On 26.10.2020 10:40, Jan Beulich wrote: And of course this should have
From: Andrew Cooper <andrew.coop...@citrix.com> right here, sorry. Jan > In the case that no 64-bit SYSCALL callback is registered, the guest > will be crashed when 64-bit userspace executes a SYSCALL instruction, > which would be a userspace => kernel DoS. Similarly for 32-bit > userspace when no 32-bit SYSCALL callback was registered either. > > This has been the case ever since the introduction of 64bit PV support, > but behaves unlike all other SYSCALL/SYSENTER callbacks in Xen, which > yield #GP/#UD in userspace before the callback is registered, and are > therefore safe by default. > > This change does constitute a change in the PV ABI, for the corner case > of a PV guest kernel not registering a 64-bit callback (which has to be > considered a defacto requirement of the unwritten PV ABI, considering > there is no PV equivalent of EFER.SCE). > > It brings the behaviour in line with PV32 SYSCALL/SYSENTER, and PV64 > SYSENTER (safe by default, until explicitly enabled). > > Signed-off-by: Andrew Cooper <andrew.coop...@citrix.com> > Signed-off-by: Jan Beulich <jbeul...@suse.com>