s390: virtio: PV needs VIRTIO I/O device protection
authorPierre Morel <pmorel@linux.ibm.com>
Thu, 10 Sep 2020 08:53:50 +0000 (10:53 +0200)
committerMichael S. Tsirkin <mst@redhat.com>
Wed, 21 Oct 2020 14:34:13 +0000 (10:34 -0400)
If protected virtualization is active on s390, VIRTIO has only retricted
access to the guest memory.
Define CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS and export
arch_has_restricted_virtio_memory_access to advertize VIRTIO if that's
the case.

Signed-off-by: Pierre Morel <pmorel@linux.ibm.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Halil Pasic <pasic@linux.ibm.com>
Link: https://lore.kernel.org/r/1599728030-17085-3-git-send-email-pmorel@linux.ibm.com
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
arch/s390/Kconfig
arch/s390/mm/init.c

index b29fcc6..9382462 100644 (file)
@@ -820,6 +820,7 @@ menu "Virtualization"
 config PROTECTED_VIRTUALIZATION_GUEST
        def_bool n
        prompt "Protected virtualization guest support"
+       select ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
        help
          Select this option, if you want to be able to run this
          kernel as a protected virtualization KVM guest.
index 0d28208..e27f050 100644 (file)
@@ -45,6 +45,7 @@
 #include <asm/kasan.h>
 #include <asm/dma-mapping.h>
 #include <asm/uv.h>
+#include <linux/virtio_config.h>
 
 pgd_t swapper_pg_dir[PTRS_PER_PGD] __section(.bss..swapper_pg_dir);
 
@@ -160,6 +161,16 @@ bool force_dma_unencrypted(struct device *dev)
        return is_prot_virt_guest();
 }
 
+#ifdef CONFIG_ARCH_HAS_RESTRICTED_VIRTIO_MEMORY_ACCESS
+
+int arch_has_restricted_virtio_memory_access(void)
+{
+       return is_prot_virt_guest();
+}
+EXPORT_SYMBOL(arch_has_restricted_virtio_memory_access);
+
+#endif
+
 /* protected virtualization */
 static void pv_init(void)
 {