• Paolo Bonzini's avatar
    kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access · 3c9fa24c
    Paolo Bonzini authored
    The functions that were used in the emulation of fxrstor, fxsave, sgdt and
    sidt were originally meant for task switching, and as such they did not
    check privilege levels.  This is very bad when the same functions are used
    in the emulation of unprivileged instructions.  This is CVE-2018-10853.
    
    The obvious fix is to add a new argument to ops->read_std and ops->write_std,
    which decides whether the access is a "system" access or should use the
    processor's CPL.
    
    Fixes: 129a72a0 ("KVM: x86: Introduce segmented_write_std", 2017-01-12)
    Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    3c9fa24c
kvm_emulate.h 15.2 KB