On 04.02.20 19:51, Cornelia Huck wrote: > On Mon, 3 Feb 2020 08:19:50 -0500 > Christian Borntraeger <borntraeger@xxxxxxxxxx> wrote: > >> From: Janosch Frank <frankja@xxxxxxxxxxxxx> >> >> If the host initialized the Ultravisor, we can set stfle bit 161 >> (protected virtual IPL enhancements facility), which indicates, that > > s/indicates,/indicates/ ack > >> the IPL subcodes 8, 9 and are valid. These subcodes are used by a > > s/9 and/9, and 10/ ack > >> normal guest to set/retrieve a IPIB of type 5 and transition into > > "an IPL information block of type 5 (for PVMs)" ? ack > >> protected mode. >> >> Once in protected mode, the Ultravisor will conceal the facility >> bit. Therefore each boot into protected mode has to go through >> non-protected. There is no secure re-ipl with subcode 10 without a > > "non-protected mode" ack >> previous subcode 3. >> >> In protected mode, there is no subcode 4 available, as the VM has no >> more access to its memory from non-protected mode. I.e. each IPL >> clears. > > "i.e., only IPL clear is possible" ? ack > >> >> Signed-off-by: Janosch Frank <frankja@xxxxxxxxxxxxx> >> --- >> arch/s390/kvm/diag.c | 6 ++++++ >> arch/s390/kvm/kvm-s390.c | 5 +++++ >> 2 files changed, 11 insertions(+) > > Reviewed-by: Cornelia Huck <cohuck@xxxxxxxxxx> >
