summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/platform/kvm
diff options
context:
space:
mode:
authorAdin Scannell <ascannell@google.com>2018-05-14 21:13:28 -0700
committerShentubot <shentubot@google.com>2018-05-14 21:14:17 -0700
commit2ab754cff7b2d45e1d59798562e47317aa480ecf (patch)
tree48f2e18f7a1195c617558a8ed8e99adb7041be37 /pkg/sentry/platform/kvm
parent825e9ea8098d91e9770d27124717c08d1f5d2952 (diff)
Make KVM system call first check.
PiperOrigin-RevId: 196613447 Change-Id: Ib76902896798f072c3031b0c5cf7b433718928b7
Diffstat (limited to 'pkg/sentry/platform/kvm')
-rw-r--r--pkg/sentry/platform/kvm/machine_amd64.go9
1 files changed, 4 insertions, 5 deletions
diff --git a/pkg/sentry/platform/kvm/machine_amd64.go b/pkg/sentry/platform/kvm/machine_amd64.go
index dfa691e88..fe4d31702 100644
--- a/pkg/sentry/platform/kvm/machine_amd64.go
+++ b/pkg/sentry/platform/kvm/machine_amd64.go
@@ -111,8 +111,11 @@ func (c *vCPU) SwitchToUser(regs *syscall.PtraceRegs, fpState *byte, pt *pagetab
vector = c.CPU.SwitchToUser(regs, fpState, pt, flags)
exitsyscall()
- // Free and clear.
switch vector {
+ case ring0.Syscall, ring0.SyscallInt80:
+ // Fast path: system call executed.
+ return nil, usermem.NoAccess, nil
+
case ring0.Debug, ring0.Breakpoint:
info := &arch.SignalInfo{Signo: int32(syscall.SIGTRAP)}
return info, usermem.AccessType{}, platform.ErrContextSignal
@@ -158,10 +161,6 @@ func (c *vCPU) SwitchToUser(regs *syscall.PtraceRegs, fpState *byte, pt *pagetab
redpill() // Bail and reacqire.
return nil, usermem.NoAccess, platform.ErrContextInterrupt
- case ring0.Syscall, ring0.SyscallInt80:
- // System call executed.
- return nil, usermem.NoAccess, nil
-
default:
panic(fmt.Sprintf("unexpected vector: 0x%x", vector))
}