kernel / kernel-source

Clone
Source Code
GIT

Files

  1.   dc80e4e4a4898b1c680e017a715146e3a860d531
  2.   patches.suse
  3.   KVM-s390-Return-error-on-SIDA-memop-on-normal-guest.patch
Blob Blame History Raw 
From cb29d0900ba65263b4e35956b4fbd60079128f72 Mon Sep 17 00:00:00 2001
From: Janis Schoetterl-Glausch <scgl@linux.ibm.com>
Date: Fri, 28 Jan 2022 15:06:43 +0100
Subject: [PATCH 1/1] KVM: s390: Return error on SIDA memop on normal guest
Git-commit: 2c212e1baedcd782b2535a3f86bc491977677c0e
Patch-mainline: v5.17-rc2
References: bsc#1195516 CVE-2022-0516 

Refuse SIDA memops on guests which are not protected.
For normal guests, the secure instruction data address designation,
which determines the location we access, is not under control of KVM.

Fixes: 19e122776886 (KVM: S390: protvirt: Introduce instruction data area bounce buffer)
Signed-off-by: Janis Schoetterl-Glausch <scgl@linux.ibm.com>
Cc: stable@vger.kernel.org
Signed-off-by: Christian Borntraeger <borntraeger@linux.ibm.com>
Signed-off-by: Li Zhang <lizhang@suse.de>
---
 arch/s390/kvm/kvm-s390.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c
index c46c8f452b80..8af91e8312f3 100644
--- a/arch/s390/kvm/kvm-s390.c
+++ b/arch/s390/kvm/kvm-s390.c
@@ -4683,6 +4683,8 @@ static long kvm_s390_guest_sida_op(struct kvm_vcpu *vcpu,
 		return -EINVAL;
 	if (mop->size + mop->sida_offset > sida_size(vcpu->arch.sie_block))
 		return -E2BIG;
+	if (!kvm_s390_pv_cpu_is_protected(vcpu))
+		return -EINVAL;
 
 	switch (mop->op) {
 	case KVM_S390_MEMOP_SIDA_READ:
-- 
2.31.1
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.