diff options
author | gVisor bot <gvisor-bot@google.com> | 2021-10-26 20:09:43 +0000 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2021-10-26 20:09:43 +0000 |
commit | 246328eab4e1c92701d4d8ad72823a3ccfac1dbd (patch) | |
tree | 5b3de883366459774d1212d32eac5b46341761ce | |
parent | 4af37628d1dcc1c00f873349eb21ee01c2615379 (diff) | |
parent | 722d7ca744db6aab442bc71bb50b64599c8fa522 (diff) |
Merge release-20211019.0-42-g722d7ca74 (automated)
-rw-r--r-- | pkg/cpuid/cpuid_x86.go | 2 | ||||
-rw-r--r-- | pkg/sentry/platform/kvm/machine_amd64.go | 11 | ||||
-rw-r--r-- | pkg/sentry/platform/kvm/virtual_map.go | 7 |
3 files changed, 9 insertions, 11 deletions
diff --git a/pkg/cpuid/cpuid_x86.go b/pkg/cpuid/cpuid_x86.go index 8cbcc9f61..c236b942d 100644 --- a/pkg/cpuid/cpuid_x86.go +++ b/pkg/cpuid/cpuid_x86.go @@ -81,7 +81,7 @@ const ( X86FeatureAVX X86FeatureF16C X86FeatureRDRAND - _ // ecx bit 31 is reserved. + X86FeatureHypervisor ) // Block 1 constants are all of the "basic" feature bits returned by a cpuid in diff --git a/pkg/sentry/platform/kvm/machine_amd64.go b/pkg/sentry/platform/kvm/machine_amd64.go index 5bc023899..be6d954c8 100644 --- a/pkg/sentry/platform/kvm/machine_amd64.go +++ b/pkg/sentry/platform/kvm/machine_amd64.go @@ -279,10 +279,13 @@ func (c *vCPU) fault(signal int32, info *linux.SignalInfo) (hostarch.AccessType, // Reset the pointed SignalInfo. *info = linux.SignalInfo{Signo: signal} info.SetAddr(uint64(faultAddr)) - accessType := hostarch.AccessType{ - Read: code&(1<<1) == 0, - Write: code&(1<<1) != 0, - Execute: code&(1<<4) != 0, + accessType := hostarch.AccessType{} + if signal == int32(unix.SIGSEGV) { + accessType = hostarch.AccessType{ + Read: code&(1<<1) == 0, + Write: code&(1<<1) != 0, + Execute: code&(1<<4) != 0, + } } if !accessType.Write && !accessType.Execute { info.Code = 1 // SEGV_MAPERR. diff --git a/pkg/sentry/platform/kvm/virtual_map.go b/pkg/sentry/platform/kvm/virtual_map.go index 01d9eb39d..6027dad47 100644 --- a/pkg/sentry/platform/kvm/virtual_map.go +++ b/pkg/sentry/platform/kvm/virtual_map.go @@ -40,14 +40,9 @@ var mapsLine = regexp.MustCompile("([0-9a-f]+)-([0-9a-f]+) ([r-][w-][x-][sp]) ([ // physical map. Virtual regions need to be excluded if get_user_pages will // fail on those addresses, preventing KVM from satisfying EPT faults. // -// This includes the VVAR page because the VVAR page may be mapped as I/O -// memory. And the VDSO page is knocked out because the VVAR page is not even -// recorded in /proc/self/maps on older kernels; knocking out the VDSO page -// prevents code in the VDSO from accessing the VVAR address. -// // This is called by the physical map functions, not applyVirtualRegions. func excludeVirtualRegion(r virtualRegion) bool { - return r.filename == "[vvar]" || r.filename == "[vdso]" + return false } // applyVirtualRegions parses the process maps file. |