lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20231107123118.778364-1-nsg@linux.ibm.com>
Date:   Tue,  7 Nov 2023 13:31:14 +0100
From:   Nina Schoetterl-Glausch <nsg@...ux.ibm.com>
To:     Janosch Frank <frankja@...ux.ibm.com>,
        David Hildenbrand <david@...hat.com>,
        Christian Borntraeger <borntraeger@...ux.ibm.com>,
        Alexander Gordeev <agordeev@...ux.ibm.com>,
        Nina Schoetterl-Glausch <nsg@...ux.ibm.com>,
        Claudio Imbrenda <imbrenda@...ux.ibm.com>,
        Heiko Carstens <hca@...ux.ibm.com>,
        Vasily Gorbik <gor@...ux.ibm.com>
Cc:     kvm@...r.kernel.org, Sven Schnelle <svens@...ux.ibm.com>,
        linux-kernel@...r.kernel.org, linux-s390@...r.kernel.org
Subject: [PATCH v2 0/4] KVM: s390: Fix minor bugs in STFLE shadowing

v1 -> v2 (range-diff below):
 * pick up tags (thanks {Claudio, David})
 * drop Fixes tag on cleanup patch, change message (thanks David)
 * drop Fixes tag on second patch since the length of the facility list
   copied wasn't initially specified and only clarified in later
   revisions
 * use READ/WRITE_ONCE (thanks {David, Heiko})

Improve the STFLE vsie implementation.
Firstly, fix a bug concerning the identification if the guest is
intending to use interpretive execution for STFLE for its guest.
Secondly, decrease the amount of guest memory accessed to the
minimum.
Also do some (optional) cleanups.

Nina Schoetterl-Glausch (4):
  KVM: s390: vsie: Fix STFLE interpretive execution identification
  KVM: s390: vsie: Fix length of facility list shadowed
  KVM: s390: cpu model: Use proper define for facility mask size
  KVM: s390: Minor refactor of base/ext facility lists

 arch/s390/include/asm/facility.h |  6 +++++
 arch/s390/include/asm/kvm_host.h |  2 +-
 arch/s390/kernel/Makefile        |  2 +-
 arch/s390/kernel/facility.c      | 21 +++++++++++++++
 arch/s390/kvm/kvm-s390.c         | 44 ++++++++++++++------------------
 arch/s390/kvm/vsie.c             | 15 +++++++++--
 6 files changed, 61 insertions(+), 29 deletions(-)
 create mode 100644 arch/s390/kernel/facility.c

Range-diff against v1:
1:  cffe5f1c29d1 ! 1:  de77a2c36786 KVM: s390: vsie: Fix STFLE interpretive execution identification
    @@ Commit message
         Perform the check before applying the address mask instead of after.
     
         Fixes: 66b630d5b7f2 ("KVM: s390: vsie: support STFLE interpretation")
    +    Reviewed-by: Claudio Imbrenda <imbrenda@...ux.ibm.com>
    +    Acked-by: David Hildenbrand <david@...hat.com>
         Signed-off-by: Nina Schoetterl-Glausch <nsg@...ux.ibm.com>
     
      ## arch/s390/kvm/vsie.c ##
2:  8ef9965c4671 ! 2:  f3b189627e96 KVM: s390: vsie: Fix length of facility list shadowed
    @@ Commit message
         The memory following the facility list need not be accessible, in which
         case we'd wrongly inject a validity intercept.
     
    -    Fixes: 66b630d5b7f2 ("KVM: s390: vsie: support STFLE interpretation")
    +    Acked-by: David Hildenbrand <david@...hat.com>
         Signed-off-by: Nina Schoetterl-Glausch <nsg@...ux.ibm.com>
     
      ## arch/s390/include/asm/facility.h ##
    @@ arch/s390/kernel/facility.c (new)
     +
     +unsigned int stfle_size(void)
     +{
    -+	static unsigned int size = 0;
    ++	static unsigned int size;
     +	u64 dummy;
    ++	unsigned int r;
     +
    -+	if (!size) {
    -+		size = __stfle_asm(&dummy, 1) + 1;
    ++	r = READ_ONCE(size);
    ++	if (!r) {
    ++		r = __stfle_asm(&dummy, 1) + 1;
    ++		WRITE_ONCE(size, r);
     +	}
    -+	return size;
    ++	return r;
     +}
     +EXPORT_SYMBOL(stfle_size);
     
3:  4104a7c218f1 ! 3:  4907bb8fb2bc KVM: s390: cpu model: Use previously unused constant
    @@ Metadata
     Author: Nina Schoetterl-Glausch <nsg@...ux.ibm.com>
     
      ## Commit message ##
    -    KVM: s390: cpu model: Use previously unused constant
    +    KVM: s390: cpu model: Use proper define for facility mask size
     
    -    No point in defining a size for the mask if we're not going to use it.
    +    Use the previously unused S390_ARCH_FAC_MASK_SIZE_U64 instead of
    +    S390_ARCH_FAC_LIST_SIZE_U64 for defining the fac_mask array.
    +    Note that both values are the same, there is no functional change.
     
    -    Fixes: 9d8d578605b4 ("KVM: s390: use facilities and cpu_id per KVM")
         Signed-off-by: Nina Schoetterl-Glausch <nsg@...ux.ibm.com>
     
      ## arch/s390/include/asm/kvm_host.h ##
4:  b6a18de5a089 = 4:  2745898a22c3 KVM: s390: Minor refactor of base/ext facility lists

base-commit: 05d3ef8bba77c1b5f98d941d8b2d4aeab8118ef1
-- 
2.39.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ