| Message ID | 20190826062109.7573-4-sjitindarsingh@gmail.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | KVM: PPC: BOok3S HV: Support for nested HPT guests | expand |
On Mon, Aug 26, 2019 at 04:20:49PM +1000, Suraj Jitindar Singh wrote: > Don't allow hpt (hash page table) guests to act as guest hypervisors and > thus be able to run nested guests. There is currently no support for > this, if a nested guest is to be run it must be run at the lowest level. > Explicitly disallow hash guests from enabling the nested kvm-hv capability > at the hypervisor level. > > Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com> > --- > arch/powerpc/kvm/book3s_hv.c | 6 +++++- > 1 file changed, 5 insertions(+), 1 deletion(-) > > diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c > index cde3f5a4b3e4..ce960301bfaa 100644 > --- a/arch/powerpc/kvm/book3s_hv.c > +++ b/arch/powerpc/kvm/book3s_hv.c > @@ -5336,8 +5336,12 @@ static int kvmhv_enable_nested(struct kvm *kvm) > return -ENODEV; > > /* kvm == NULL means the caller is testing if the capability exists */ > - if (kvm) > + if (kvm) { > + /* Only radix guests can act as nested hv and thus run guests */ > + if (!kvm_is_radix(kvm)) > + return -1; > kvm->arch.nested_enable = true; > + } I don't think this is necessary, and is possibly undesirable, since a guest can switch between HPT and radix mode. In fact if a guest in HPT mode tries to do any of the hcalls for managing nested guests, it will get errors, because we have this: static inline bool nesting_enabled(struct kvm *kvm) { return kvm->arch.nested_enable && kvm_is_radix(kvm); } and H_SET_PARTITION_TABLE, H_ENTER_NESTED, etc. all return H_FUNCTION if nested_enabled() is false. (This is as the code is today without your patch). Furthermore, kvmppc_switch_mmu_to_hpt() does this: if (nesting_enabled(kvm)) kvmhv_release_all_nested(kvm); So I think it is all covered already without your patch. Paul.
diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c index cde3f5a4b3e4..ce960301bfaa 100644 --- a/arch/powerpc/kvm/book3s_hv.c +++ b/arch/powerpc/kvm/book3s_hv.c @@ -5336,8 +5336,12 @@ static int kvmhv_enable_nested(struct kvm *kvm) return -ENODEV; /* kvm == NULL means the caller is testing if the capability exists */ - if (kvm) + if (kvm) { + /* Only radix guests can act as nested hv and thus run guests */ + if (!kvm_is_radix(kvm)) + return -1; kvm->arch.nested_enable = true; + } return 0; }
Don't allow hpt (hash page table) guests to act as guest hypervisors and thus be able to run nested guests. There is currently no support for this, if a nested guest is to be run it must be run at the lowest level. Explicitly disallow hash guests from enabling the nested kvm-hv capability at the hypervisor level. Signed-off-by: Suraj Jitindar Singh <sjitindarsingh@gmail.com> --- arch/powerpc/kvm/book3s_hv.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)