KVM: Disallow fork() and similar games when using a VM

We don't want the meaning of guest userspace changing under our feet. Signed-off-by: Avi Kivity <avi@qumranet.com>

KVM: Disallow fork() and similar games when using a VM
We don't want the meaning of guest userspace changing under our feet. Signed-off-by: Avi Kivity <avi@qumranet.com>
Avi Kivity
1 parent 76c35c6e99
Showing 3 changed files with 11 additions and 0 deletions Side-by-side Diff
drivers/kvm/kvm.h
drivers/kvm/kvm_main.c
kernel/fork.c
@@ -305,6 +305,7 @@
  
 struct kvm {
 	struct mutex lock; /* protects everything except vcpus */
+	struct mm_struct *mm; /* userspace tied to this vm */
 	int naliases;
 	struct kvm_mem_alias aliases[KVM_ALIAS_SLOTS];
 	int nmemslots;
@@ -165,6 +165,8 @@
 	if (IS_ERR(kvm))
 		goto out;
  
+	kvm->mm = current->mm;
+	atomic_inc(&kvm->mm->mm_count);
 	kvm_io_bus_init(&kvm->pio_bus);
 	mutex_init(&kvm->lock);
 	kvm_io_bus_init(&kvm->mmio_bus);
  
@@ -202,12 +204,15 @@
  
 static void kvm_destroy_vm(struct kvm *kvm)
 {
+	struct mm_struct *mm = kvm->mm;
+
 	spin_lock(&kvm_lock);
 	list_del(&kvm->vm_list);
 	spin_unlock(&kvm_lock);
 	kvm_io_bus_destroy(&kvm->pio_bus);
 	kvm_io_bus_destroy(&kvm->mmio_bus);
 	kvm_arch_destroy_vm(kvm);
+	mmdrop(mm);
 }
  
 static int kvm_vm_release(struct inode *inode, struct file *filp)
@@ -818,6 +823,8 @@
 	void __user *argp = (void __user *)arg;
 	int r;
  
+	if (vcpu->kvm->mm != current->mm)
+		return -EIO;
 	switch (ioctl) {
 	case KVM_RUN:
 		r = -EINVAL;
@@ -976,6 +983,8 @@
 	void __user *argp = (void __user *)arg;
 	int r;
  
+	if (kvm->mm != current->mm)
+		return -EIO;
 	switch (ioctl) {
 	case KVM_CREATE_VCPU:
 		r = kvm_vm_ioctl_create_vcpu(kvm, arg);
@@ -393,6 +393,7 @@
 	destroy_context(mm);
 	free_mm(mm);
 }
+EXPORT_SYMBOL_GPL(__mmdrop);
  
 /*
  * Decrement the use count and release all resources for an mm.
...	...	@@ -305,6 +305,7 @@
305	305
306	306	struct kvm {
307	307	struct mutex lock; /* protects everything except vcpus */
	308	+ struct mm_struct mm; / userspace tied to this vm */
308	309	int naliases;
309	310	struct kvm_mem_alias aliases[KVM_ALIAS_SLOTS];
310	311	int nmemslots;
...	...	@@ -165,6 +165,8 @@
165	165	if (IS_ERR(kvm))
166	166	goto out;
167	167
	168	+ kvm->mm = current->mm;
	169	+ atomic_inc(&kvm->mm->mm_count);
168	170	kvm_io_bus_init(&kvm->pio_bus);
169	171	mutex_init(&kvm->lock);
170	172	kvm_io_bus_init(&kvm->mmio_bus);
171	173
...	...	@@ -202,12 +204,15 @@
202	204
203	205	static void kvm_destroy_vm(struct kvm *kvm)
204	206	{
	207	+ struct mm_struct *mm = kvm->mm;
	208	+
205	209	spin_lock(&kvm_lock);
206	210	list_del(&kvm->vm_list);
207	211	spin_unlock(&kvm_lock);
208	212	kvm_io_bus_destroy(&kvm->pio_bus);
209	213	kvm_io_bus_destroy(&kvm->mmio_bus);
210	214	kvm_arch_destroy_vm(kvm);
	215	+ mmdrop(mm);
211	216	}
212	217
213	218	static int kvm_vm_release(struct inode inode, struct file filp)
...	...	@@ -818,6 +823,8 @@
818	823	void __user argp = (void __user )arg;
819	824	int r;
820	825
	826	+ if (vcpu->kvm->mm != current->mm)
	827	+ return -EIO;
821	828	switch (ioctl) {
822	829	case KVM_RUN:
823	830	r = -EINVAL;
...	...	@@ -976,6 +983,8 @@
976	983	void __user argp = (void __user )arg;
977	984	int r;
978	985
	986	+ if (kvm->mm != current->mm)
	987	+ return -EIO;
979	988	switch (ioctl) {
980	989	case KVM_CREATE_VCPU:
981	990	r = kvm_vm_ioctl_create_vcpu(kvm, arg);
...	...	@@ -393,6 +393,7 @@
393	393	destroy_context(mm);
394	394	free_mm(mm);
395	395	}
	396	+EXPORT_SYMBOL_GPL(__mmdrop);
396	397
397	398	/*
398	399	* Decrement the use count and release all resources for an mm.