From: Jan Kiszka <[email protected]> Jailhouse only supports hypercalls with the immediate code 0x4a48. Avoid interpreting calls with other codes as ours.
Signed-off-by: Jan Kiszka <[email protected]> --- hypervisor/arch/arm/traps.c | 3 +++ hypervisor/arch/arm64/traps.c | 3 +++ include/arch/arm/asm/jailhouse_hypercall.h | 2 ++ include/arch/arm64/asm/jailhouse_hypercall.h | 2 ++ 4 files changed, 10 insertions(+) diff --git a/hypervisor/arch/arm/traps.c b/hypervisor/arch/arm/traps.c index f75a3b00..15f736fc 100644 --- a/hypervisor/arch/arm/traps.c +++ b/hypervisor/arch/arm/traps.c @@ -263,6 +263,9 @@ static int arch_handle_hvc(struct trap_context *ctx) unsigned long *regs = ctx->regs; unsigned long code = regs[0]; + if (HSR_ISS(ctx->hsr) != JAILHOUSE_HVC_CODE) + return TRAP_FORBIDDEN; + regs[0] = hypercall(code, regs[1], regs[2]); if (code == JAILHOUSE_HC_DISABLE && regs[0] == 0) diff --git a/hypervisor/arch/arm64/traps.c b/hypervisor/arch/arm64/traps.c index cd309233..0c4a498d 100644 --- a/hypervisor/arch/arm64/traps.c +++ b/hypervisor/arch/arm64/traps.c @@ -51,6 +51,9 @@ static int handle_hvc(struct trap_context *ctx) unsigned long *regs = ctx->regs; unsigned long code = regs[0]; + if (ESR_ISS(ctx->esr) != JAILHOUSE_HVC_CODE) + return TRAP_FORBIDDEN; + regs[0] = hypercall(code, regs[1], regs[2]); if (code == JAILHOUSE_HC_DISABLE && regs[0] == 0) diff --git a/include/arch/arm/asm/jailhouse_hypercall.h b/include/arch/arm/asm/jailhouse_hypercall.h index 8baec784..e4eca625 100644 --- a/include/arch/arm/asm/jailhouse_hypercall.h +++ b/include/arch/arm/asm/jailhouse_hypercall.h @@ -36,6 +36,8 @@ * THE POSSIBILITY OF SUCH DAMAGE. */ +#define JAILHOUSE_HVC_CODE 0x4a48 + #define JAILHOUSE_CALL_INS ".arch_extension virt\n\t" \ "hvc #0x4a48" #define JAILHOUSE_CALL_NUM_RESULT "r0" diff --git a/include/arch/arm64/asm/jailhouse_hypercall.h b/include/arch/arm64/asm/jailhouse_hypercall.h index d9a9f693..86ce6716 100644 --- a/include/arch/arm64/asm/jailhouse_hypercall.h +++ b/include/arch/arm64/asm/jailhouse_hypercall.h @@ -36,6 +36,8 @@ * THE POSSIBILITY OF SUCH DAMAGE. */ +#define JAILHOUSE_HVC_CODE 0x4a48 + #define JAILHOUSE_CALL_INS "hvc #0x4a48" #define JAILHOUSE_CALL_NUM_RESULT "x0" #define JAILHOUSE_CALL_ARG1 "x1" -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
