summaryrefslogtreecommitdiff
path: root/net/ethernet
diff options
context:
space:
mode:
authorFabiano Rosas <farosas@linux.ibm.com>2021-08-11 19:00:39 +0300
committerMichael Ellerman <mpe@ellerman.id.au>2021-08-25 09:37:17 +0300
commit7487cabc7ed2f7716bf304e4e97c57fd995cf70e (patch)
tree78cee05d69be61c7a89a875153b9eeacedfe43af /net/ethernet
parentd82b392d9b3556b63e3f9916cf057ea847e173a9 (diff)
downloadlinux-7487cabc7ed2f7716bf304e4e97c57fd995cf70e.tar.xz
KVM: PPC: Book3S HV Nested: Sanitise vcpu registers
As one of the arguments of the H_ENTER_NESTED hypercall, the nested hypervisor (L1) prepares a structure containing the values of various hypervisor-privileged registers with which it wants the nested guest (L2) to run. Since the nested HV runs in supervisor mode it needs the host to write to these registers. To stop a nested HV manipulating this mechanism and using a nested guest as a proxy to access a facility that has been made unavailable to it, we have a routine that sanitises the values of the HV registers before copying them into the nested guest's vcpu struct. However, when coming out of the guest the values are copied as they were back into L1 memory, which means that any sanitisation we did during guest entry will be exposed to L1 after H_ENTER_NESTED returns. This patch alters this sanitisation to have effect on the vcpu->arch registers directly before entering and after exiting the guest, leaving the structure that is copied back into L1 unchanged (except when we really want L1 to access the value, e.g the Cause bits of HFSCR). Signed-off-by: Fabiano Rosas <farosas@linux.ibm.com> Signed-off-by: Nicholas Piggin <npiggin@gmail.com> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Reviewed-by: Nicholas Piggin <npiggin@gmail.com> Link: https://lore.kernel.org/r/20210811160134.904987-6-npiggin@gmail.com
Diffstat (limited to 'net/ethernet')
0 files changed, 0 insertions, 0 deletions