Displaying 6 results from an estimated 6 matches for "always_allowed".
2020 Feb 07
0
[RFC PATCH v7 41/78] KVM: introspection: add KVMI_VM_CHECK_COMMAND and KVMI_VM_CHECK_EVENT
...VMI_GET_VERSION, kvmi->cmd_allow_mask);
+ set_bit(KVMI_VM_CHECK_COMMAND, kvmi->cmd_allow_mask);
+ set_bit(KVMI_VM_CHECK_EVENT, kvmi->cmd_allow_mask);
kvmi->kvm = kvm;
@@ -304,10 +306,14 @@ int kvmi_ioctl_command(struct kvm *kvm, void __user *argp)
if (!allow) {
DECLARE_BITMAP(always_allowed, KVMI_NUM_COMMANDS);
- if (id == KVMI_GET_VERSION)
+ if (id == KVMI_GET_VERSION
+ || id == KVMI_VM_CHECK_COMMAND
+ || id == KVMI_VM_CHECK_EVENT)
return -EPERM;
set_bit(KVMI_GET_VERSION, always_allowed);
+ set_bit(KVMI_VM_CHECK_COMMAND, always_allowed);
+ set_bit(KVMI_VM_CHECK_E...
2019 Aug 09
0
[RFC PATCH v6 05/92] kvm: introspection: add KVMI_GET_VERSION
...;uuid, &qemu->uuid, sizeof(ikvm->uuid));
ikvm->kvm = kvm;
@@ -290,6 +292,18 @@ int kvmi_ioctl_command(struct kvm *kvm, void __user *argp)
bitmap_from_u64(known, KVMI_KNOWN_COMMANDS);
bitmap_and(requested, requested, known, KVMI_NUM_COMMANDS);
+ if (!allow) {
+ DECLARE_BITMAP(always_allowed, KVMI_NUM_COMMANDS);
+
+ if (id == KVMI_GET_VERSION)
+ return -EPERM;
+
+ set_bit(KVMI_GET_VERSION, always_allowed);
+
+ bitmap_andnot(requested, requested, always_allowed,
+ KVMI_NUM_COMMANDS);
+ }
+
return kvmi_ioctl_feature(kvm, allow, requested,
offsetof(struct kvmi, cmd_a...
2020 Feb 07
0
[RFC PATCH v7 40/78] KVM: introspection: add KVMI_GET_VERSION
...ERSION, kvmi->cmd_allow_mask);
+
kvmi->kvm = kvm;
return kvmi;
@@ -299,6 +301,18 @@ int kvmi_ioctl_command(struct kvm *kvm, void __user *argp)
bitmap_from_u64(known, KVMI_KNOWN_COMMANDS);
bitmap_and(requested, requested, known, KVMI_NUM_COMMANDS);
+ if (!allow) {
+ DECLARE_BITMAP(always_allowed, KVMI_NUM_COMMANDS);
+
+ if (id == KVMI_GET_VERSION)
+ return -EPERM;
+
+ set_bit(KVMI_GET_VERSION, always_allowed);
+
+ bitmap_andnot(requested, requested, always_allowed,
+ KVMI_NUM_COMMANDS);
+ }
+
off_bitmap = offsetof(struct kvm_introspection, cmd_allow_mask);
return kvmi_io...
2020 Feb 07
78
[RFC PATCH v7 00/78] VM introspection
The KVM introspection subsystem provides a facility for applications
running on the host or in a separate VM, to control the execution of
other VMs (pause, resume, shutdown), query the state of the vCPUs (GPRs,
MSRs etc.), alter the page access bits in the shadow page tables (only
for the hardware backed ones, eg. Intel's EPT) and receive notifications
when events of interest have taken place
2019 Aug 09
117
[RFC PATCH v6 00/92] VM introspection
The KVM introspection subsystem provides a facility for applications running
on the host or in a separate VM, to control the execution of other VM-s
(pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.),
alter the page access bits in the shadow page tables (only for the hardware
backed ones, eg. Intel's EPT) and receive notifications when events of
interest have taken place
2019 Aug 09
117
[RFC PATCH v6 00/92] VM introspection
The KVM introspection subsystem provides a facility for applications running
on the host or in a separate VM, to control the execution of other VM-s
(pause, resume, shutdown), query the state of the vCPUs (GPRs, MSRs etc.),
alter the page access bits in the shadow page tables (only for the hardware
backed ones, eg. Intel's EPT) and receive notifications when events of
interest have taken place