pool/qemu
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5660512841
qemu/s390x-Add-unpack-facility-feature-to-GA1.patch
Bruce Rogers af68a7132d Accepting request 822154 from home:bfrogers:branches:Virtualization 
- Updating to Sphinx v3.1.2 in Factory is exposing an issue in
  qemu doc sources. Fix it
  docs-fix-trace-docs-build-with-sphinx-3..patch
- Fix DoS possibility in ati-vga emulation (CVE-2020-13800
  bsc#1172495)
  ati-vga-check-mm_index-before-recursive-.patch
- Fix DoS possibility in Network Block Device (nbd) support
  infrastructure (CVE-2020-10761 bsc#1172710)
  nbd-server-Avoid-long-error-message-asse.patch
- Fix null pointer dereference possibility (DoS) in MegaRAID SAS
  8708EM2 emulation (CVE-2020-13659 bsc#1172386)
  exec-set-map-length-to-zero-when-returni.patch
- Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation
  (CVE-2020-13362 bsc#1172383)
  megasas-use-unsigned-type-for-reply_queu.patch
- Fix legacy IGD passthrough
  hw-vfio-pci-quirks-Fix-broken-legacy-IGD.patch
- The latest gcc10 available in Factory has the fix for the
  issue this patch was created to avoid, so drop it
  build-Work-around-gcc10-bug-by-not-using.patch
- Switch to upstream versions of some patches we carry
  add-enum-cast-to-avoid-gcc10-warning.patch
  -> golan-Add-explicit-type-casts-for-nodnic.patch
  Be-explicit-about-fcommon-compiler-direc.patch
  -> build-Be-explicit-about-fcommon-compiler.patch
  Do-not-apply-WORKAROUND_CFLAGS-for-host-.patch
  -> build-Do-not-apply-WORKAROUND_CFLAGS-for.patch
  Fix-s-directive-argument-is-null-error.patch
  -> build-Fix-s-directive-argument-is-null-e.patch
  Workaround-compilation-error-with-gcc-9..patch
  -> build-Workaround-compilation-error-with-.patch
  work-around-gcc10-problem-with-zero-leng.patch
  -> intel-Avoid-spurious-compiler-warning-on.patch
- Fix vgabios issue for cirrus graphics emulation, which
  effectively downgraded it to standard VGA behavior
  vga-fix-cirrus-bios.patch
- Fix OOB access possibility in ES1370 audio device emulation
  (CVE-2020-13361 bsc#1172384)
  es1370-check-total-frame-count-against-c.patch

OBS-URL: https://build.opensuse.org/request/show/822154
OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=553
2020-07-22 04:19:22 +00:00

62 lines
2.2 KiB
Diff
Raw Blame History

From: Christian Borntraeger <borntraeger@de.ibm.com>
Date: Tue, 25 Feb 2020 06:28:51 -0500
Subject: s390x: Add unpack facility feature to GA1
Git-commit: 3034eaac3b2970ba85a1d77814ceef1352d05357
References: bsc#1167075
The unpack facility is an indication that diagnose 308 subcodes 8-10
are available to the guest. That means, that the guest can put itself
into protected mode.
Once it is in protected mode, the hardware stops any attempt of VM
introspection by the hypervisor.
Some features are currently not supported in protected mode:
* vfio devices
* Migration
* Huge page backings
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
target/s390x/gen-features.c | 1 +
target/s390x/kvm.c | 8 ++++++++
2 files changed, 9 insertions(+)
diff --git a/target/s390x/gen-features.c b/target/s390x/gen-features.c
index 6278845b12b8dee84c086413c60a..8ddeebc54419a3e2481e21916389 100644
--- a/target/s390x/gen-features.c
+++ b/target/s390x/gen-features.c
@@ -562,6 +562,7 @@ static uint16_t full_GEN15_GA1[] = {
S390_FEAT_GROUP_MSA_EXT_9,
S390_FEAT_GROUP_MSA_EXT_9_PCKMO,
S390_FEAT_ETOKEN,
+ S390_FEAT_UNPACK,
};
/* Default features (in order of release)
diff --git a/target/s390x/kvm.c b/target/s390x/kvm.c
index 870dd1b52b6e424f6cbd751cce0d..69881a0da0b31f72c4c3794d17ab 100644
--- a/target/s390x/kvm.c
+++ b/target/s390x/kvm.c
@@ -2425,6 +2425,14 @@ void kvm_s390_get_host_cpu_model(S390CPUModel *model, Error **errp)
clear_bit(S390_FEAT_BPB, model->features);
}
+ /*
+ * If we have support for protected virtualization, indicate
+ * the protected virtualization IPL unpack facility.
+ */
+ if (cap_protected) {
+ set_bit(S390_FEAT_UNPACK, model->features);
+ }
+
/* We emulate a zPCI bus and AEN, therefore we don't need HW support */
set_bit(S390_FEAT_ZPCI, model->features);
set_bit(S390_FEAT_ADAPTER_EVENT_NOTIFICATION, model->features);
Reference in New Issue View Git Blame Copy Permalink