Currently do_kexec_op_internal() will return 0 for unknown hypercalls. Fix
this by returning -EOPNOTSUPP instead.
Fixes: d046f361dc93 ("Xen Security Modules: XSM")
Reported-by: Andrew Cooper <[email protected]>
Signed-off-by: Roger Pau Monné <[email protected]>
---
Arguably the error code for unsupported kexec hypercalls was already wonky
before the XSM addiiton, as it would return -EINVAL. It's however way
worse after the XSM addition, as it returns 0.
---
xen/common/kexec.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/xen/common/kexec.c b/xen/common/kexec.c
index 84fe8c35976e..8f52c5506d4a 100644
--- a/xen/common/kexec.c
+++ b/xen/common/kexec.c
@@ -1217,9 +1217,8 @@ static int do_kexec_op_internal(unsigned long op,
XEN_GUEST_HANDLE_PARAM(void) uarg,
bool compat)
{
- int ret = -EINVAL;
+ int ret = xsm_kexec(XSM_PRIV);
- ret = xsm_kexec(XSM_PRIV);
if ( ret )
return ret;
@@ -1258,6 +1257,10 @@ static int do_kexec_op_internal(unsigned long op,
case KEXEC_CMD_kexec_status:
ret = kexec_status(uarg);
break;
+
+ default:
+ ret = -EOPNOTSUPP;
+ break;
}
clear_bit(KEXEC_FLAG_IN_HYPERCALL, &kexec_flags);
--
2.51.0
