Re: [PATCH v9 2/2] s390: virtio: PV needs VIRTIO I/O device protection

2020-08-21 Thread Pierre Morel




On 2020-08-21 14:05, Cornelia Huck wrote:

On Wed, 19 Aug 2020 18:23:18 +0200
Pierre Morel  wrote:


If protected virtualization is active on s390, VIRTIO has retricted


s/retricted/only restricted/


access to the guest memory.
Define CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS and export
arch_has_restricted_virtio_memory_access to advertize VIRTIO if that's
the case, preventing a host error on access attempt.

Signed-off-by: Pierre Morel 
---
  arch/s390/Kconfig   |  1 +
  arch/s390/mm/init.c | 11 +++
  2 files changed, 12 insertions(+)


(...)


diff --git a/arch/s390/mm/init.c b/arch/s390/mm/init.c
index 6dc7c3b60ef6..8febd73ed6ca 100644
--- a/arch/s390/mm/init.c
+++ b/arch/s390/mm/init.c
@@ -45,6 +45,7 @@
  #include 
  #include 
  #include 
+#include 


I don't think you need this include anymore.


right,


  
  pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir);
  


(...)

With the nit fixed,

Reviewed-by: Cornelia Huck 



Thanks,

Pierre

--
Pierre Morel
IBM Lab Boeblingen
___
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization


Re: [PATCH v9 2/2] s390: virtio: PV needs VIRTIO I/O device protection

2020-08-21 Thread Cornelia Huck
On Wed, 19 Aug 2020 18:23:18 +0200
Pierre Morel  wrote:

> If protected virtualization is active on s390, VIRTIO has retricted

s/retricted/only restricted/

> access to the guest memory.
> Define CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS and export
> arch_has_restricted_virtio_memory_access to advertize VIRTIO if that's
> the case, preventing a host error on access attempt.
> 
> Signed-off-by: Pierre Morel 
> ---
>  arch/s390/Kconfig   |  1 +
>  arch/s390/mm/init.c | 11 +++
>  2 files changed, 12 insertions(+)

(...)

> diff --git a/arch/s390/mm/init.c b/arch/s390/mm/init.c
> index 6dc7c3b60ef6..8febd73ed6ca 100644
> --- a/arch/s390/mm/init.c
> +++ b/arch/s390/mm/init.c
> @@ -45,6 +45,7 @@
>  #include 
>  #include 
>  #include 
> +#include 

I don't think you need this include anymore.

>  
>  pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir);
>  

(...)

With the nit fixed,

Reviewed-by: Cornelia Huck 

___
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization


[PATCH v9 2/2] s390: virtio: PV needs VIRTIO I/O device protection

2020-08-19 Thread Pierre Morel
If protected virtualization is active on s390, VIRTIO has retricted
access to the guest memory.
Define CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS and export
arch_has_restricted_virtio_memory_access to advertize VIRTIO if that's
the case, preventing a host error on access attempt.

Signed-off-by: Pierre Morel 
---
 arch/s390/Kconfig   |  1 +
 arch/s390/mm/init.c | 11 +++
 2 files changed, 12 insertions(+)

diff --git a/arch/s390/Kconfig b/arch/s390/Kconfig
index 9cfd8de907cb..c12422c26389 100644
--- a/arch/s390/Kconfig
+++ b/arch/s390/Kconfig
@@ -820,6 +820,7 @@ menu "Virtualization"
 config PROTECTED_VIRTUALIZATION_GUEST
def_bool n
prompt "Protected virtualization guest support"
+   select ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
help
  Select this option, if you want to be able to run this
  kernel as a protected virtualization KVM guest.
diff --git a/arch/s390/mm/init.c b/arch/s390/mm/init.c
index 6dc7c3b60ef6..8febd73ed6ca 100644
--- a/arch/s390/mm/init.c
+++ b/arch/s390/mm/init.c
@@ -45,6 +45,7 @@
 #include 
 #include 
 #include 
+#include 
 
 pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir);
 
@@ -161,6 +162,16 @@ bool force_dma_unencrypted(struct device *dev)
return is_prot_virt_guest();
 }
 
+#ifdef CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
+
+int arch_has_restricted_virtio_memory_access(void)
+{
+   return is_prot_virt_guest();
+}
+EXPORT_SYMBOL(arch_has_restricted_virtio_memory_access);
+
+#endif
+
 /* protected virtualization */
 static void pv_init(void)
 {
-- 
2.25.1

___
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization