[PATCH 03/14] KVM: PPC: Check privilege level on SPRs

public inbox for kvm@vger.kernel.org
 help / color / mirror / Atom feed

From: Alexander Graf <agraf@suse.de>
To: kvm@vger.kernel.org
Cc: kvm-ppc@vger.kernel.org
Subject: [PATCH 03/14] KVM: PPC: Check privilege level on SPRs
Date: Thu, 25 Aug 2011 16:39:42 +0200	[thread overview]
Message-ID: <1314283193-10323-4-git-send-email-agraf@suse.de> (raw)
In-Reply-To: <1314283193-10323-1-git-send-email-agraf@suse.de>

We have 3 privilege levels: problem state, supervisor state and hypervisor
state. Each of them can access different SPRs, so we need to check on every
SPR if it's accessible in the respective mode.

Signed-off-by: Alexander Graf <agraf@suse.de>
---
 arch/powerpc/kvm/book3s_emulate.c |   25 +++++++++++++++++++++++++
 1 files changed, 25 insertions(+), 0 deletions(-)

diff --git a/arch/powerpc/kvm/book3s_emulate.c b/arch/powerpc/kvm/book3s_emulate.c
index 4668465..bf0ddcd 100644
--- a/arch/powerpc/kvm/book3s_emulate.c
+++ b/arch/powerpc/kvm/book3s_emulate.c
@@ -63,6 +63,25 @@
  * function pointers, so let's just disable the define. */
 #undef mfsrin
 
+enum priv_level {
+	PRIV_PROBLEM = 0,
+	PRIV_SUPER = 1,
+	PRIV_HYPER = 2,
+};
+
+static bool spr_allowed(struct kvm_vcpu *vcpu, enum priv_level level)
+{
+	/* PAPR VMs only access supervisor SPRs */
+	if (vcpu->arch.papr_enabled && (level > PRIV_SUPER))
+		return false;
+
+	/* Limit user space to its own small SPR set */
+	if ((vcpu->arch.shared->msr & MSR_PR) && level > PRIV_PROBLEM)
+		return false;
+
+	return true;
+}
+
 int kvmppc_core_emulate_op(struct kvm_run *run, struct kvm_vcpu *vcpu,
                            unsigned int inst, int *advance)
 {
@@ -296,6 +315,8 @@ int kvmppc_core_emulate_mtspr(struct kvm_vcpu *vcpu, int sprn, int rs)
 
 	switch (sprn) {
 	case SPRN_SDR1:
+		if (!spr_allowed(vcpu, PRIV_HYPER))
+			goto unprivileged;
 		to_book3s(vcpu)->sdr1 = spr_val;
 		break;
 	case SPRN_DSISR:
@@ -390,6 +411,7 @@ int kvmppc_core_emulate_mtspr(struct kvm_vcpu *vcpu, int sprn, int rs)
 	case SPRN_PMC4_GEKKO:
 	case SPRN_WPAR_GEKKO:
 		break;
+unprivileged:
 	default:
 		printk(KERN_INFO "KVM: invalid SPR write: %d\n", sprn);
 #ifndef DEBUG_SPR
@@ -421,6 +443,8 @@ int kvmppc_core_emulate_mfspr(struct kvm_vcpu *vcpu, int sprn, int rt)
 		break;
 	}
 	case SPRN_SDR1:
+		if (!spr_allowed(vcpu, PRIV_HYPER))
+			goto unprivileged;
 		kvmppc_set_gpr(vcpu, rt, to_book3s(vcpu)->sdr1);
 		break;
 	case SPRN_DSISR:
@@ -476,6 +500,7 @@ int kvmppc_core_emulate_mfspr(struct kvm_vcpu *vcpu, int sprn, int rt)
 		kvmppc_set_gpr(vcpu, rt, 0);
 		break;
 	default:
+unprivileged:
 		printk(KERN_INFO "KVM: invalid SPR read: %d\n", sprn);
 #ifndef DEBUG_SPR
 		emulated = EMULATE_FAIL;
-- 
1.6.0.2

next prev parent reply	other threads:[~2011-08-25 14:39 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-08-25 14:39 [PULL 00/14] ppc patch queue 2011-08-25 Alexander Graf
2011-08-25 14:39 ` [PATCH 01/14] KVM: PPC: move compute_tlbie_rb to book3s common header Alexander Graf
2011-08-25 14:39 ` [PATCH 02/14] KVM: PPC: Add papr_enabled flag Alexander Graf
2011-08-25 14:39 ` Alexander Graf [this message]
2011-08-25 14:39 ` [PATCH 04/14] KVM: PPC: Interpret SDR1 as HVA in PAPR mode Alexander Graf
2011-08-25 14:39 ` [PATCH 05/14] KVM: PPC: Read out syscall instruction on trap Alexander Graf
2011-08-25 14:39 ` [PATCH 06/14] KVM: PPC: Add support for explicit HIOR setting Alexander Graf
2011-08-25 14:39 ` [PATCH 07/14] KVM: PPC: Add PAPR hypercall code for PR mode Alexander Graf
2011-08-25 14:39 ` [PATCH 08/14] KVM: PPC: Stub emulate CFAR and PURR SPRs Alexander Graf
2011-08-25 14:39 ` [PATCH 09/14] KVM: PPC: Support SC1 hypercalls for PAPR in PR mode Alexander Graf
2011-08-25 14:39 ` [PATCH 10/14] KVM: PPC: Enable the PAPR CAP for Book3S Alexander Graf
2011-08-31  8:31   ` Avi Kivity
2011-08-31  8:37     ` Alexander Graf
2011-08-31  8:39       ` Avi Kivity
2011-08-25 14:39 ` [PATCH 11/14] KVM: PPC: Add sanity checking to vcpu_run Alexander Graf
2011-08-25 14:39 ` [PATCH 12/14] KVM: PPC: Assemble book3s{,_hv}_rmhandlers.S separately Alexander Graf
2011-08-25 14:39 ` [PATCH 13/14] KVM: PPC: book3s_pr: Simplify transitions between virtual and real mode Alexander Graf
2011-08-25 14:39 ` [PATCH 14/14] KVM: PPC: Implement H_CEDE hcall for book3s_hv in real-mode code Alexander Graf
2011-08-31  9:41 ` [PULL 00/14] ppc patch queue 2011-08-25 Avi Kivity

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:4668465 dfblob:bf0ddcd )
 OR (
bs:"[PATCH 03/14] KVM: PPC: Check privilege level on SPRs" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1314283193-10323-4-git-send-email-agraf@suse.de \
    --to=agraf@suse.de \
    --cc=kvm-ppc@vger.kernel.org \
    --cc=kvm@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox