]> git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/commitdiff
projects / mirror_ubuntu-jammy-kernel.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f1416e5)
KVM: s390: Return error on SIDA memop on normal guest
authorJanis Schoetterl-Glausch <scgl@linux.ibm.com>
Mon, 14 Feb 2022 14:08:42 +0000 (11:08 -0300)
committerAndrea Righi <andrea.righi@canonical.com>
Tue, 22 Feb 2022 18:10:39 +0000 (19:10 +0100)
Refuse SIDA memops on guests which are not protected.
For normal guests, the secure instruction data address designation,
which determines the location we access, is not under control of KVM.

Fixes: 19e122776886 (KVM: S390: protvirt: Introduce instruction data area bounce buffer)
Signed-off-by: Janis Schoetterl-Glausch <scgl@linux.ibm.com>
Cc: stable@vger.kernel.org
Signed-off-by: Christian Borntraeger <borntraeger@linux.ibm.com>
(cherry picked from commit 2c212e1baedcd782b2535a3f86bc491977677c0e)
CVE-2022-0516
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
arch/s390/kvm/kvm-s390.c patch | blob | blame | history

diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c
index 4623eec643ee5a6c5210ce5fc06710d26d00a60b..25ec7feaec254169b83d1a2d46ee7dfe2f17b74a 100644 (file)
--- a/arch/s390/kvm/kvm-s390.c
+++ b/arch/s390/kvm/kvm-s390.c
@@ -4709,6 +4709,8 @@ static long kvm_s390_guest_sida_op(struct kvm_vcpu *vcpu,
                return -EINVAL;
        if (mop->size + mop->sida_offset > sida_size(vcpu->arch.sie_block))
                return -E2BIG;
+       if (!kvm_s390_pv_cpu_is_protected(vcpu))
+               return -EINVAL;
 
        switch (mop->op) {
        case KVM_S390_MEMOP_SIDA_READ:
Ubuntu Jammy Linux kernel mirror