From 45ba52f8246a7060da48e250512a734a79187adf Mon Sep 17 00:00:00 2001
From: Yong He <chenglang.hy@alibaba-inc.com>
Date: Thu, 21 Mar 2019 22:03:34 -0700
Subject: [PATCH] Allow BP and OF can be called from user space

Change the DPL from 0 to 3 for Breakpoint and Overflow,
then user space could trigger Breakpoint and Overflow
as excepected.

Change-Id: Ibead65fb8c98b32b7737f316db93b3a8d9dcd648
PiperOrigin-RevId: 239736648
---
 pkg/sentry/platform/ring0/kernel_amd64.go | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/pkg/sentry/platform/ring0/kernel_amd64.go b/pkg/sentry/platform/ring0/kernel_amd64.go
index 9e8c56a54..5ed4342dd 100644
--- a/pkg/sentry/platform/ring0/kernel_amd64.go
+++ b/pkg/sentry/platform/ring0/kernel_amd64.go
@@ -27,9 +27,15 @@ func (k *Kernel) init(opts KernelOpts) {
 
 	// Setup the IDT, which is uniform.
 	for v, handler := range handlers {
+		// Allow Breakpoint and Overflow to be called from all
+		// privilege levels.
+		dpl := 0
+		if v == Breakpoint || v == Overflow {
+			dpl = 3
+		}
 		// Note that we set all traps to use the interrupt stack, this
 		// is defined below when setting up the TSS.
-		k.globalIDT[v].setInterrupt(Kcode, uint64(kernelFunc(handler)), 0 /* dpl */, 1 /* ist */)
+		k.globalIDT[v].setInterrupt(Kcode, uint64(kernelFunc(handler)), dpl, 1 /* ist */)
 	}
 }