| #
90cacd85 |
| 11-Jul-2023 |
Thomas Huth <thuth@redhat.com> |
Merge branch 's390x-2023-07' into 'master'
s390x: topology tests, SCLP fixes, UV host test improvements, PV test improvements and validity/IPL test and some small maintanence fixes
See merge reques
Merge branch 's390x-2023-07' into 'master'
s390x: topology tests, SCLP fixes, UV host test improvements, PV test improvements and validity/IPL test and some small maintanence fixes
See merge request kvm-unit-tests/kvm-unit-tests!45
show more ...
|
| #
a402fad4 |
| 19-Jun-2023 |
Janosch Frank <frankja@linux.ibm.com> |
s390x: pv: Add sie entry intercept and validity test
The lowcore is an important part of any s390 cpu so we need to make
sure it's always available when we virtualize one. For non-PV guests
that wou
s390x: pv: Add sie entry intercept and validity test
The lowcore is an important part of any s390 cpu so we need to make
sure it's always available when we virtualize one. For non-PV guests
that would mean ensuring that the lowcore page is read and writable by
the guest.
For PV guests we additionally need to make sure that the page is owned
by the guest as it is only allowed to access them if that's the
case. The code 112 SIE intercept tells us if the lowcore pages aren't
secure anymore.
Let's check if that intercept is reported by SIE if we export the
lowcore pages. Additionally check if that's also the case if the guest
shares the lowcore which will make it readable to the host but
ownership of the page should not change.
Also we check for validities in these conditions:
* Manipulated cpu timer
* Double SIE for same vcpu
* Re-use of VCPU handle from another secure configuration
* ASCE re-use
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
Reviewed-by: Nico Boehr <nrb@linux.ibm.com>
Link: https://lore.kernel.org/r/20230619083329.22680-7-frankja@linux.ibm.com
Signed-off-by: Nico Boehr <nrb@linux.ibm.com>
show more ...
|