diff options
author | Marc Zyngier <maz@kernel.org> | 2019-11-14 13:17:39 +0000 |
---|---|---|
committer | Paolo Bonzini <pbonzini@redhat.com> | 2019-11-15 10:14:04 +0100 |
commit | 9cb09e7c1c9af2968d5186ef9085f05641ab65d9 (patch) | |
tree | 23972e24845a7ea316c2c5d53e6e6fafb1212469 /virt | |
parent | ed69a6cb700880d052a0d085ff2e5bfc108ce238 (diff) |
KVM: Add a comment describing the /dev/kvm no_compat handling
Add a comment explaining the rational behind having both
no_compat open and ioctl callbacks to fend off compat tasks.
Signed-off-by: Marc Zyngier <maz@kernel.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'virt')
-rw-r--r-- | virt/kvm/kvm_main.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 6a65ed915c7a..13efc291b1c7 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -122,6 +122,13 @@ static long kvm_vcpu_compat_ioctl(struct file *file, unsigned int ioctl, unsigned long arg); #define KVM_COMPAT(c) .compat_ioctl = (c) #else +/* + * For architectures that don't implement a compat infrastructure, + * adopt a double line of defense: + * - Prevent a compat task from opening /dev/kvm + * - If the open has been done by a 64bit task, and the KVM fd + * passed to a compat task, let the ioctls fail. + */ static long kvm_no_compat_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) { return -EINVAL; } |