On Mon, 3 Feb 2020 08:19:50 -0500 Christian Borntraeger <borntraeger@xxxxxxxxxx> wrote: > From: Janosch Frank <frankja@xxxxxxxxxxxxx> > > If the host initialized the Ultravisor, we can set stfle bit 161 > (protected virtual IPL enhancements facility), which indicates, that s/indicates,/indicates/ > the IPL subcodes 8, 9 and are valid. These subcodes are used by a s/9 and/9, and 10/ > normal guest to set/retrieve a IPIB of type 5 and transition into "an IPL information block of type 5 (for PVMs)" ? > protected mode. > > Once in protected mode, the Ultravisor will conceal the facility > bit. Therefore each boot into protected mode has to go through > non-protected. There is no secure re-ipl with subcode 10 without a "non-protected mode" > previous subcode 3. > > In protected mode, there is no subcode 4 available, as the VM has no > more access to its memory from non-protected mode. I.e. each IPL > clears. "i.e., only IPL clear is possible" ? > > Signed-off-by: Janosch Frank <frankja@xxxxxxxxxxxxx> > --- > arch/s390/kvm/diag.c | 6 ++++++ > arch/s390/kvm/kvm-s390.c | 5 +++++ > 2 files changed, 11 insertions(+) Reviewed-by: Cornelia Huck <cohuck@xxxxxxxxxx>
