On 11/15/19 10:02 AM, Thomas Huth wrote:
> On 24/10/2019 13.40, Janosch Frank wrote:
>> A lot of the registers are controlled by the Ultravisor and never
>> visible to KVM. Also some registers are overlayed, like gbea is with
>> sidad, which might leak data to userspace.
>>
>> Hence we sync a minimal set of registers for both SIE formats and then
>> check and sync format 2 registers if necessary.
>>
>> Also we disable set/get one reg for the same reason. It's an old
>> interface anyway.
>>
>> Signed-off-by: Janosch Frank <frankja@xxxxxxxxxxxxx>
>> ---
>> arch/s390/kvm/kvm-s390.c | 138 +++++++++++++++++++++++----------------
>> 1 file changed, 82 insertions(+), 56 deletions(-)
>>
>> diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c
>> index 17a78774c617..f623c64aeade 100644
>> --- a/arch/s390/kvm/kvm-s390.c
>> +++ b/arch/s390/kvm/kvm-s390.c
>> @@ -2997,7 +2997,8 @@ static void kvm_s390_vcpu_initial_reset(struct kvm_vcpu *vcpu)
>> /* make sure the new fpc will be lazily loaded */
>> save_fpu_regs();
>> current->thread.fpu.fpc = 0;
>> - vcpu->arch.sie_block->gbea = 1;
>> + if (!kvm_s390_pv_is_protected(vcpu->kvm))
>> + vcpu->arch.sie_block->gbea = 1;
>> vcpu->arch.sie_block->pp = 0;
>> vcpu->arch.sie_block->fpf &= ~FPF_BPBC;
>> vcpu->arch.pfault_token = KVM_S390_PFAULT_TOKEN_INVALID;
>> @@ -3367,6 +3368,10 @@ static int kvm_arch_vcpu_ioctl_get_one_reg(struct kvm_vcpu *vcpu,
>> (u64 __user *)reg->addr);
>> break;
>> case KVM_REG_S390_GBEA:
>> + if (kvm_s390_pv_is_protected(vcpu->kvm)) {
>> + r = 0;
>> + break;
>> + }
>> r = put_user(vcpu->arch.sie_block->gbea,
>> (u64 __user *)reg->addr);
>> break;
>> @@ -3420,6 +3425,10 @@ static int kvm_arch_vcpu_ioctl_set_one_reg(struct kvm_vcpu *vcpu,
>> (u64 __user *)reg->addr);
>> break;
>> case KVM_REG_S390_GBEA:
>> + if (kvm_s390_pv_is_protected(vcpu->kvm)) {
>> + r = 0;
>> + break;
>> + }
>
> Wouldn't it be better to return EINVAL in this case? ... the callers
> definitely do not get what they expected here...
>
> Thomas
>
Hrm, new QEMUs will use cpu run anyway and hence I guess it would make
sense as old QEMUs hopefully won't have pv support.
Attachment:
signature.asc
Description: OpenPGP digital signature
