OSDN Git Service

(root) / android-x86 / kernel.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
KVM: s390: Do not leak kernel stack data in the KVM_S390_INTERRUPT ioctl
[android-x86/kernel.git] / arch / s390 / kvm / kvm-s390.c
diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c
index a70ff09..ea20b60 100644 (file)
--- a/arch/s390/kvm/kvm-s390.c
+++ b/arch/s390/kvm/kvm-s390.c
@@ -401,6 +401,9 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext)
        case KVM_CAP_S390_RI:
                r = test_facility(64);
                break;
+       case KVM_CAP_S390_BPB:
+               r = test_facility(82);
+               break;
        default:
                r = 0;
        }
@@ -1713,6 +1716,8 @@ int kvm_arch_vcpu_init(struct kvm_vcpu *vcpu)
        kvm_s390_set_prefix(vcpu, 0);
        if (test_kvm_facility(vcpu->kvm, 64))
                vcpu->run->kvm_valid_regs |= KVM_SYNC_RICCB;
+       if (test_kvm_facility(vcpu->kvm, 82))
+               vcpu->run->kvm_valid_regs |= KVM_SYNC_BPBC;
        /* fprs can be synchronized via vrs, even if the guest has no vx. With
         * MACHINE_HAS_VX, (load|store)_fpu_regs() will work with vrs format.
         */
@@ -1829,7 +1834,6 @@ void kvm_arch_vcpu_load(struct kvm_vcpu *vcpu, int cpu)
        if (test_fp_ctl(current->thread.fpu.fpc))
                /* User space provided an invalid FPC, let's clear it */
                current->thread.fpu.fpc = 0;
-
        save_access_regs(vcpu->arch.host_acrs);
        restore_access_regs(vcpu->run->s.regs.acrs);
        gmap_enable(vcpu->arch.enabled_gmap);
@@ -1877,6 +1881,7 @@ static void kvm_s390_vcpu_initial_reset(struct kvm_vcpu *vcpu)
        current->thread.fpu.fpc = 0;
        vcpu->arch.sie_block->gbea = 1;
        vcpu->arch.sie_block->pp = 0;
+       vcpu->arch.sie_block->fpf &= ~FPF_BPBC;
        vcpu->arch.pfault_token = KVM_S390_PFAULT_TOKEN_INVALID;
        kvm_clear_async_pf_completion_queue(vcpu);
        if (!kvm_s390_user_cpu_state_ctrl(vcpu->kvm))
@@ -2744,6 +2749,11 @@ static void sync_regs(struct kvm_vcpu *vcpu, struct kvm_run *kvm_run)
                if (riccb->valid)
                        vcpu->arch.sie_block->ecb3 |= 0x01;
        }
+       if ((kvm_run->kvm_dirty_regs & KVM_SYNC_BPBC) &&
+           test_kvm_facility(vcpu->kvm, 82)) {
+               vcpu->arch.sie_block->fpf &= ~FPF_BPBC;
+               vcpu->arch.sie_block->fpf |= kvm_run->s.regs.bpbc ? FPF_BPBC : 0;
+       }
 
        kvm_run->kvm_dirty_regs = 0;
 }
@@ -2762,6 +2772,7 @@ static void store_regs(struct kvm_vcpu *vcpu, struct kvm_run *kvm_run)
        kvm_run->s.regs.pft = vcpu->arch.pfault_token;
        kvm_run->s.regs.pfs = vcpu->arch.pfault_select;
        kvm_run->s.regs.pfc = vcpu->arch.pfault_compare;
+       kvm_run->s.regs.bpbc = (vcpu->arch.sie_block->fpf & FPF_BPBC) == FPF_BPBC;
 }
 
 int kvm_arch_vcpu_ioctl_run(struct kvm_vcpu *vcpu, struct kvm_run *kvm_run)
@@ -3094,7 +3105,7 @@ long kvm_arch_vcpu_ioctl(struct file *filp,
        }
        case KVM_S390_INTERRUPT: {
                struct kvm_s390_interrupt s390int;
-               struct kvm_s390_irq s390irq;
+               struct kvm_s390_irq s390irq = {};
 
                r = -EFAULT;
                if (copy_from_user(&s390int, argp, sizeof(s390int)))
@@ -3277,21 +3288,28 @@ void kvm_arch_commit_memory_region(struct kvm *kvm,
                                const struct kvm_memory_slot *new,
                                enum kvm_mr_change change)
 {
-       int rc;
-
-       /* If the basics of the memslot do not change, we do not want
-        * to update the gmap. Every update causes several unnecessary
-        * segment translation exceptions. This is usually handled just
-        * fine by the normal fault handler + gmap, but it will also
-        * cause faults on the prefix page of running guest CPUs.
-        */
-       if (old->userspace_addr == mem->userspace_addr &&
-           old->base_gfn * PAGE_SIZE == mem->guest_phys_addr &&
-           old->npages * PAGE_SIZE == mem->memory_size)
-               return;
+       int rc = 0;
 
-       rc = gmap_map_segment(kvm->arch.gmap, mem->userspace_addr,
-               mem->guest_phys_addr, mem->memory_size);
+       switch (change) {
+       case KVM_MR_DELETE:
+               rc = gmap_unmap_segment(kvm->arch.gmap, old->base_gfn * PAGE_SIZE,
+                                       old->npages * PAGE_SIZE);
+               break;
+       case KVM_MR_MOVE:
+               rc = gmap_unmap_segment(kvm->arch.gmap, old->base_gfn * PAGE_SIZE,
+                                       old->npages * PAGE_SIZE);
+               if (rc)
+                       break;
+               /* FALLTHROUGH */
+       case KVM_MR_CREATE:
+               rc = gmap_map_segment(kvm->arch.gmap, mem->userspace_addr,
+                                     mem->guest_phys_addr, mem->memory_size);
+               break;
+       case KVM_MR_FLAGS_ONLY:
+               break;
+       default:
+               WARN(1, "Unknown KVM MR CHANGE: %d\n", change);
+       }
        if (rc)
                pr_warn("failed to commit memory region\n");
        return;
kernel
About OSDN
Find Software
Develop Software
Help