Allow BP and OF can be called from user space

Change the DPL from 0 to 3 for Breakpoint and Overflow, then user space could trigger Breakpoint and Overflow as excepected. Change-Id: Ibead65fb8c98b32b7737f316db93b3a8d9dcd648 PiperOrigin-RevId: 239736648
author: Yong He <chenglang.hy@alibaba-inc.com> 2019-03-21 22:03:34 -0700
committer: Shentubot <shentubot@google.com> 2019-03-21 22:04:50 -0700
commit: 45ba52f8246a7060da48e250512a734a79187adf (patch)
tree: a01266d3f33443001b5cc7f7ec6a06f35d37fdd0
parent: 7d0227ff16f4397924fb008a7452f6ed3f8205e0 (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/pkg/sentry/platform/ring0/kernel_amd64.go b/pkg/sentry/platform/ring0/kernel_amd64.go
index 9e8c56a54..5ed4342dd 100644
--- a/pkg/sentry/platform/ring0/kernel_amd64.go
+++ b/pkg/sentry/platform/ring0/kernel_amd64.go
@@ -27,9 +27,15 @@ func (k *Kernel) init(opts KernelOpts) {
 
 	// Setup the IDT, which is uniform.
 	for v, handler := range handlers {
+		// Allow Breakpoint and Overflow to be called from all
+		// privilege levels.
+		dpl := 0
+		if v == Breakpoint || v == Overflow {
+			dpl = 3
+		}
 		// Note that we set all traps to use the interrupt stack, this
 		// is defined below when setting up the TSS.
-		k.globalIDT[v].setInterrupt(Kcode, uint64(kernelFunc(handler)), 0 /* dpl */, 1 /* ist */)
+		k.globalIDT[v].setInterrupt(Kcode, uint64(kernelFunc(handler)), dpl, 1 /* ist */)
 	}
 }
author	Yong He <chenglang.hy@alibaba-inc.com>	2019-03-21 22:03:34 -0700
committer	Shentubot <shentubot@google.com>	2019-03-21 22:04:50 -0700
commit	45ba52f8246a7060da48e250512a734a79187adf (patch)
tree	a01266d3f33443001b5cc7f7ec6a06f35d37fdd0
parent	7d0227ff16f4397924fb008a7452f6ed3f8205e0 (diff)