APPLIED: [J][PULL] KVM: Enable storage key checking for intercepted instruction handled by userspace
Andrea Righi
andrea.righi at canonical.com
Thu Feb 24 13:30:29 UTC 2022
On Thu, Feb 24, 2022 at 10:29:54AM +0100, frank.heimes at canonical.com wrote:
> BugLink: https://bugs.launchpad.net/bugs/1933179
>
> KVM uses lazy storage key enablement as Linux does no longer make use of the
> storage keys. When the guest enters keyed mode, then KVM will save/restore the
> key during paging, provide change/reference tracking for guest and host and
> for all interpreted instructions will do key protection.
> If an instruction is intercepted and passed along to userspace (like QEMU) no
> storage key protection is checked, though. This is in violation of the
> architecture and it can result in misbehaving guests that rely on key
> protection for all instructions.
> This item will improve the MEMOP ioctl to also add key checking.
> In case of a key protection the right fault is injected in the guest.
All clean cherry-picks from upstream / linux-next. From a logical
perspective it makes sense to apply these changes, therefore ACK-ed and
applied to jammy/linux.
Acked-by: Andrea Righi <andrea.righi at canonical.com>
More information about the kernel-team
mailing list