc.) pledge already kept the attacker in a pledged and privsep'ed process, but now it also prevents vmm ioctls on "other VMs". OK mlarkin@

Diffstat (limited to 'lib/libc/stdlib/malloc.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: