summaryrefslogtreecommitdiff
path: root/arch
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2022-02-09 09:14:22 -0800
committerLinus Torvalds <torvalds@linux-foundation.org>2022-02-09 09:14:22 -0800
commit09a93c1df3eafa43bcdfd7bf837c574911f12f55 (patch)
tree7842550a36d72050f566b7c9ed0472e44e27db5f /arch
parente6251ab4551f51fa4cee03523e08051898c3ce82 (diff)
parent2c212e1baedcd782b2535a3f86bc491977677c0e (diff)
Merge tag 'kvm-s390-kernel-access' from emailed bundle
Pull s390 kvm fix from Christian Borntraeger: "Add missing check for the MEMOP ioctl The SIDA MEMOPs must only be used for secure guests, otherwise userspace can do unwanted memory accesses" * tag 'kvm-s390-kernel-access' from emailed bundle: KVM: s390: Return error on SIDA memop on normal guest
Diffstat (limited to 'arch')
-rw-r--r--arch/s390/kvm/kvm-s390.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c
index 577f1ead6a51..2296b1ff1e02 100644
--- a/arch/s390/kvm/kvm-s390.c
+++ b/arch/s390/kvm/kvm-s390.c
@@ -4667,6 +4667,8 @@ static long kvm_s390_guest_sida_op(struct kvm_vcpu *vcpu,
return -EINVAL;
if (mop->size + mop->sida_offset > sida_size(vcpu->arch.sie_block))
return -E2BIG;
+ if (!kvm_s390_pv_cpu_is_protected(vcpu))
+ return -EINVAL;
switch (mop->op) {
case KVM_S390_MEMOP_SIDA_READ: