APPLIED: [SRU][F][PULL v2] KVM: Enable storage key checking for intercepted instruction
Stefan Bader
stefan.bader at canonical.com
Wed Mar 16 14:32:34 UTC 2022
On 08.03.22 07:31, frank.heimes at canonical.com wrote:
> BugLink: https://bugs.launchpad.net/bugs/1962831
>
> KVM uses lazy storage key enablement as Linux does no longer make use of the
> storage keys. When the guest enters keyed mode, then KVM will save/restore the
> key during paging, provide change/reference tracking for guest and host and
> for all interpreted instructions will do key protection.
> If an instruction is intercepted and passed along to userspace (like QEMU) no
> storage key protection is checked, though. This is in violation of the
> architecture and it can result in misbehaving guests that rely on key
> protection for all instructions.
> This item will add the missing key checking to MEMOP ioctl.
>
> v2: Moved backport notes from LP bug to commits. Removed obsolete 'From:' lines.
>
> ---
>
> The following changes since commit dbdbd581976f9dfcc9e21a777273b55bdb9bf138:
>
> UBUNTU: Ubuntu-5.4.0-102.115 (2022-02-23 15:32:05 +0100)
>
> are available in the Git repository at:
>
> https://git.launchpad.net/~fheimes/+git/lp1962831/ dad556895abcce390a1310ff41b353d9e58cca73
>
> for you to fetch changes up to dad556895abcce390a1310ff41b353d9e58cca73:
>
> KVM: s390: Add missing vm MEM_OP size check (2022-03-07 20:53:28 +0100)
>
> ----------------------------------------------------------------
> Emanuele Giuseppe Esposito (1):
> selftests: kvm: add _vm_ioctl
>
> Heiko Carstens (1):
> s390/uaccess: fix compile error
>
> Janis Schoetterl-Glausch (14):
> KVM: s390: gaccess: Refactor gpa and length calculation
> KVM: s390: gaccess: Refactor access address range check
> KVM: s390: gaccess: Cleanup access to guest pages
> s390/uaccess: Add copy_from/to_user_key functions
> KVM: s390: Honor storage keys when accessing guest memory
> KVM: s390: handle_tprot: Honor storage keys
> KVM: s390: selftests: Test TEST PROTECTION emulation
> KVM: s390: Add optional storage key checking to MEMOP IOCTL
> KVM: s390: Add vm IOCTL for key checked guest absolute memory access
> KVM: s390: Rename existing vcpu memop functions
> KVM: s390: Add capability for storage key extension of MEM_OP IOCTL
> KVM: s390: Update api documentation for memop ioctl
> KVM: s390: Clarify key argument for MEM_OP in api docs
> KVM: s390: Add missing vm MEM_OP size check
>
> Nico Boehr (1):
> s390/uaccess: introduce bit field for OAC specifier
>
> Sean Christopherson (1):
> KVM: selftests: Add GUEST_ASSERT variants to pass values to host
>
> Wainer dos Santos Moschetta (1):
> selftests: kvm: Introduce the TEST_FAIL macro
>
> Documentation/virt/kvm/api.txt | 127 ++++++--
> arch/s390/include/asm/ctl_reg.h | 2 +
> arch/s390/include/asm/page.h | 2 +
> arch/s390/include/asm/uaccess.h | 144 ++++++---
> arch/s390/kvm/gaccess.c | 408 +++++++++++++++++++-----
> arch/s390/kvm/gaccess.h | 84 ++++-
> arch/s390/kvm/intercept.c | 12 +-
> arch/s390/kvm/kvm-s390.c | 132 ++++++--
> arch/s390/kvm/priv.c | 66 ++--
> arch/s390/lib/uaccess.c | 108 +++++--
> include/uapi/linux/kvm.h | 11 +-
> tools/testing/selftests/kvm/.gitignore | 1 +
> tools/testing/selftests/kvm/Makefile | 1 +
> tools/testing/selftests/kvm/include/kvm_util.h | 26 +-
> tools/testing/selftests/kvm/include/test_util.h | 3 +
> tools/testing/selftests/kvm/lib/kvm_util.c | 7 +-
> tools/testing/selftests/kvm/s390x/tprot.c | 228 +++++++++++++
> 17 files changed, 1114 insertions(+), 248 deletions(-)
> create mode 100644 tools/testing/selftests/kvm/s390x/tprot.c
>
Applied to focal:linux/master-next. Thanks.
-Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20220316/9fa34537/attachment-0001.sig>
More information about the kernel-team
mailing list