Commit 68cf7b1f authored by Janosch Frank's avatar Janosch Frank Committed by Christian Borntraeger
Browse files

KVM: s390: protvirt: disallow one_reg 



A lot of the registers are controlled by the Ultravisor and never
visible to KVM. Some fields in the sie control block are overlayed, like
gbea. As no known userspace uses the ONE_REG interface on s390 if sync
regs are available, no functionality is lost if it is disabled for
protected guests.

Signed-off-by: default avatarJanosch Frank <frankja@linux.ibm.com>
Reviewed-by: default avatarThomas Huth <thuth@redhat.com>
Reviewed-by: default avatarCornelia Huck <cohuck@redhat.com>
Reviewed-by: default avatarDavid Hildenbrand <david@redhat.com>
[borntraeger@de.ibm.com: patch merging, splitting, fixing]
Signed-off-by: default avatarChristian Borntraeger <borntraeger@de.ibm.com>
parent 353cbc6a

Documentation/virt/kvm/api.rst

+4 −2
Original line number Diff line number Diff line
@@ -2117,7 +2117,8 @@ Errors: 


  ======   ============================================================

  ENOENT   no such register

  EINVAL   invalid register ID, or no such register

  EINVAL   invalid register ID, or no such register or used with VMs in

           protected virtualization mode on s390

  EPERM    (arm64) register access not allowed before vcpu finalization

  ======   ============================================================
@@ -2552,7 +2553,8 @@ Errors include: 


  ======== ============================================================

  ENOENT   no such register

  EINVAL   invalid register ID, or no such register

  EINVAL   invalid register ID, or no such register or used with VMs in

           protected virtualization mode on s390

  EPERM    (arm64) register access not allowed before vcpu finalization

  ======== ============================================================

arch/s390/kvm/kvm-s390.c

+3 −0
Original line number Diff line number Diff line
@@ -4674,6 +4674,9 @@ long kvm_arch_vcpu_ioctl(struct file *filp, 
	case KVM_SET_ONE_REG:

	case KVM_GET_ONE_REG: {

		struct kvm_one_reg reg;

		r = -EINVAL;

		if (kvm_s390_pv_cpu_is_protected(vcpu))

			break;

		r = -EFAULT;

		if (copy_from_user(&reg, argp, sizeof(reg)))

			break;

CRA Git | Maintained and supported by SUSTech CRA and CCSE