Allow use of the Forced Emulation Prefix in HVM guests, to allow emulation of
arbitrary instructions.
-This option is intended for development purposes, and is only available in
-debug builds of the hypervisor.
+This option is intended for development and testing purposes.
+
+*Warning*
+As this feature opens up the instruction emulator to arbitrary
+instruction from an HVM guest, don't use this in production system. No
+security support is provided when this flag is set.
### hvm\_port80
> `= <boolean>`
If unsure, say N.
+config HVM_FEP
+ bool "HVM Forced Emulation Prefix support" if EXPERT = "y"
+ default DEBUG
+ ---help---
+
+ Compiles in a feature that allows HVM guest to arbitrarily
+ exercise the instruction emulator.
+
+ This feature can only be enabled during boot time with
+ appropriate hypervisor command line option. Please read
+ hypervisor command line documentation before trying to use
+ this feature.
+
+ This is strictly for testing purposes, and not appropriate
+ for use in production.
+
+ If unsure, say N.
endmenu
source "common/Kconfig"
#include <xen/mem_access.h>
#include <xen/rangeset.h>
#include <xen/vm_event.h>
+#include <xen/warning.h>
#include <asm/shadow.h>
#include <asm/hap.h>
#include <asm/current.h>
#ifndef opt_hvm_fep
/* Permit use of the Forced Emulation Prefix in HVM guests */
-bool_t opt_hvm_fep;
+bool_t __read_mostly opt_hvm_fep;
boolean_param("hvm_fep", opt_hvm_fep);
#endif
+static const char __initconst warning_hvm_fep[] =
+ "WARNING: HVM FORCED EMULATION PREFIX IS AVAILABLE\n"
+ "This option is *ONLY* intended to aid testing of Xen.\n"
+ "It has implications on the security of the system.\n"
+ "Please *DO NOT* use this in production.\n";
/* Xen command-line option to enable altp2m */
static bool_t __initdata opt_altp2m_enabled = 0;
if ( !opt_altp2m_enabled )
hvm_funcs.altp2m_supported = 0;
+ if ( opt_hvm_fep )
+ warning_add(warning_hvm_fep);
+
/*
* Allow direct access to the PC debug ports 0x80 and 0xed (they are
* often used for I/O delays, but the vmexits simply slow things down).
{
regs->eip += sizeof(sig);
regs->eflags &= ~X86_EFLAGS_RF;
+ add_taint(TAINT_HVM_FEP);
}
}
* 'M' - Machine had a machine check experience.
* 'B' - System has hit bad_page.
* 'C' - Console output is synchronous.
+ * 'H' - HVM forced emulation prefix is permitted.
*
* The string is overwritten by the next call to print_taint().
*/
{
if ( tainted )
{
- snprintf(str, TAINT_STRING_MAX_LEN, "Tainted: %c%c%c%c",
+ snprintf(str, TAINT_STRING_MAX_LEN, "Tainted: %c%c%c%c%c",
tainted & TAINT_UNSAFE_SMP ? 'S' : ' ',
tainted & TAINT_MACHINE_CHECK ? 'M' : ' ',
tainted & TAINT_BAD_PAGE ? 'B' : ' ',
- tainted & TAINT_SYNC_CONSOLE ? 'C' : ' ');
+ tainted & TAINT_SYNC_CONSOLE ? 'C' : ' ',
+ tainted & TAINT_HVM_FEP ? 'H' : ' ');
}
else
{
#include <public/hvm/save.h>
#include <xen/mm.h>
-#ifndef NDEBUG
+#ifdef CONFIG_HVM_FEP
/* Permit use of the Forced Emulation Prefix in HVM guests */
extern bool_t opt_hvm_fep;
#else
#define TAINT_BAD_PAGE (1<<2)
#define TAINT_SYNC_CONSOLE (1<<3)
#define TAINT_ERROR_INJECT (1<<4)
+#define TAINT_HVM_FEP (1<<5)
extern int tainted;
#define TAINT_STRING_MAX_LEN 20
extern char *print_tainted(char *str);
projects / xen.git / commitdiff