[RFC,v1,00/10] KVM: s390: Do storage key checking

Message ID	20220118095210.1651483-1-scgl@linux.ibm.com (mailing list archive)
Headers	show Return-Path: <kvm-owner@kernel.org> From: Janis Schoetterl-Glausch <scgl@linux.ibm.com> To: Alexander Gordeev <agordeev@linux.ibm.com>, Christian Borntraeger <borntraeger@linux.ibm.com>, David Hildenbrand <david@redhat.com>, Heiko Carstens <hca@linux.ibm.com>, Janosch Frank <frankja@linux.ibm.com>, Nico Boehr <nrb@linux.ibm.com>, Paolo Bonzini <pbonzini@redhat.com>, Sven Schnelle <svens@linux.ibm.com>, Vasily Gorbik <gor@linux.ibm.com> Cc: Janis Schoetterl-Glausch <scgl@linux.ibm.com>, Claudio Imbrenda <imbrenda@linux.ibm.com>, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org Subject: [RFC PATCH v1 00/10] KVM: s390: Do storage key checking Date: Tue, 18 Jan 2022 10:52:00 +0100 Message-Id: <20220118095210.1651483-1-scgl@linux.ibm.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	KVM: s390: Do storage key checking \| expand [RFC,v1,00/10] KVM: s390: Do storage key checking [RFC,v1,02/10] KVM: s390: Honor storage keys when accessing guest memory [RFC,v1,03/10] KVM: s390: handle_tprot: Honor storage keys [RFC,v1,04/10] KVM: s390: selftests: Test TEST PROTECTION emulation [RFC,v1,05/10] KVM: s390: Add optional storage key checking to MEMOP IOCTL [RFC,v1,06/10] KVM: s390: Add vm IOCTL for key checked guest absolute memory access [RFC,v1,07/10] KVM: s390: Rename existing vcpu memop functions [RFC,v1,08/10] KVM: s390: selftests: Test memops with storage keys [RFC,v1,09/10] KVM: s390: Add capability for storage key extension of MEM_OP IOCTL [RFC,v1,10/10] KVM: s390: selftests: Make use of capability in MEM_OP test

Message ID

20220118095210.1651483-1-scgl@linux.ibm.com (mailing list archive)

Headers

From: Janis Schoetterl-Glausch <scgl@linux.ibm.com>
To: Alexander Gordeev <agordeev@linux.ibm.com>,
        Christian Borntraeger <borntraeger@linux.ibm.com>,
        David Hildenbrand <david@redhat.com>,
        Heiko Carstens <hca@linux.ibm.com>,
        Janosch Frank <frankja@linux.ibm.com>,
        Nico Boehr <nrb@linux.ibm.com>,
        Paolo Bonzini <pbonzini@redhat.com>,
        Sven Schnelle <svens@linux.ibm.com>,
        Vasily Gorbik <gor@linux.ibm.com>
Cc: Janis Schoetterl-Glausch <scgl@linux.ibm.com>,
        Claudio Imbrenda <imbrenda@linux.ibm.com>, kvm@vger.kernel.org,
        linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org
Subject: [RFC PATCH v1 00/10] KVM: s390: Do storage key checking
Date: Tue, 18 Jan 2022 10:52:00 +0100
Message-Id: <20220118095210.1651483-1-scgl@linux.ibm.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

KVM: s390: Do storage key checking | expand

Message

Janis Schoetterl-Glausch Jan. 18, 2022, 9:52 a.m. UTC

Check keys when emulating instructions and let user space do key checked
accesses.
User space can do so via an extension of the MEMOP IOCTL:
* allow optional key checking
* allow MEMOP on vm fd, so key checked accesses on absolute memory
  become possible

TODO:
* Documentation changes for MEMOP
* Consider redesign of capability for MEMOP

Janis Schoetterl-Glausch (10):
  s390/uaccess: Add storage key checked access to user memory
  KVM: s390: Honor storage keys when accessing guest memory
  KVM: s390: handle_tprot: Honor storage keys
  KVM: s390: selftests: Test TEST PROTECTION emulation
  KVM: s390: Add optional storage key checking to MEMOP IOCTL
  KVM: s390: Add vm IOCTL for key checked guest absolute memory access
  KVM: s390: Rename existing vcpu memop functions
  KVM: s390: selftests: Test memops with storage keys
  KVM: s390: Add capability for storage key extension of MEM_OP IOCTL
  KVM: s390: selftests: Make use of capability in MEM_OP test

 arch/s390/include/asm/ctl_reg.h           |   2 +
 arch/s390/include/asm/page.h              |   2 +
 arch/s390/include/asm/uaccess.h           |  32 ++
 arch/s390/kvm/gaccess.c                   | 237 ++++++++-
 arch/s390/kvm/gaccess.h                   |  85 +++-
 arch/s390/kvm/intercept.c                 |  12 +-
 arch/s390/kvm/kvm-s390.c                  | 122 ++++-
 arch/s390/kvm/priv.c                      |  66 +--
 arch/s390/lib/uaccess.c                   |  57 ++-
 include/uapi/linux/kvm.h                  |   4 +
 tools/testing/selftests/kvm/.gitignore    |   1 +
 tools/testing/selftests/kvm/Makefile      |   1 +
 tools/testing/selftests/kvm/s390x/memop.c | 560 +++++++++++++++++++---
 tools/testing/selftests/kvm/s390x/tprot.c | 184 +++++++
 14 files changed, 1207 insertions(+), 158 deletions(-)
 create mode 100644 tools/testing/selftests/kvm/s390x/tprot.c


base-commit: bad13799e0305deb258372b7298a86be4c78aaba
prerequisite-patch-id: 5f8ae41bde2fa5717a775e17c08239ed1ddbcc83