Don't allow hpt (hash page table) guests to act as guest hypervisors and
thus be able to run nested guests. There is currently no support for
this, if a nested guest is to be run it must be run at the lowest level.
Explicitly disallow hash guests from enabling the nested kvm-hv capability
at the hypervisor level.
Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@xxxxxxxxx>
---
arch/powerpc/kvm/book3s_hv.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c
index cde3f5a4b3e4..ce960301bfaa 100644
--- a/arch/powerpc/kvm/book3s_hv.c
+++ b/arch/powerpc/kvm/book3s_hv.c
@@ -5336,8 +5336,12 @@ static int kvmhv_enable_nested(struct kvm *kvm)
return -ENODEV;
/* kvm == NULL means the caller is testing if the capability exists */
- if (kvm)
+ if (kvm) {
+ /* Only radix guests can act as nested hv and thus run guests */
+ if (!kvm_is_radix(kvm))
+ return -1;
kvm->arch.nested_enable = true;
+ }
return 0;
}
--
2.13.6
