Re: [PATCH v1 1/3] Add map/unmap ioctl and clean mappings post-guest

Next message: Thomas Gleixner: "Re: [PATCH v4 5/8] irqchip/imx-irqsteer: add NXP S32N79 support"
Previous message: Christian Brauner: "Re: [PATCH] netfs: Fix NULL pointer dereference in netfs_unbuffered_write() on retry"
In reply to: kernel test robot: "Re: [PATCH v1 1/3] Add map/unmap ioctl and clean mappings post-guest"
Next in thread: Douglas Freimuth: "Re: [PATCH v1 1/3] Add map/unmap ioctl and clean mappings post-guest"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Christian Borntraeger

Date: Mon Mar 09 2026 - 05:27:37 EST

Am 08.03.26 um 04:04 schrieb Douglas Freimuth:

Fencing of Fast Inject in Secure Execution environments is enabled in
this patch by not mapping adapter indicator pages. In Secure Execution

[...]

@@ -2477,14 +2572,28 @@ static int modify_io_adapter(struct kvm_device *dev,
if (ret > 0)
ret = 0;
break;
- /*
- * The following operations are no longer needed and therefore no-ops.
- * The gpa to hva translation is done when an IRQ route is set up. The
- * set_irq code uses get_user_pages_remote() to do the actual write.
- */
case KVM_S390_IO_ADAPTER_MAP:
case KVM_S390_IO_ADAPTER_UNMAP:
- ret = 0;
+ mutex_lock(&dev->kvm->lock);
+ if (kvm_s390_pv_is_protected(dev->kvm)) {
+ mutex_unlock(&dev->kvm->lock);
+ break;
+ }

I guess this works for a well behaving userspaces, but a bad QEMU could in theory
not do the unmap on switch to secure.
Shall we maybe do -EINVAL on KVM_PV_ENABLE if there are still mapping left, or
to make it easier for userspace remove the old ADAPTER maps?