APPLIED: [SRU Focal/Impish] KVM: s390: Return error on SIDA memop on normal guest
Stefan Bader
stefan.bader at canonical.com
Tue Feb 15 10:03:41 UTC 2022
On 14.02.22 15:08, Thadeu Lima de Souza Cascardo wrote:
> From: Janis Schoetterl-Glausch <scgl at linux.ibm.com>
>
> Refuse SIDA memops on guests which are not protected.
> For normal guests, the secure instruction data address designation,
> which determines the location we access, is not under control of KVM.
>
> Fixes: 19e122776886 (KVM: S390: protvirt: Introduce instruction data area bounce buffer)
> Signed-off-by: Janis Schoetterl-Glausch <scgl at linux.ibm.com>
> Cc: stable at vger.kernel.org
> Signed-off-by: Christian Borntraeger <borntraeger at linux.ibm.com>
> (cherry picked from commit 2c212e1baedcd782b2535a3f86bc491977677c0e)
> CVE-2022-0516
> Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo at canonical.com>
> ---
Applied to focal,impish:linux/master-next. Thanks.
-Stefan
> arch/s390/kvm/kvm-s390.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c
> index 08c1c8944f40..817f4deaae2d 100644
> --- a/arch/s390/kvm/kvm-s390.c
> +++ b/arch/s390/kvm/kvm-s390.c
> @@ -4641,6 +4641,8 @@ static long kvm_s390_guest_sida_op(struct kvm_vcpu *vcpu,
> return -EINVAL;
> if (mop->size + mop->sida_offset > sida_size(vcpu->arch.sie_block))
> return -E2BIG;
> + if (!kvm_s390_pv_cpu_is_protected(vcpu))
> + return -EINVAL;
>
> switch (mop->op) {
> case KVM_S390_MEMOP_SIDA_READ:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20220215/33389008/attachment.sig>
More information about the kernel-team
mailing list