lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20231129143529.260264-1-akrowiak@linux.ibm.com>
Date:   Wed, 29 Nov 2023 09:35:24 -0500
From:   Tony Krowiak <akrowiak@...ux.ibm.com>
To:     linux-s390@...r.kernel.org, linux-kernel@...r.kernel.org,
        kvm@...r.kernel.org
Cc:     jjherne@...ux.ibm.com, pasic@...ux.ibm.com,
        alex.williamson@...hat.com, borntraeger@...ux.ibm.com,
        kwankhede@...dia.com, frankja@...ux.ibm.com,
        imbrenda@...ux.ibm.com, david@...hat.com
Subject: [PATCH] s390/vfio-ap: handle response code 01 on queue reset

In the current implementation, response code 01 (AP queue number not valid)
is handled as a default case along with other response codes returned from
a queue reset operation that are not handled specifically. Barring a bug,
response code 01 will occur only when a queue has been externally removed
from the host's AP configuration; nn this case, the queue must
be reset by the machine in order to avoid leaking crypto data if/when the
queue is returned to the host's configuration. The response code 01 case
will be handled specifically by logging a WARN message followed by cleaning
up the IRQ resources.

Signed-off-by: Tony Krowiak <akrowiak@...ux.ibm.com>
---
 drivers/s390/crypto/vfio_ap_ops.c | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/drivers/s390/crypto/vfio_ap_ops.c b/drivers/s390/crypto/vfio_ap_ops.c
index 4db538a55192..91d6334574d8 100644
--- a/drivers/s390/crypto/vfio_ap_ops.c
+++ b/drivers/s390/crypto/vfio_ap_ops.c
@@ -1652,6 +1652,21 @@ static int apq_status_check(int apqn, struct ap_queue_status *status)
 		 * a value indicating a reset needs to be performed again.
 		 */
 		return -EAGAIN;
+	case AP_RESPONSE_Q_NOT_AVAIL:
+		/*
+		 * This response code indicates the queue is not available.
+		 * Barring a bug, response code 01 will occur only when a queue
+		 * has been externally removed from the host's AP configuration;
+		 * in which case, the queue must be reset by the machine in
+		 * order to avoid leaking crypto data if/when the queue is
+		 * returned to the host's configuration. In this case, let's go
+		 * ahead and log a warning message and return 0 so the AQIC
+		 * resources get cleaned up by the caller.
+		 */
+		WARN(true,
+		     "Unable to reset queue %02x.%04x: not in host AP configuration\n",
+		     AP_QID_CARD(apqn), AP_QID_QUEUE(apqn));
+			return 0;
 	default:
 		WARN(true,
 		     "failed to verify reset of queue %02x.%04x: TAPQ rc=%u\n",
@@ -1736,6 +1751,22 @@ static void vfio_ap_mdev_reset_queue(struct vfio_ap_queue *q)
 		q->reset_status.response_code = 0;
 		vfio_ap_free_aqic_resources(q);
 		break;
+	case AP_RESPONSE_Q_NOT_AVAIL:
+		/*
+		 * This response code indicates the queue is not available.
+		 * Barring a bug, response code 01 will occur only when a queue
+		 * has been externally removed from the host's AP configuration;
+		 * in which case, the queue must be reset by the machine in
+		 * order to avoid leaking crypto data if/when the queue is
+		 * returned to the host's configuration. In this case, let's go
+		 * ahead and log a warning message then clean up the AQIC
+		 * resources.
+		 */
+		WARN(true,
+		     "Unable to reset queue %02x.%04x: not in host AP configuration\n",
+		     AP_QID_CARD(q->apqn), AP_QID_QUEUE(q->apqn));
+		vfio_ap_free_aqic_resources(q);
+		break;
 	default:
 		WARN(true,
 		     "PQAP/ZAPQ for %02x.%04x failed with invalid rc=%u\n",
-- 
2.41.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ