From b56e3215d4331bff9b6d5e5f68bc1ec5cb01e650 Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Thu, 27 Oct 2011 10:56:17 +1030 Subject: lguest: Allow running under paravirt-enabled KVM. We actually can run under KVM, as it doesn't paravirtualize anything we need to use; reduce the check to checking we are the normal ringlevel. Reported-by: Stefanos Geraggelos Signed-off-by: Rusty Russell # HG changeset patch diff --git a/drivers/lguest/core.c b/drivers/lguest/core.c index 2535933..5c13e93 100644 --- a/drivers/lguest/core.c +++ b/drivers/lguest/core.c @@ -313,7 +313,7 @@ static int __init init(void) int err; /* Lguest can't run under Xen, VMI or itself. It does Tricky Stuff. */ - if (paravirt_enabled()) { + if (get_kernel_rpl() != 0) { printk("lguest is afraid of being a guest\n"); return -EPERM; } -- cgit v0.10.2 From 89cfc99177c9270c5c6d429f6c5177ab3428ad57 Mon Sep 17 00:00:00 2001 From: Rusty Russell Date: Thu, 27 Oct 2011 10:56:17 +1030 Subject: lguest: don't allow KVM-detection cpuid. Host might be running under KVM, but we shouldn't allow Guest to think it can use KVM hypercalls (it can't, and it will embarrass itself if it tries). Signed-off-by: Rusty Russell diff --git a/arch/x86/lguest/boot.c b/arch/x86/lguest/boot.c index 13ee258..f63da5e 100644 --- a/arch/x86/lguest/boot.c +++ b/arch/x86/lguest/boot.c @@ -70,6 +70,7 @@ #include #include #include /* for struct machine_ops */ +#include /*G:010 * Welcome to the Guest! @@ -455,6 +456,15 @@ static void lguest_cpuid(unsigned int *ax, unsigned int *bx, *ax &= 0xFFFFF0FF; *ax |= 0x00000500; break; + + /* + * This is used to detect if we're running under KVM. We might be, + * but that's a Host matter, not us. So say we're not. + */ + case KVM_CPUID_SIGNATURE: + *bx = *cx = *dx = 0; + break; + /* * 0x80000000 returns the highest Extended Function, so we futureproof * like we do above by limiting it to known fields. -- cgit v0.10.2 From 0acf00014bcfd71090c3b0d43c98e970108064e4 Mon Sep 17 00:00:00 2001 From: Michal Hocko Date: Tue, 27 Sep 2011 08:56:03 +0200 Subject: lguest: move process freezing before pending signals check run_guest tries to freeze the current process after it has handled pending interrupts and before it calls lguest_arch_run_guest. This doesn't work nicely if the task has been killed while being frozen and when we want to handle that signal as soon as possible. Let's move try_to_freeze before we check for pending signal so that we can get out of the loop as soon as possible. Signed-off-by: Michal Hocko Acked-by: Rusty Russell Signed-off-by: Rusty Russell diff --git a/drivers/lguest/core.c b/drivers/lguest/core.c index 5c13e93..b5fdcb7 100644 --- a/drivers/lguest/core.c +++ b/drivers/lguest/core.c @@ -232,6 +232,13 @@ int run_guest(struct lg_cpu *cpu, unsigned long __user *user) } } + /* + * All long-lived kernel loops need to check with this horrible + * thing called the freezer. If the Host is trying to suspend, + * it stops us. + */ + try_to_freeze(); + /* Check for signals */ if (signal_pending(current)) return -ERESTARTSYS; @@ -246,13 +253,6 @@ int run_guest(struct lg_cpu *cpu, unsigned long __user *user) try_deliver_interrupt(cpu, irq, more); /* - * All long-lived kernel loops need to check with this horrible - * thing called the freezer. If the Host is trying to suspend, - * it stops us. - */ - try_to_freeze(); - - /* * Just make absolutely sure the Guest is still alive. One of * those hypercalls could have been fatal, for example. */ -- cgit v0.10.2