From: Marc Zyngier <maz@kernel.org>
Date: Thu, 14 Nov 2019 13:17:39 +0000 (+0000)
Subject: KVM: Add a comment describing the /dev/kvm no_compat handling
X-Git-Url: http://git.osdn.net/view?a=commitdiff_plain;h=9cb09e7c1c9af2968d5186ef9085f05641ab65d9;p=uclinux-h8%2Flinux.git

KVM: Add a comment describing the /dev/kvm no_compat handling

Add a comment explaining the rational behind having both
no_compat open and ioctl callbacks to fend off compat tasks.

Signed-off-by: Marc Zyngier <maz@kernel.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---

diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
index 6a65ed915c7a..13efc291b1c7 100644
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@ -122,6 +122,13 @@ static long kvm_vcpu_compat_ioctl(struct file *file, unsigned int ioctl,
 				  unsigned long arg);
 #define KVM_COMPAT(c)	.compat_ioctl	= (c)
 #else
+/*
+ * For architectures that don't implement a compat infrastructure,
+ * adopt a double line of defense:
+ * - Prevent a compat task from opening /dev/kvm
+ * - If the open has been done by a 64bit task, and the KVM fd
+ *   passed to a compat task, let the ioctls fail.
+ */
 static long kvm_no_compat_ioctl(struct file *file, unsigned int ioctl,
 				unsigned long arg) { return -EINVAL; }