diff options
author | Marc Zyngier <marc.zyngier@arm.com> | 2017-10-27 15:28:52 +0100 |
---|---|---|
committer | Christoffer Dall <christoffer.dall@linaro.org> | 2017-11-10 09:44:36 +0100 |
commit | bd94e7aea40387524b1d6c76b09785f5c3319116 (patch) | |
tree | 23339b6dab21ef65b4b2091d622305a88352c365 /virt | |
parent | 374be35e231e818ffbdb3f876e2775f22b727e80 (diff) | |
download | op-kernel-dev-bd94e7aea40387524b1d6c76b09785f5c3319116.zip op-kernel-dev-bd94e7aea40387524b1d6c76b09785f5c3319116.tar.gz |
KVM: arm/arm64: GICv4: Prevent a VM using GICv4 from being saved
The GICv4 architecture doesn't make it easy for save/restore to
work, as it doesn't give any guarantee that the pending state
is written into the pending table.
So let's not take any chance, and let's return an error if
we encounter any LPI that has the HW bit set. In order for
userspace to distinguish this error from other failure modes,
use -EACCES as an error code.
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org>
Diffstat (limited to 'virt')
-rw-r--r-- | virt/kvm/arm/vgic/vgic-its.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/virt/kvm/arm/vgic/vgic-its.c b/virt/kvm/arm/vgic/vgic-its.c index bf571f6..b8c1b72 100644 --- a/virt/kvm/arm/vgic/vgic-its.c +++ b/virt/kvm/arm/vgic/vgic-its.c @@ -1995,6 +1995,15 @@ static int vgic_its_save_itt(struct vgic_its *its, struct its_device *device) list_for_each_entry(ite, &device->itt_head, ite_list) { gpa_t gpa = base + ite->event_id * ite_esz; + /* + * If an LPI carries the HW bit, this means that this + * interrupt is controlled by GICv4, and we do not + * have direct access to that state. Let's simply fail + * the save operation... + */ + if (ite->irq->hw) + return -EACCES; + ret = vgic_its_save_ite(its, device, ite, gpa, ite_esz); if (ret) return ret; |