Re: [PATCH v4 2/2] s390: virtio: PV needs VIRTIO I/O device protection

From: Pierre Morel
Date: Tue Jul 07 2020 - 07:19:44 EST

Next message: Halil Pasic: "Re: [PATCH v4 2/2] s390: virtio: PV needs VIRTIO I/O device protection"
Previous message: Michal Hocko: "Re: [PATCH v4 03/11] mm/hugetlb: unify migration callbacks"
In reply to: Michael S. Tsirkin: "Re: [PATCH v4 2/2] s390: virtio: PV needs VIRTIO I/O device protection"
Next in thread: Christian Borntraeger: "Re: [PATCH v4 2/2] s390: virtio: PV needs VIRTIO I/O device protection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2020-07-07 13:14, Michael S. Tsirkin wrote:

On Tue, Jul 07, 2020 at 11:46:33AM +0200, Cornelia Huck wrote:

On Tue, 7 Jul 2020 10:44:37 +0200
Pierre Morel <pmorel@xxxxxxxxxxxxx> wrote:

S390, protecting the guest memory against unauthorized host access
needs to enforce VIRTIO I/O device protection through the use of
VIRTIO_F_VERSION_1 and VIRTIO_F_IOMMU_PLATFORM.

Hm... what about:

"If protected virtualization is active on s390, the virtio queues are
not accessible to the host, unless VIRTIO_F_IOMMU_PLATFORM has been
negotiated. Use the new arch_validate_virtio_features() interface to
enforce this."

s/enforce this/fail probe if that's not the case, preventing a host error on access attempt/

yes, more complete, thanks.

regards,
Pierre

--
Pierre Morel
IBM Lab Boeblingen

Next message: Halil Pasic: "Re: [PATCH v4 2/2] s390: virtio: PV needs VIRTIO I/O device protection"
Previous message: Michal Hocko: "Re: [PATCH v4 03/11] mm/hugetlb: unify migration callbacks"
In reply to: Michael S. Tsirkin: "Re: [PATCH v4 2/2] s390: virtio: PV needs VIRTIO I/O device protection"
Next in thread: Christian Borntraeger: "Re: [PATCH v4 2/2] s390: virtio: PV needs VIRTIO I/O device protection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]