Commit 1b0c58a3 authored by Paolo Bonzini's avatar Paolo Bonzini

Merge tag 'kvm-s390-master-5.7-1' of...

Merge tag 'kvm-s390-master-5.7-1' of git://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux into HEAD

KVM: s390: Fixes for vsie (nested hypervisors)

- Several fixes for corner cases of nesting. Still relevant as it might
  crash host or first level guest or temporarily leak memory.
parents 5c8beb47 1493e0f9
...@@ -1202,6 +1202,7 @@ static int vsie_run(struct kvm_vcpu *vcpu, struct vsie_page *vsie_page) ...@@ -1202,6 +1202,7 @@ static int vsie_run(struct kvm_vcpu *vcpu, struct vsie_page *vsie_page)
scb_s->iprcc = PGM_ADDRESSING; scb_s->iprcc = PGM_ADDRESSING;
scb_s->pgmilc = 4; scb_s->pgmilc = 4;
scb_s->gpsw.addr = __rewind_psw(scb_s->gpsw, 4); scb_s->gpsw.addr = __rewind_psw(scb_s->gpsw, 4);
rc = 1;
} }
return rc; return rc;
} }
......
...@@ -787,14 +787,18 @@ static void gmap_call_notifier(struct gmap *gmap, unsigned long start, ...@@ -787,14 +787,18 @@ static void gmap_call_notifier(struct gmap *gmap, unsigned long start,
static inline unsigned long *gmap_table_walk(struct gmap *gmap, static inline unsigned long *gmap_table_walk(struct gmap *gmap,
unsigned long gaddr, int level) unsigned long gaddr, int level)
{ {
const int asce_type = gmap->asce & _ASCE_TYPE_MASK;
unsigned long *table; unsigned long *table;
if ((gmap->asce & _ASCE_TYPE_MASK) + 4 < (level * 4)) if ((gmap->asce & _ASCE_TYPE_MASK) + 4 < (level * 4))
return NULL; return NULL;
if (gmap_is_shadow(gmap) && gmap->removed) if (gmap_is_shadow(gmap) && gmap->removed)
return NULL; return NULL;
if (gaddr & (-1UL << (31 + ((gmap->asce & _ASCE_TYPE_MASK) >> 2)*11)))
if (asce_type != _ASCE_TYPE_REGION1 &&
gaddr & (-1UL << (31 + (asce_type >> 2) * 11)))
return NULL; return NULL;
table = gmap->table; table = gmap->table;
switch (gmap->asce & _ASCE_TYPE_MASK) { switch (gmap->asce & _ASCE_TYPE_MASK) {
case _ASCE_TYPE_REGION1: case _ASCE_TYPE_REGION1:
...@@ -1840,6 +1844,7 @@ int gmap_shadow_r3t(struct gmap *sg, unsigned long saddr, unsigned long r3t, ...@@ -1840,6 +1844,7 @@ int gmap_shadow_r3t(struct gmap *sg, unsigned long saddr, unsigned long r3t,
goto out_free; goto out_free;
} else if (*table & _REGION_ENTRY_ORIGIN) { } else if (*table & _REGION_ENTRY_ORIGIN) {
rc = -EAGAIN; /* Race with shadow */ rc = -EAGAIN; /* Race with shadow */
goto out_free;
} }
crst_table_init(s_r3t, _REGION3_ENTRY_EMPTY); crst_table_init(s_r3t, _REGION3_ENTRY_EMPTY);
/* mark as invalid as long as the parent table is not protected */ /* mark as invalid as long as the parent table is not protected */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment