artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 881d014) | patch
vmm(4): Reset host LDTR on exit for SVM
authormlarkin <mlarkin@openbsd.org>
Tue, 18 Sep 2018 16:02:08 +0000 (16:02 +0000)
committermlarkin <mlarkin@openbsd.org>
Tue, 18 Sep 2018 16:02:08 +0000 (16:02 +0000)
commit184c804a7bcef546d5d111b9caecc5e1574bd145
tree889306f7ee18a1b3f378ed212e6588a730598b93tree | snapshot
parent881d014778102f01a12c43680cfda9ee17217517commit | diff
vmm(4): Reset host LDTR on exit for SVM

For SVM machines, the LDT content remains set to that of the guest VM on
exit (as compared to Intel/VMX which resets the LDTR to 0). This fix
ensures the LDT is reset to 0 on SVM exits.

Leaving the LDT set to the guest's choice could allow a malicious process
to escalate its privileges with the help of a malicious VM that they
also are able to run on the machine.

This was reported by Maxime Villard; thanks!
sys/arch/amd64/amd64/vmm_support.S diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim