lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 18 Jan 2022 12:27:25 -0500
From:   Matthew Rosato <mjrosato@...ux.ibm.com>
To:     Pierre Morel <pmorel@...ux.ibm.com>, linux-s390@...r.kernel.org
Cc:     alex.williamson@...hat.com, cohuck@...hat.com,
        schnelle@...ux.ibm.com, farman@...ux.ibm.com,
        borntraeger@...ux.ibm.com, hca@...ux.ibm.com, gor@...ux.ibm.com,
        gerald.schaefer@...ux.ibm.com, agordeev@...ux.ibm.com,
        frankja@...ux.ibm.com, david@...hat.com, imbrenda@...ux.ibm.com,
        vneethv@...ux.ibm.com, oberpar@...ux.ibm.com, freude@...ux.ibm.com,
        thuth@...hat.com, pasic@...ux.ibm.com, kvm@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 22/30] KVM: s390: intercept the rpcit instruction

On 1/18/22 6:05 AM, Pierre Morel wrote:
> 
> 
> On 1/14/22 21:31, Matthew Rosato wrote:
>> For faster handling of PCI translation refreshes, intercept in KVM
>> and call the associated handler.
>>
>> Signed-off-by: Matthew Rosato <mjrosato@...ux.ibm.com>
>> ---
>>   arch/s390/kvm/priv.c | 46 ++++++++++++++++++++++++++++++++++++++++++++
>>   1 file changed, 46 insertions(+)
>>
>> diff --git a/arch/s390/kvm/priv.c b/arch/s390/kvm/priv.c
>> index 417154b314a6..5b65c1830de2 100644
>> --- a/arch/s390/kvm/priv.c
>> +++ b/arch/s390/kvm/priv.c
>> @@ -29,6 +29,7 @@
>>   #include <asm/ap.h>
>>   #include "gaccess.h"
>>   #include "kvm-s390.h"
>> +#include "pci.h"
>>   #include "trace.h"
>>   static int handle_ri(struct kvm_vcpu *vcpu)
>> @@ -335,6 +336,49 @@ static int handle_rrbe(struct kvm_vcpu *vcpu)
>>       return 0;
>>   }
>> +static int handle_rpcit(struct kvm_vcpu *vcpu)
>> +{
>> +    int reg1, reg2;
>> +    u8 status;
>> +    int rc;
>> +
>> +    if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
>> +        return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);
>> +
>> +    /* If the host doesn't support PCI, it must be an emulated device */
>> +    if (!IS_ENABLED(CONFIG_PCI))
>> +        return -EOPNOTSUPP;
> 
> AFAIU this makes also sure that the following code is not compiled in 
> case PCI is not supported.
> 
> I am not very used to compilation options, is it true with all our 
> compilers and options?
> Or do we have to specify a compiler version?
> 
> Another concern is, shouldn't we use IS_ENABLED(CONFIG_VFIO_PCI) ?

Same idea as in the other thread -- What we are trying to protect 
against here is referencing symbols that won't be linked (like 
zpci_refresh_trans, or the aift->mdd a few lines below)

It is indeed true that we should never need to handle the rpcit 
intercept in KVM if CONFIG_VFIO_PCI=n -- but the necessary symbols/code 
are linked at least, so we can just let the SHM logic sort this out. 
When CONFIG_PCI=y|m, arch/s390/kvm/pci.o will be linked and so we can 
compare the function handle against afit->mdd (check to see if the 
device is emulated) and use this to determine whether or not to 
immediately send to userspace -- And if CONFIG_VFIO_PCI=n, a SHM bit 
will always be on and so we'll always go to userspace via this check.

> 
> 
> 
>> +
>> +    kvm_s390_get_regs_rre(vcpu, &reg1, &reg2);
>> +
>> +    /* If the device has a SHM bit on, let userspace take care of 
>> this */
>> +    if (((vcpu->run->s.regs.gprs[reg1] >> 32) & aift->mdd) != 0)
>> +        return -EOPNOTSUPP;
>> +
>> +    rc = kvm_s390_pci_refresh_trans(vcpu, vcpu->run->s.regs.gprs[reg1],
>> +                    vcpu->run->s.regs.gprs[reg2],
>> +                    vcpu->run->s.regs.gprs[reg2+1],
>> +                    &status);
>> +
>> +    switch (rc) {
>> +    case 0:
>> +        kvm_s390_set_psw_cc(vcpu, 0);
>> +        break;
>> +    case -EOPNOTSUPP:
>> +        return -EOPNOTSUPP;
>> +    default:
>> +        vcpu->run->s.regs.gprs[reg1] &= 0xffffffff00ffffffUL;
>> +        vcpu->run->s.regs.gprs[reg1] |= (u64) status << 24;
>> +        if (status != 0)
>> +            kvm_s390_set_psw_cc(vcpu, 1);
>> +        else
>> +            kvm_s390_set_psw_cc(vcpu, 3);
>> +        break;
>> +    }
>> +
>> +    return 0;
>> +}
>> +
>>   #define SSKE_NQ 0x8
>>   #define SSKE_MR 0x4
>>   #define SSKE_MC 0x2
>> @@ -1275,6 +1319,8 @@ int kvm_s390_handle_b9(struct kvm_vcpu *vcpu)
>>           return handle_essa(vcpu);
>>       case 0xaf:
>>           return handle_pfmf(vcpu);
>> +    case 0xd3:
>> +        return handle_rpcit(vcpu);
>>       default:
>>           return -EOPNOTSUPP;
>>       }
>>
> 

Powered by blists - more mailing lists