| Message ID | 1534956717-14087-3-git-send-email-pmorel@linux.ibm.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | KVM: s390: vsie: Consolidate CRYCB validation | expand |
On 22.08.2018 18:51, Pierre Morel wrote: > As the comment above the function suggested the shadowing > of the guest2 CRYCB can only accept a format 1 since > AP instructions are not supported in the guest. > > Let's modify the check which allowed to accept a format 2 too. As the bit is ignored without AP/APXA, it is perfectly valid to accept a format 2, we just have to interpret it as format 1 (which is what we do) What am I missing? > > Signed-off-by: Pierre Morel <pmorel@linux.ibm.com> > --- > arch/s390/kvm/vsie.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/arch/s390/kvm/vsie.c b/arch/s390/kvm/vsie.c > index 12b9707..56a9d47 100644 > --- a/arch/s390/kvm/vsie.c > +++ b/arch/s390/kvm/vsie.c > @@ -156,7 +156,9 @@ static int shadow_crycb(struct kvm_vcpu *vcpu, struct vsie_page *vsie_page) > u8 ecb3_flags; > > scb_s->crycbd = 0; > - if (!(crycbd_o & vcpu->arch.sie_block->crycbd & CRYCB_FORMAT1)) > + if (!(crycbd_o == CRYCB_FORMAT1)) > + return 0; huh, this looks very broken. The address is still in there. > + if (!(vcpu->arch.sie_block->crycbd & CRYCB_FORMAT1)) > return 0; > /* format-1 is supported with message-security-assist extension 3 */ > if (!test_kvm_facility(vcpu->kvm, 76)) >
On 22/08/2018 18:55, David Hildenbrand wrote: > On 22.08.2018 18:51, Pierre Morel wrote: >> As the comment above the function suggested the shadowing >> of the guest2 CRYCB can only accept a format 1 since >> AP instructions are not supported in the guest. >> >> Let's modify the check which allowed to accept a format 2 too. > > As the bit is ignored without AP/APXA, it is perfectly valid to accept a > format 2, we just have to interpret it as format 1 (which is what we do) > > What am I missing? > Nothing. I was still having AP interpretation in mind. >> >> Signed-off-by: Pierre Morel <pmorel@linux.ibm.com> >> --- >> arch/s390/kvm/vsie.c | 4 +++- >> 1 file changed, 3 insertions(+), 1 deletion(-) >> >> diff --git a/arch/s390/kvm/vsie.c b/arch/s390/kvm/vsie.c >> index 12b9707..56a9d47 100644 >> --- a/arch/s390/kvm/vsie.c >> +++ b/arch/s390/kvm/vsie.c >> @@ -156,7 +156,9 @@ static int shadow_crycb(struct kvm_vcpu *vcpu, struct vsie_page *vsie_page) >> u8 ecb3_flags; >> >> scb_s->crycbd = 0; >> - if (!(crycbd_o & vcpu->arch.sie_block->crycbd & CRYCB_FORMAT1)) >> + if (!(crycbd_o == CRYCB_FORMAT1)) >> + return 0; > > huh, this looks very broken. The address is still in there. completely broken you are right anyway this broken useless patch disappear. Thanks, regards, Pierre
diff --git a/arch/s390/kvm/vsie.c b/arch/s390/kvm/vsie.c index 12b9707..56a9d47 100644 --- a/arch/s390/kvm/vsie.c +++ b/arch/s390/kvm/vsie.c @@ -156,7 +156,9 @@ static int shadow_crycb(struct kvm_vcpu *vcpu, struct vsie_page *vsie_page) u8 ecb3_flags; scb_s->crycbd = 0; - if (!(crycbd_o & vcpu->arch.sie_block->crycbd & CRYCB_FORMAT1)) + if (!(crycbd_o == CRYCB_FORMAT1)) + return 0; + if (!(vcpu->arch.sie_block->crycbd & CRYCB_FORMAT1)) return 0; /* format-1 is supported with message-security-assist extension 3 */ if (!test_kvm_facility(vcpu->kvm, 76))
As the comment above the function suggested the shadowing of the guest2 CRYCB can only accept a format 1 since AP instructions are not supported in the guest. Let's modify the check which allowed to accept a format 2 too. Signed-off-by: Pierre Morel <pmorel@linux.ibm.com> --- arch/s390/kvm/vsie.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)