| commit | efcb9383b974114e5f682e531346006f8f2466c0 | |
| author | David Gibson <david@gibson.dropbear.id.au> | |
| Tue, 25 Sep 2012 17:12:20 +0000 (25 17:12 +0000) | ||
| committer | Alexander Graf <agraf@suse.de> | |
| Fri, 5 Oct 2012 00:35:11 +0000 (5 02:35 +0200) | ||
| tree | be3beb684a5a9d2d6e1e20b36a56ff3cd925e319 | treesnapshot (tar.gz zip) |
| parent | 7e7ec2d290ca5b1bdd555da9852dc5ee60232fe5 | commitdiff |
pseries: Don't test for MSR_PR for hypercalls under KVM
PAPR hypercalls should only be invoked from the guest kernel, not guest
user programs, that is, with MSR[PR]=0. Currently we check this in
spapr_hypercall, returning H_PRIVILEGE if MSR[PR]=1.
However, under KVM the state of MSR[PR] is already checked by the host
kernel before passing the hypercall to qemu, making this check redundant.
Worse, however, we don't generally synchronize KVM and qemu state on the
hypercall path, meaning that qemu could incorrectly reject a hypercall
because it has a stale MSR value.
This patch fixes the problem by moving the privilege test exclusively to
the TCG hypercall path.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
CC: qemu-stable@nongnu.org
Signed-off-by: Alexander Graf <agraf@suse.de>
PAPR hypercalls should only be invoked from the guest kernel, not guest
user programs, that is, with MSR[PR]=0. Currently we check this in
spapr_hypercall, returning H_PRIVILEGE if MSR[PR]=1.
However, under KVM the state of MSR[PR] is already checked by the host
kernel before passing the hypercall to qemu, making this check redundant.
Worse, however, we don't generally synchronize KVM and qemu state on the
hypercall path, meaning that qemu could incorrectly reject a hypercall
because it has a stale MSR value.
This patch fixes the problem by moving the privilege test exclusively to
the TCG hypercall path.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
CC: qemu-stable@nongnu.org
Signed-off-by: Alexander Graf <agraf@suse.de>
| hw/spapr.c | diffblobblamehistory | |
| hw/spapr_hcall.c | diffblobblamehistory |