Re: [PATCH v2] KVM: s390: Introduce storage key removal facility

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 9/7/20 6:30 PM, Cornelia Huck wrote:
> On Mon,  7 Sep 2020 10:33:52 -0400
> Janosch Frank <frankja@xxxxxxxxxxxxx> wrote:
> 
>> The storage key removal facility makes skey related instructions
>> result in special operation program exceptions. It is based on the
>> Keyless Subset Facility.
>>
>> The usual suspects are iske, sske, rrbe and their respective
>> variants. lpsw(e), pfmf and tprot can also specify a key and essa with
>> an ORC of 4 will consult the change bit, hence they all result in
>> exceptions.
>>
>> Unfortunately storage keys were so essential to the architecture, that
>> there is no facility bit that we could deactivate. That's why the
>> removal facility (bit 169) was introduced which makes it necessary,
>> that, if active, the skey related facilities 10, 14, 66, 145 and 149
>> are zero. Managing this requirement and migratability has to be done
>> in userspace, as KVM does not check the facilities it receives to be
>> able to easily implement userspace emulation.
>>
>> Removing storage key support allows us to circumvent complicated
>> emulation code and makes huge page support tremendously easier.
>>
>> Signed-off-by: Janosch Frank <frankja@xxxxxxxxxxxxx>
>> ---
>>
>> v2:
>> 	* Removed the likely
>> 	* Updated and re-shuffeled the comments which had the wrong information
>>
>> ---
>>  arch/s390/kvm/intercept.c | 40 ++++++++++++++++++++++++++++++++++++++-
>>  arch/s390/kvm/kvm-s390.c  |  5 +++++
>>  arch/s390/kvm/priv.c      | 26 ++++++++++++++++++++++---
>>  3 files changed, 67 insertions(+), 4 deletions(-)
>>
>> diff --git a/arch/s390/kvm/intercept.c b/arch/s390/kvm/intercept.c
>> index e7a7c499a73f..983647ea2abe 100644
>> --- a/arch/s390/kvm/intercept.c
>> +++ b/arch/s390/kvm/intercept.c
>> @@ -33,6 +33,7 @@ u8 kvm_s390_get_ilen(struct kvm_vcpu *vcpu)
>>  	case ICPT_OPEREXC:
>>  	case ICPT_PARTEXEC:
>>  	case ICPT_IOINST:
>> +	case ICPT_KSS:
>>  		/* instruction only stored for these icptcodes */
>>  		ilen = insn_length(vcpu->arch.sie_block->ipa >> 8);
>>  		/* Use the length of the EXECUTE instruction if necessary */
>> @@ -565,7 +566,44 @@ int kvm_handle_sie_intercept(struct kvm_vcpu *vcpu)
>>  		rc = handle_partial_execution(vcpu);
>>  		break;
>>  	case ICPT_KSS:
>> -		rc = kvm_s390_skey_check_enable(vcpu);
>> +		if (!test_kvm_facility(vcpu->kvm, 169)) {
>> +			rc = kvm_s390_skey_check_enable(vcpu);
>> +		} else {
> 
> <bikeshed>Introduce a helper function? This is getting a bit hard to
> read.</bikeshed>
> 
>> +			/*
>> +			 * Storage key removal facility emulation.
>> +			 *
>> +			 * KSS is the same priority as an instruction
>> +			 * interception. Hence we need handling here
>> +			 * and in the instruction emulation code.
>> +			 *
>> +			 * KSS is nullifying (no psw forward), SKRF
>> +			 * issues suppressing SPECIAL OPS, so we need
>> +			 * to forward by hand.
>> +			 */
>> +			switch (vcpu->arch.sie_block->ipa) {
>> +			case 0xb2b2:
>> +				kvm_s390_forward_psw(vcpu, kvm_s390_get_ilen(vcpu));
>> +				rc = kvm_s390_handle_b2(vcpu);
>> +				break;
>> +			case 0x8200:
> 
> Can we have speaking names? I can only guess that this is an lpsw...

You can only guess from the kvm_s390_handle_lpsw() call below? ;-)

I'd be happy to put this into an own function and add some comments to
the cases where we lack them. However, I don't really want to define
constants for speaking names.

> 
>> +				kvm_s390_forward_psw(vcpu, kvm_s390_get_ilen(vcpu));
>> +				rc = kvm_s390_handle_lpsw(vcpu);
>> +				break;
>> +			case 0:
>> +				/*
>> +				 * Interception caused by a key in a
>> +				 * exception new PSW mask. The guest
>> +				 * PSW has already been updated to the
>> +				 * non-valid PSW so we only need to
>> +				 * inject a PGM.
>> +				 */
>> +				rc = kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);
>> +				break;
>> +			default:
>> +				kvm_s390_forward_psw(vcpu, kvm_s390_get_ilen(vcpu));
>> +				rc = kvm_s390_inject_program_int(vcpu, PGM_SPECIAL_OPERATION);
>> +			}
>> +		}
>>  		break;
>>  	case ICPT_MCHKREQ:
>>  	case ICPT_INT_ENABLE:
> 


Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Kernel Development]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite Info]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Linux Media]     [Device Mapper]

  Powered by Linux