github/acrn-hypervisor
1
0
Fork 0
mirror of https://github.com/projectacrn/acrn-hypervisor.git synced 2025-06-19 20:22:46 +00:00
Code Issues Projects Releases Wiki Activity

hypercall: do not allow hypercall from UOS except trusty

Browse Source 
only trusty related hypercall will come from UOS, others should come from VM0

Signed-off-by: Jason Chen CJ <jason.cj.chen@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This commit is contained in:
Jason Chen CJ 2018-05-21 20:17:40 +08:00 committed by lijinxia
parent f505f338bd
commit 05f8fd701a
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
hypervisor/arch/x86/guest/vmcall.c
View File

@ -57,6 +57,12 @@ int vmcall_vmexit_handler(struct vcpu *vcpu)
return -1; return -1;
} }
if (!is_vm0(vm) && hypcall_id != HC_WORLD_SWITCH &&
hypcall_id != HC_INITIALIZE_TRUSTY) {
pr_err("hypercall %d is only allowed from VM0!\n", hypcall_id);
return -1;
}
/* Dispatch the hypercall handler */ /* Dispatch the hypercall handler */
switch (hypcall_id) { switch (hypcall_id) {
case HC_GET_API_VERSION: case HC_GET_API_VERSION: