mirror of
https://github.com/projectacrn/acrn-hypervisor.git
synced 2025-06-18 19:57:31 +00:00
hypercall: do not allow hypercall from UOS except trusty
only trusty related hypercall will come from UOS, others should come from VM0 Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com> Acked-by: Eddie Dong <eddie.dong@intel.com>
This commit is contained in:
parent
f505f338bd
commit
05f8fd701a
@ -57,6 +57,12 @@ int vmcall_vmexit_handler(struct vcpu *vcpu)
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (!is_vm0(vm) && hypcall_id != HC_WORLD_SWITCH &&
|
||||
hypcall_id != HC_INITIALIZE_TRUSTY) {
|
||||
pr_err("hypercall %d is only allowed from VM0!\n", hypcall_id);
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Dispatch the hypercall handler */
|
||||
switch (hypcall_id) {
|
||||
case HC_GET_API_VERSION:
|
||||
|
Loading…
Reference in New Issue
Block a user