diff options
| author | Christian Borntraeger <borntraeger@de.ibm.com> | 2017-11-21 10:02:52 -0500 |
|---|---|---|
| committer | Christian Borntraeger <borntraeger@de.ibm.com> | 2017-12-06 03:18:43 -0500 |
| commit | bb64da9aba89765fee74b395967b18a7d6c364e9 (patch) | |
| tree | c3499d7eaece67a6be01d01490c78b7ffe875e89 | |
| parent | 940f89a5a37789b94f332755767c556a64b004e4 (diff) | |
KVM: s390: mark irq_state.flags as non-usable
Old kernels did not check for zero in the irq_state.flags field and old
QEMUs did not zero the flag/reserved fields when calling
KVM_S390_*_IRQ_STATE. Let's add comments to prevent future uses of
these fields.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
| -rw-r--r-- | Documentation/virtual/kvm/api.txt | 15 | ||||
| -rw-r--r-- | arch/s390/kvm/kvm-s390.c | 6 | ||||
| -rw-r--r-- | include/uapi/linux/kvm.h | 4 |
3 files changed, 18 insertions, 7 deletions
diff --git a/Documentation/virtual/kvm/api.txt b/Documentation/virtual/kvm/api.txt index f670e4b9e7f3..57d3ee9e4bde 100644 --- a/Documentation/virtual/kvm/api.txt +++ b/Documentation/virtual/kvm/api.txt | |||
| @@ -2901,14 +2901,19 @@ userspace buffer and its length: | |||
| 2901 | 2901 | ||
| 2902 | struct kvm_s390_irq_state { | 2902 | struct kvm_s390_irq_state { |
| 2903 | __u64 buf; | 2903 | __u64 buf; |
| 2904 | __u32 flags; | 2904 | __u32 flags; /* will stay unused for compatibility reasons */ |
| 2905 | __u32 len; | 2905 | __u32 len; |
| 2906 | __u32 reserved[4]; | 2906 | __u32 reserved[4]; /* will stay unused for compatibility reasons */ |
| 2907 | }; | 2907 | }; |
| 2908 | 2908 | ||
| 2909 | Userspace passes in the above struct and for each pending interrupt a | 2909 | Userspace passes in the above struct and for each pending interrupt a |
| 2910 | struct kvm_s390_irq is copied to the provided buffer. | 2910 | struct kvm_s390_irq is copied to the provided buffer. |
| 2911 | 2911 | ||
| 2912 | The structure contains a flags and a reserved field for future extensions. As | ||
| 2913 | the kernel never checked for flags == 0 and QEMU never pre-zeroed flags and | ||
| 2914 | reserved, these fields can not be used in the future without breaking | ||
| 2915 | compatibility. | ||
| 2916 | |||
| 2912 | If -ENOBUFS is returned the buffer provided was too small and userspace | 2917 | If -ENOBUFS is returned the buffer provided was too small and userspace |
| 2913 | may retry with a bigger buffer. | 2918 | may retry with a bigger buffer. |
| 2914 | 2919 | ||
| @@ -2932,10 +2937,14 @@ containing a struct kvm_s390_irq_state: | |||
| 2932 | 2937 | ||
| 2933 | struct kvm_s390_irq_state { | 2938 | struct kvm_s390_irq_state { |
| 2934 | __u64 buf; | 2939 | __u64 buf; |
| 2940 | __u32 flags; /* will stay unused for compatibility reasons */ | ||
| 2935 | __u32 len; | 2941 | __u32 len; |
| 2936 | __u32 pad; | 2942 | __u32 reserved[4]; /* will stay unused for compatibility reasons */ |
| 2937 | }; | 2943 | }; |
| 2938 | 2944 | ||
| 2945 | The restrictions for flags and reserved apply as well. | ||
| 2946 | (see KVM_S390_GET_IRQ_STATE) | ||
| 2947 | |||
| 2939 | The userspace memory referenced by buf contains a struct kvm_s390_irq | 2948 | The userspace memory referenced by buf contains a struct kvm_s390_irq |
| 2940 | for each interrupt to be injected into the guest. | 2949 | for each interrupt to be injected into the guest. |
| 2941 | If one of the interrupts could not be injected for some reason the | 2950 | If one of the interrupts could not be injected for some reason the |
diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c index 34375eed93ee..efa439f6ffb3 100644 --- a/arch/s390/kvm/kvm-s390.c +++ b/arch/s390/kvm/kvm-s390.c | |||
| @@ -1,8 +1,8 @@ | |||
| 1 | // SPDX-License-Identifier: GPL-2.0 | 1 | // SPDX-License-Identifier: GPL-2.0 |
| 2 | /* | 2 | /* |
| 3 | * hosting zSeries kernel virtual machines | 3 | * hosting IBM Z kernel virtual machines (s390x) |
| 4 | * | 4 | * |
| 5 | * Copyright IBM Corp. 2008, 2009 | 5 | * Copyright IBM Corp. 2008, 2017 |
| 6 | * | 6 | * |
| 7 | * Author(s): Carsten Otte <cotte@de.ibm.com> | 7 | * Author(s): Carsten Otte <cotte@de.ibm.com> |
| 8 | * Christian Borntraeger <borntraeger@de.ibm.com> | 8 | * Christian Borntraeger <borntraeger@de.ibm.com> |
| @@ -3808,6 +3808,7 @@ long kvm_arch_vcpu_ioctl(struct file *filp, | |||
| 3808 | r = -EINVAL; | 3808 | r = -EINVAL; |
| 3809 | break; | 3809 | break; |
| 3810 | } | 3810 | } |
| 3811 | /* do not use irq_state.flags, it will break old QEMUs */ | ||
| 3811 | r = kvm_s390_set_irq_state(vcpu, | 3812 | r = kvm_s390_set_irq_state(vcpu, |
| 3812 | (void __user *) irq_state.buf, | 3813 | (void __user *) irq_state.buf, |
| 3813 | irq_state.len); | 3814 | irq_state.len); |
| @@ -3823,6 +3824,7 @@ long kvm_arch_vcpu_ioctl(struct file *filp, | |||
| 3823 | r = -EINVAL; | 3824 | r = -EINVAL; |
| 3824 | break; | 3825 | break; |
| 3825 | } | 3826 | } |
| 3827 | /* do not use irq_state.flags, it will break old QEMUs */ | ||
| 3826 | r = kvm_s390_get_irq_state(vcpu, | 3828 | r = kvm_s390_get_irq_state(vcpu, |
| 3827 | (__u8 __user *) irq_state.buf, | 3829 | (__u8 __user *) irq_state.buf, |
| 3828 | irq_state.len); | 3830 | irq_state.len); |
diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 282d7613fce8..496e59a2738b 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h | |||
| @@ -630,9 +630,9 @@ struct kvm_s390_irq { | |||
| 630 | 630 | ||
| 631 | struct kvm_s390_irq_state { | 631 | struct kvm_s390_irq_state { |
| 632 | __u64 buf; | 632 | __u64 buf; |
| 633 | __u32 flags; | 633 | __u32 flags; /* will stay unused for compatibility reasons */ |
| 634 | __u32 len; | 634 | __u32 len; |
| 635 | __u32 reserved[4]; | 635 | __u32 reserved[4]; /* will stay unused for compatibility reasons */ |
| 636 | }; | 636 | }; |
| 637 | 637 | ||
| 638 | /* for KVM_SET_GUEST_DEBUG */ | 638 | /* for KVM_SET_GUEST_DEBUG */ |