Secure execution (aka protected virtualization) guests cannot be
migrated at the moment. If the unpack facility is provided in the cpu
model, a guest may choose to transition to secure mode, making the
guest unmigratable at that point in time. If the machine was explicitly
started with --only-migratable, we would get a failure only when the
guest actually tries to transition; instead, explicitly disallow the
unpack facility if --only-migratable was specified to avoid late
surprises.
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
---
target/s390x/cpu_models.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/target/s390x/cpu_models.c b/target/s390x/cpu_models.c
index 35179f9dc7ba..dd474c5e9ad1 100644
--- a/target/s390x/cpu_models.c
+++ b/target/s390x/cpu_models.c
@@ -26,6 +26,7 @@
#include "qapi/qmp/qdict.h"
#ifndef CONFIG_USER_ONLY
#include "sysemu/arch_init.h"
+#include "sysemu/sysemu.h"
#include "hw/pci/pci.h"
#endif
#include "qapi/qapi-commands-machine-target.h"
@@ -878,6 +879,15 @@ static void check_compatibility(const S390CPUModel *max_model,
return;
}
+#ifndef CONFIG_USER_ONLY
+ if (only_migratable && test_bit(S390_FEAT_UNPACK, model->features)) {
+ error_setg(errp, "The unpack facility is not compatible with "
+ "the --only-migratable option. You must remove either "
+ "the 'unpack' facility or the --only-migratable option");
+ return;
+ }
+#endif
+
/* detect the missing features to properly report them */
bitmap_andnot(missing, model->features, max_model->features, S390_FEAT_MAX);
if (bitmap_empty(missing, S390_FEAT_MAX)) {
--
2.28.0