Received: by 10.192.165.148 with SMTP id m20csp805898imm; Fri, 27 Apr 2018 07:49:17 -0700 (PDT) X-Google-Smtp-Source: AB8JxZpwhGoJt1TR+ZsoilCeAHtTt+2Fe/MSdodA7nItahVCx+l408raoCRmUO0teeaLuvZQFtah X-Received: by 10.167.129.85 with SMTP id d21mr2452714pfn.79.1524840556969; Fri, 27 Apr 2018 07:49:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1524840556; cv=none; d=google.com; s=arc-20160816; b=X9r/mhWU/i+ljICOlNMvn6AvZwt2GOUlGZntqyvc02u77pBvU/Uzcc82YcvLKlygpr 0BdDD2X/p0IU/2KUk7v9ajrui8hsX0hOGR65t2HxP6w5HqMDgyyNbgkomtzO744AXSAG coxHhZ3crB+lijr0dl1W40kqP3/+M7/okMZLXba74c7rKrLNZ+xT5++znPllDmkgN6sa Axn79Cr1e60+j2Fp2QiOrnTYxKkqeG9dgQrV7zAIev+U5EPkbgGA6UXjRTdZy0ALqdD7 ib6xSnOoV5TKL+aLUb0Kemx1pqQcHkyuMu5VhmGFhpXy+E8t3X48gsJ1QusxCJED5bjA WAvw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from:dmarc-filter :arc-authentication-results; bh=zNR1Q2KZrav4FhphmC/Cz0uuCPWVNO14juWWPAKittQ=; b=bTMWp8qqR/rJRff3xyiQtJ+K7M7cvFFHqDguZ8guA6WABP/0Pa483N/aw6IYkbRvxx vQH6qbsYDGaSe6F8uieByrea2w20oMz151bCj/DIEejUxqinyDoCTX+3o24t9NxiWIBx 9eJecz9CnU2/IJ4jKB/RhC/q2RPwr80fZuy61q+Pa2ZWUUVvX2SYKYPxvHab6G7Jur7B 6pk9Iy0GigdgR/VFvJTEYjPUN4/kr4Qqy2bqxp1MJr8AlhZmrX4D8ANTlqC5oM45y/nB hQ1VBWqkMP9VbPGqqosRCysGKwkyJ2RsvR2A0EtpMcG2hrxwzs69CqhhYeXsM7Ebd8/k vGpA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y22-v6si1359639pll.161.2018.04.27.07.49.02; Fri, 27 Apr 2018 07:49:16 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S934394AbeD0OH6 (ORCPT + 99 others); Fri, 27 Apr 2018 10:07:58 -0400 Received: from mail.kernel.org ([198.145.29.99]:53610 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S934379AbeD0OHx (ORCPT ); Fri, 27 Apr 2018 10:07:53 -0400 Received: from localhost (LFbn-1-12247-202.w90-92.abo.wanadoo.fr [90.92.61.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 7944B21892; Fri, 27 Apr 2018 14:07:52 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 7944B21892 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linuxfoundation.org Authentication-Results: mail.kernel.org; spf=fail smtp.mailfrom=gregkh@linuxfoundation.org From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Martin Schwidefsky , Christian Borntraeger , Janosch Frank , David Hildenbrand Subject: [PATCH 4.14 51/80] KVM: s390: force bp isolation for VSIE Date: Fri, 27 Apr 2018 15:58:44 +0200 Message-Id: <20180427135735.535700520@linuxfoundation.org> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20180427135732.928644313@linuxfoundation.org> References: <20180427135732.928644313@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.14-stable review patch. If anyone has any objections, please let me know. ------------------ From: Martin Schwidefsky From: Christian Borntraeger [ Upstream commit f315104ad8b0c32be13eac628569ae707c332cb5 ] If the guest runs with bp isolation when doing a SIE instruction, we must also run the nested guest with bp isolation when emulating that SIE instruction. This is done by activating BPBC in the lpar, which acts as an override for lower level guests. Signed-off-by: Christian Borntraeger Reviewed-by: Janosch Frank Reviewed-by: David Hildenbrand Signed-off-by: Christian Borntraeger Signed-off-by: Martin Schwidefsky Signed-off-by: Greg Kroah-Hartman --- arch/s390/kvm/vsie.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) --- a/arch/s390/kvm/vsie.c +++ b/arch/s390/kvm/vsie.c @@ -831,6 +831,7 @@ static int do_vsie_run(struct kvm_vcpu * { struct kvm_s390_sie_block *scb_s = &vsie_page->scb_s; struct kvm_s390_sie_block *scb_o = vsie_page->scb_o; + int guest_bp_isolation; int rc; handle_last_fault(vcpu, vsie_page); @@ -841,6 +842,20 @@ static int do_vsie_run(struct kvm_vcpu * s390_handle_mcck(); srcu_read_unlock(&vcpu->kvm->srcu, vcpu->srcu_idx); + + /* save current guest state of bp isolation override */ + guest_bp_isolation = test_thread_flag(TIF_ISOLATE_BP_GUEST); + + /* + * The guest is running with BPBC, so we have to force it on for our + * nested guest. This is done by enabling BPBC globally, so the BPBC + * control in the SCB (which the nested guest can modify) is simply + * ignored. + */ + if (test_kvm_facility(vcpu->kvm, 82) && + vcpu->arch.sie_block->fpf & FPF_BPBC) + set_thread_flag(TIF_ISOLATE_BP_GUEST); + local_irq_disable(); guest_enter_irqoff(); local_irq_enable(); @@ -850,6 +865,11 @@ static int do_vsie_run(struct kvm_vcpu * local_irq_disable(); guest_exit_irqoff(); local_irq_enable(); + + /* restore guest state for bp isolation override */ + if (!guest_bp_isolation) + clear_thread_flag(TIF_ISOLATE_BP_GUEST); + vcpu->srcu_idx = srcu_read_lock(&vcpu->kvm->srcu); if (rc == -EINTR) {