Reject any hypercall issued by userspace contexts, thus enable cells to
establish proper access control to Jailhouse services.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
#define X86_FEATURE_VMX (1 << 5)
+#define X86_RFLAGS_VM (1 << 17)
+
#define X86_CR0_PE 0x00000001
#define X86_CR0_ET 0x00000010
#define X86_CR0_NW 0x20000000
{
vmx_skip_emulated_instruction(X86_INST_LEN_VMCALL);
+ if ((!(vmcs_read64(GUEST_IA32_EFER) & EFER_LMA) &&
+ vmcs_read64(GUEST_RFLAGS) & X86_RFLAGS_VM) ||
+ (vmcs_read16(GUEST_CS_SELECTOR) & 3) != 0) {
+ guest_regs->rax = -EPERM;
+ return;
+ }
+
switch (guest_regs->rax) {
case JAILHOUSE_HC_DISABLE:
guest_regs->rax = shutdown(cpu_data);