| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <88fadaf1-595a-ac72-279a-6706f149be9b@redhat.com>
Date: Mon, 7 May 2018 16:55:20 +0200
From: David Hildenbrand <david@...hat.com>
To: Tony Krowiak <akrowiak@...ux.vnet.ibm.com>,
linux-s390@...r.kernel.org, linux-kernel@...r.kernel.org,
kvm@...r.kernel.org
Cc: freude@...ibm.com, schwidefsky@...ibm.com,
heiko.carstens@...ibm.com, borntraeger@...ibm.com,
cohuck@...hat.com, kwankhede@...dia.com,
bjsdjshi@...ux.vnet.ibm.com, pbonzini@...hat.com,
alex.williamson@...hat.com, pmorel@...ux.vnet.ibm.com,
alifm@...ux.vnet.ibm.com, mjrosato@...ux.vnet.ibm.com,
jjherne@...ux.vnet.ibm.com, thuth@...hat.com,
pasic@...ux.vnet.ibm.com, berrange@...hat.com,
fiuczy@...ux.vnet.ibm.com, buendgen@...ibm.com
Subject: Re: [PATCH v4 01/15] s390: zcrypt: externalize AP instructions
available function
On 07.05.2018 16:02, Tony Krowiak wrote:
> On 05/04/2018 03:19 AM, David Hildenbrand wrote:
>> On 15.04.2018 23:22, Tony Krowiak wrote:
>>> If the AP instructions are not available on the linux host, then
>>> AP devices can not be interpreted by the SIE. The AP bus has a
>> This statement is wrong. The instructions can be interpreted by SIE e.g.
>> if there are no devices assigned to a guest. This is e.g. the case for
>> !CONFIG_ZCRYPT.
>
> While the statement is admittedly poorly worded, it is not wrong.
> Without going into architectural details, If the AP instructions
> are not available, they will not be interpreted for guest
> level 1 - i.e., the linux host. If AP instructions are not interpreted
> for guest level 1, then they will not be interpreted for guest
> level 2 regardless of whether ECA_APIE is set for guest level 2 or
> not. I don't see how CONFIG_ZCRYPT has anything to do with this.
>
>
>>
>> Also, doesn't this directly imply that the other execution control
>> should also not be used ("intercept AP instuctions"). This would be bad.
>> Just because !CONFIG_ZCRYPT does not imply that you can't emulate AP
>> devices for a guest.
>
> Setting CONFIG_ZCRYPT=n simply means that the AP bus will not be built
> and therefore the AP bus interfaces will not be available to KVM.
> As far as ECA_APIE goes, there are only two choices: Set the bit to
> enable SIE interpretation of AP instructions; Clear the bit to use
I thought somebody once mentioned once in one of these threads that
there are actually 2 different bits. One to control interpretation and
one to control interception.
> interception. We are only supporting SIE interpretation of AP
> instructions at this time, so we need a sure-fire way to determine
> if the AP instructions are installed, which is the point of this patch.
> Since there are no intercept handlers at this time, when the AP bus
> module on the guest is initialized, the init function will fail and
> the bus will not come up. There are protections built into userspace
> (QEMU in this case) to ensure that a guest is not started if the CPU
> model feature for AP instructions is not turned on for the guest. The
> CPU model feature will be enabled by the KVM only if the AP instructions
> are installed on the linux host. Again, that is reason for this
> patch.
>
--
Thanks,
David / dhildenb
Powered by blists - more mailing lists