NAK/Cmnt: [SRU][F][PULL] KVM: Enable storage key checking for intercepted instruction

Krzysztof Kozlowski krzysztof.kozlowski at canonical.com
Mon Mar 7 11:41:45 UTC 2022 

On 04/03/2022 12:31, frank.heimes at canonical.com wrote:
> BugLink: https://bugs.launchpad.net/bugs/1962831
> 
> KVM uses lazy storage key enablement as Linux does no longer make use of the
> storage keys. When the guest enters keyed mode, then KVM will save/restore the
> key during paging, provide change/reference tracking for guest and host and
> for all interpreted instructions will do key protection.
> If an instruction is intercepted and passed along to userspace (like QEMU) no
> storage key protection is checked, though. This is in violation of the
> architecture and it can result in misbehaving guests that rely on key
> protection for all instructions.
> This item will add the missing key checking to MEMOP ioctl.
> 
> ---
> 
> The following changes since commit dbdbd581976f9dfcc9e21a777273b55bdb9bf138:
> 
>   UBUNTU: Ubuntu-5.4.0-102.115 (2022-02-23 15:32:05 +0100)
> 
> are available in the Git repository at:
> 
>   https://git.launchpad.net/~fheimes/+git/lp1962831/ 16c0809cf1012e68279a8936a482c1d63cc4d14c
> 
> for you to fetch changes up to 16c0809cf1012e68279a8936a482c1d63cc4d14c:
> 
>   KVM: s390: Add missing vm MEM_OP size check (2022-03-03 22:45:50 +0100)
> 
> ----------------------------------------------------------------
> Emanuele Giuseppe Esposito (1):
>       selftests: kvm: add _vm_ioctl
> 
> Heiko Carstens (1):
>       s390/uaccess: fix compile error
> 
> Janis Schoetterl-Glausch (14):
>       KVM: s390: gaccess: Refactor gpa and length calculation
>       KVM: s390: gaccess: Refactor access address range check
>       KVM: s390: gaccess: Cleanup access to guest pages
>       s390/uaccess: Add copy_from/to_user_key functions

This ones slightly differs from upstream. Please mention it in commit
msg with short explanation "why" before your signed-off-by.

>       KVM: s390: Honor storage keys when accessing guest memory
>       KVM: s390: handle_tprot: Honor storage keys
>       KVM: s390: selftests: Test TEST PROTECTION emulation

This ones slightly differs from upstream. Please mention it in commit
msg with short explanation "why" before your signed-off-by.

>       KVM: s390: Add optional storage key checking to MEMOP IOCTL
>       KVM: s390: Add vm IOCTL for key checked guest absolute memory access

This one differs from upstream with a lock in vm_check_access_key().
Please mention it in commit msg with short explanation "why" before your
signed-off-by.

>       KVM: s390: Rename existing vcpu memop functions
>       KVM: s390: Add capability for storage key extension of MEM_OP IOCTL

This one sets KVM_CAP_S390_MEM_OP_EXTENSION while upstream has 210. Why?

>       KVM: s390: Update api documentation for memop ioctl
>       KVM: s390: Clarify key argument for MEM_OP in api docs
>       KVM: s390: Add missing vm MEM_OP size check

This one has malformed commit (additional "From"). Few other  commits
have this issue as well.

> 
> Nico Boehr (1):
>       s390/uaccess: introduce bit field for OAC specifier
> 
> Sean Christopherson (1):
>       KVM: selftests: Add GUEST_ASSERT variants to pass values to host
> 
> Wainer dos Santos Moschetta (1):
>       selftests: kvm: Introduce the TEST_FAIL macro
> 

Best regards,
Krzysztof

More information about the kernel-team mailing list