[PATCH v1 1/1] s390: virtio-ccw: PV needs VIRTIO I/O device protection
From: Pierre Morel
Date: Thu Aug 06 2020 - 13:48:18 EST
If protected virtualization is active on s390, the virtio queues are
not accessible to the host, unless VIRTIO_F_IOMMU_PLATFORM has been
negotiated. Use ccw_transport_features() to fail feature negociation
and consequently probe if that's not the case, preventing a host
error on access attempt.
Signed-off-by: Pierre Morel <pmorel@xxxxxxxxxxxxx>
---
drivers/s390/virtio/virtio_ccw.c | 24 +++++++++++++++++++-----
1 file changed, 19 insertions(+), 5 deletions(-)
diff --git a/drivers/s390/virtio/virtio_ccw.c b/drivers/s390/virtio/virtio_ccw.c
index 5730572b52cd..cc8d8064c6c4 100644
--- a/drivers/s390/virtio/virtio_ccw.c
+++ b/drivers/s390/virtio/virtio_ccw.c
@@ -803,11 +803,23 @@ static u64 virtio_ccw_get_features(struct virtio_device *vdev)
return rc;
}
-static void ccw_transport_features(struct virtio_device *vdev)
+static int ccw_transport_features(struct virtio_device *vdev)
{
- /*
- * Currently nothing to do here.
- */
+ if (!is_prot_virt_guest())
+ return 0;
+
+ if (!virtio_has_feature(vdev, VIRTIO_F_VERSION_1)) {
+ dev_warn(&vdev->dev,
+ "device must provide VIRTIO_F_VERSION_1\n");
+ return -ENODEV;
+ }
+
+ if (!virtio_has_feature(vdev, VIRTIO_F_IOMMU_PLATFORM)) {
+ dev_warn(&vdev->dev,
+ "device must provide VIRTIO_F_IOMMU_PLATFORM\n");
+ return -ENODEV;
+ }
+ return 0;
}
static int virtio_ccw_finalize_features(struct virtio_device *vdev)
@@ -837,7 +849,9 @@ static int virtio_ccw_finalize_features(struct virtio_device *vdev)
vring_transport_features(vdev);
/* Give virtio_ccw a chance to accept features. */
- ccw_transport_features(vdev);
+ ret = ccw_transport_features(vdev);
+ if (ret)
+ goto out_free;
features->index = 0;
features->features = cpu_to_le32((u32)vdev->features);
--
2.25.1