From patchwork Tue May 12 15:21:52 2009 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: ehrhardt@linux.vnet.ibm.com X-Patchwork-Id: 23274 Received: from vger.kernel.org (vger.kernel.org [209.132.176.167]) by demeter.kernel.org (8.14.2/8.14.2) with ESMTP id n4CFNI5J028709 for ; Tue, 12 May 2009 15:23:20 GMT Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1757210AbZELPWA (ORCPT ); Tue, 12 May 2009 11:22:00 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1756170AbZELPV7 (ORCPT ); Tue, 12 May 2009 11:21:59 -0400 Received: from mtagate8.de.ibm.com ([195.212.29.157]:58303 "EHLO mtagate8.de.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756827AbZELPVz (ORCPT ); Tue, 12 May 2009 11:21:55 -0400 Received: from d12nrmr1607.megacenter.de.ibm.com (d12nrmr1607.megacenter.de.ibm.com [9.149.167.49]) by mtagate8.de.ibm.com (8.14.3/8.13.8) with ESMTP id n4CFLuei242466 for ; Tue, 12 May 2009 15:21:56 GMT Received: from d12av02.megacenter.de.ibm.com (d12av02.megacenter.de.ibm.com [9.149.165.228]) by d12nrmr1607.megacenter.de.ibm.com (8.13.8/8.13.8/NCO v9.2) with ESMTP id n4CFLtjv3301376 for ; Tue, 12 May 2009 17:21:55 +0200 Received: from d12av02.megacenter.de.ibm.com (loopback [127.0.0.1]) by d12av02.megacenter.de.ibm.com (8.12.11.20060308/8.13.3) with ESMTP id n4CFLt2S011924 for ; Tue, 12 May 2009 17:21:55 +0200 Received: from localhost.localdomain (dyn-9-152-212-28.boeblingen.de.ibm.com [9.152.212.28]) by d12av02.megacenter.de.ibm.com (8.12.11.20060308/8.12.11) with ESMTP id n4CFLsss011898; Tue, 12 May 2009 17:21:55 +0200 From: ehrhardt@linux.vnet.ibm.com To: Avi Kivity , kvm@vger.kernel.org Cc: ehrhardt@linux.vnet.ibm.com, Christian Borntraeger , Carsten Otte , Heiko Carstens , Martin Schwidefsky Subject: [PATCH 5/6] kvm-s390: Sanity check on validity intercept Date: Tue, 12 May 2009 17:21:52 +0200 Message-Id: <1242141713-20863-6-git-send-email-ehrhardt@linux.vnet.ibm.com> X-Mailer: git-send-email 1.5.6.3 In-Reply-To: <1242141713-20863-1-git-send-email-ehrhardt@linux.vnet.ibm.com> References: <1242141713-20863-1-git-send-email-ehrhardt@linux.vnet.ibm.com> Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Carsten Otte This patch adds a sanity check for the content of the guest prefix register content before faulting in the cpu lowcore that it refers to. The guest might end up in an endless loop where SIE complains about missing lowcore with incorrect content of the prefix register without this fix. Reported-by: Mijo Safradin Signed-off-by: Carsten Otte Signed-off-by: Christian Ehrhardt --- arch/s390/kvm/intercept.c | 28 ++++++++++++++++++---------- 1 file changed, 18 insertions(+), 10 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Index: kvm/arch/s390/kvm/intercept.c =================================================================== --- kvm.orig/arch/s390/kvm/intercept.c +++ kvm/arch/s390/kvm/intercept.c @@ -154,17 +154,25 @@ static int handle_stop(struct kvm_vcpu * static int handle_validity(struct kvm_vcpu *vcpu) { int viwhy = vcpu->arch.sie_block->ipb >> 16; + int rc; + vcpu->stat.exit_validity++; - if (viwhy == 0x37) { - fault_in_pages_writeable((char __user *) - vcpu->kvm->arch.guest_origin + - vcpu->arch.sie_block->prefix, - PAGE_SIZE); - return 0; - } - VCPU_EVENT(vcpu, 2, "unhandled validity intercept code %d", - viwhy); - return -ENOTSUPP; + if ((viwhy == 0x37) && (vcpu->arch.sie_block->prefix + <= vcpu->kvm->arch.guest_memsize - 2*PAGE_SIZE)){ + rc = fault_in_pages_writeable((char __user *) + vcpu->kvm->arch.guest_origin + + vcpu->arch.sie_block->prefix, + 2*PAGE_SIZE); + if (rc) + /* user will receive sigsegv, exit to user */ + rc = -ENOTSUPP; + } else + rc = -ENOTSUPP; + + if (rc) + VCPU_EVENT(vcpu, 2, "unhandled validity intercept code %d", + viwhy); + return rc; } static int handle_instruction(struct kvm_vcpu *vcpu)