Quoting Janosch Frank (2023-05-15 13:53:11) > The lowcore is an important part of any s390 cpu so we need to make > sure it's always available when we virtualize one. For non-PV guests > that would mean ensuring that the lowcore page is read and writable by > the guest. > > For PV guests we additionally need to make sure that the page is owned > by the guest as it is only allowed to access them if that's the > case. The code 112 SIE intercept tells us if the lowcore pages aren't > secure anymore. > > Let's check if that intercept is reported by SIE if we export the > lowcore pages. Additionally check if that's also the case if the guest > shares the lowcore which will make it readable to the host but > ownership of the page should not change. > > Also we check for validities in these conditions: > * Manipulated cpu timer > * Double SIE for same vcpu > * Re-use of VCPU handle from another secure configuration > * ASCE re-use > > Signed-off-by: Janosch Frank <frankja@xxxxxxxxxxxxx> Reviewed-by: Nico Boehr <nrb@xxxxxxxxxxxxx>
