[J][PULL] KVM: Enable storage key checking for intercepted instruction handled by userspace

frank.heimes at canonical.com frank.heimes at canonical.com
Thu Feb 24 09:29:54 UTC 2022


BugLink: https://bugs.launchpad.net/bugs/1933179

KVM uses lazy storage key enablement as Linux does no longer make use of the
storage keys. When the guest enters keyed mode, then KVM will save/restore the
key during paging, provide change/reference tracking for guest and host and
for all interpreted instructions will do key protection.
If an instruction is intercepted and passed along to userspace (like QEMU) no
storage key protection is checked, though. This is in violation of the
architecture and it can result in misbehaving guests that rely on key
protection for all instructions.
This item will improve the MEMOP ioctl to also add key checking.
In case of a key protection the right fault is injected in the guest.

---

The following changes since commit 1c49a134c91081b26fe908c9c6608ed5220ccfee:

  selftests/ftrace: Do not trace do_softirq because of PREEMPT_RT (2022-02-23 09:17:44 +0100)

are available in the Git repository at:

  https://git.launchpad.net/~fheimes/+git/lp1933179/ 0b9c4454e8ac5b6d6d72ef849c93e89a8015c317

for you to fetch changes up to 0b9c4454e8ac5b6d6d72ef849c93e89a8015c317:

  KVM: s390: Add missing vm MEM_OP size check (2022-02-24 07:30:09 +0100)

----------------------------------------------------------------
Heiko Carstens (1):
      s390/uaccess: fix compile error

Janis Schoetterl-Glausch (14):
      KVM: s390: gaccess: Refactor gpa and length calculation
      KVM: s390: gaccess: Refactor access address range check
      KVM: s390: gaccess: Cleanup access to guest pages
      s390/uaccess: Add copy_from/to_user_key functions
      KVM: s390: Honor storage keys when accessing guest memory
      KVM: s390: handle_tprot: Honor storage keys
      KVM: s390: selftests: Test TEST PROTECTION emulation
      KVM: s390: Add optional storage key checking to MEMOP IOCTL
      KVM: s390: Add vm IOCTL for key checked guest absolute memory access
      KVM: s390: Rename existing vcpu memop functions
      KVM: s390: Add capability for storage key extension of MEM_OP IOCTL
      KVM: s390: Update api documentation for memop ioctl
      KVM: s390: Clarify key argument for MEM_OP in api docs
      KVM: s390: Add missing vm MEM_OP size check

Nico Boehr (1):
      s390/uaccess: introduce bit field for OAC specifier

 Documentation/virt/kvm/api.rst            | 114 +++++++--
 arch/s390/include/asm/ctl_reg.h           |   2 +
 arch/s390/include/asm/page.h              |   2 +
 arch/s390/include/asm/uaccess.h           | 142 +++++++----
 arch/s390/kvm/gaccess.c                   | 398 ++++++++++++++++++++++++------
 arch/s390/kvm/gaccess.h                   |  84 ++++++-
 arch/s390/kvm/intercept.c                 |  12 +-
 arch/s390/kvm/kvm-s390.c                  | 132 ++++++++--
 arch/s390/kvm/priv.c                      |  66 ++---
 arch/s390/lib/uaccess.c                   | 105 ++++++--
 include/uapi/linux/kvm.h                  |  15 +-
 tools/testing/selftests/kvm/.gitignore    |   3 +
 tools/testing/selftests/kvm/Makefile      |   1 +
 tools/testing/selftests/kvm/s390x/tprot.c | 227 +++++++++++++++++
 14 files changed, 1069 insertions(+), 234 deletions(-)
 create mode 100644 tools/testing/selftests/kvm/s390x/tprot.c



More information about the kernel-team mailing list