lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 18 Jan 2022 12:27:25 -0500 From: Matthew Rosato <mjrosato@...ux.ibm.com> To: Pierre Morel <pmorel@...ux.ibm.com>, linux-s390@...r.kernel.org Cc: alex.williamson@...hat.com, cohuck@...hat.com, schnelle@...ux.ibm.com, farman@...ux.ibm.com, borntraeger@...ux.ibm.com, hca@...ux.ibm.com, gor@...ux.ibm.com, gerald.schaefer@...ux.ibm.com, agordeev@...ux.ibm.com, frankja@...ux.ibm.com, david@...hat.com, imbrenda@...ux.ibm.com, vneethv@...ux.ibm.com, oberpar@...ux.ibm.com, freude@...ux.ibm.com, thuth@...hat.com, pasic@...ux.ibm.com, kvm@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH v2 22/30] KVM: s390: intercept the rpcit instruction On 1/18/22 6:05 AM, Pierre Morel wrote: > > > On 1/14/22 21:31, Matthew Rosato wrote: >> For faster handling of PCI translation refreshes, intercept in KVM >> and call the associated handler. >> >> Signed-off-by: Matthew Rosato <mjrosato@...ux.ibm.com> >> --- >> arch/s390/kvm/priv.c | 46 ++++++++++++++++++++++++++++++++++++++++++++ >> 1 file changed, 46 insertions(+) >> >> diff --git a/arch/s390/kvm/priv.c b/arch/s390/kvm/priv.c >> index 417154b314a6..5b65c1830de2 100644 >> --- a/arch/s390/kvm/priv.c >> +++ b/arch/s390/kvm/priv.c >> @@ -29,6 +29,7 @@ >> #include <asm/ap.h> >> #include "gaccess.h" >> #include "kvm-s390.h" >> +#include "pci.h" >> #include "trace.h" >> static int handle_ri(struct kvm_vcpu *vcpu) >> @@ -335,6 +336,49 @@ static int handle_rrbe(struct kvm_vcpu *vcpu) >> return 0; >> } >> +static int handle_rpcit(struct kvm_vcpu *vcpu) >> +{ >> + int reg1, reg2; >> + u8 status; >> + int rc; >> + >> + if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE) >> + return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP); >> + >> + /* If the host doesn't support PCI, it must be an emulated device */ >> + if (!IS_ENABLED(CONFIG_PCI)) >> + return -EOPNOTSUPP; > > AFAIU this makes also sure that the following code is not compiled in > case PCI is not supported. > > I am not very used to compilation options, is it true with all our > compilers and options? > Or do we have to specify a compiler version? > > Another concern is, shouldn't we use IS_ENABLED(CONFIG_VFIO_PCI) ? Same idea as in the other thread -- What we are trying to protect against here is referencing symbols that won't be linked (like zpci_refresh_trans, or the aift->mdd a few lines below) It is indeed true that we should never need to handle the rpcit intercept in KVM if CONFIG_VFIO_PCI=n -- but the necessary symbols/code are linked at least, so we can just let the SHM logic sort this out. When CONFIG_PCI=y|m, arch/s390/kvm/pci.o will be linked and so we can compare the function handle against afit->mdd (check to see if the device is emulated) and use this to determine whether or not to immediately send to userspace -- And if CONFIG_VFIO_PCI=n, a SHM bit will always be on and so we'll always go to userspace via this check. > > > >> + >> + kvm_s390_get_regs_rre(vcpu, ®1, ®2); >> + >> + /* If the device has a SHM bit on, let userspace take care of >> this */ >> + if (((vcpu->run->s.regs.gprs[reg1] >> 32) & aift->mdd) != 0) >> + return -EOPNOTSUPP; >> + >> + rc = kvm_s390_pci_refresh_trans(vcpu, vcpu->run->s.regs.gprs[reg1], >> + vcpu->run->s.regs.gprs[reg2], >> + vcpu->run->s.regs.gprs[reg2+1], >> + &status); >> + >> + switch (rc) { >> + case 0: >> + kvm_s390_set_psw_cc(vcpu, 0); >> + break; >> + case -EOPNOTSUPP: >> + return -EOPNOTSUPP; >> + default: >> + vcpu->run->s.regs.gprs[reg1] &= 0xffffffff00ffffffUL; >> + vcpu->run->s.regs.gprs[reg1] |= (u64) status << 24; >> + if (status != 0) >> + kvm_s390_set_psw_cc(vcpu, 1); >> + else >> + kvm_s390_set_psw_cc(vcpu, 3); >> + break; >> + } >> + >> + return 0; >> +} >> + >> #define SSKE_NQ 0x8 >> #define SSKE_MR 0x4 >> #define SSKE_MC 0x2 >> @@ -1275,6 +1319,8 @@ int kvm_s390_handle_b9(struct kvm_vcpu *vcpu) >> return handle_essa(vcpu); >> case 0xaf: >> return handle_pfmf(vcpu); >> + case 0xd3: >> + return handle_rpcit(vcpu); >> default: >> return -EOPNOTSUPP; >> } >> >
Powered by blists - more mailing lists