Received: by 10.192.165.148 with SMTP id m20csp832732imm; Fri, 27 Apr 2018 08:12:57 -0700 (PDT) X-Google-Smtp-Source: AB8JxZok7Pn70YJoLJ96qKkLQCGRX36oEOl3mhgOou0j/qJ7DpKP9EgzsWFy4q8vcOzT//q3yz9U X-Received: by 2002:a17:902:9a8c:: with SMTP id w12-v6mr2677162plp.333.1524841977776; Fri, 27 Apr 2018 08:12:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1524841977; cv=none; d=google.com; s=arc-20160816; b=mhDiFTvm8gLvsC/dfmu84JtJu+PKwy39REPV+LFBHDD2aclSMfiBvm6eJJfvZ6VJAC wc9egONDjZR2PoRcijtzfmBmLGawZp3zs79IpYnn/ZTU8cxNqk835CQ4umnhBSYxB0qc H+YycLwRXoRwwKI9lnY2sI2998qclExK31mK1LUg1MS4f+5I861qbCoNflAwUf9GaiK6 e9AvSF2UYOSn12ZGURlSXzTh/H8p1fu0knggqA8TmSRp1dFh8+eExxB/MDqX8Lyqr/kt Cvr47bQZt0OjkVKWyt4Od1IqD/ecHMz8Vlhnx/Ivd+8VRN6nQPZ6sXdHuXJPZx6R1Um0 2bIQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from:dmarc-filter :arc-authentication-results; bh=M7KvcBf49SmgBzJdQ3Kr/GC17gDEUcJWJPX8dlWCzwg=; b=M0sL2UzwuH1Qmy+yremzFxxpi6vMVXhnU1KAn0w/aNTAkgwQfve+MuZIHfniJFQEKt 5mOJ0SqQhpDp+rcOt8Cd7H1zjo1A/a0RBYW0CcRTgiTZsIYESIN7qYXOMfLWcWcOHz6E MQAGeGerSLGzPK0LpBRDKEqWHJ5E3lZxrrSwp5ngKAUYCDZLA1JRhhzjW16vdAeHQD8B xAlnw4ZGM0w6fvMwRuOp0PXnCtz/N58fwrC83tiQYjMqQ3wE87KDdzkYIug2Zdh+9hJG 6Lcc1+U4PH9WZ1JJgL4OllXkdX7/mmbw5i3w0y2/myKr4MEWcSjRSezZJjs3g8jUWN5B RQMg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 33-v6si1402346pll.332.2018.04.27.08.12.43; Fri, 27 Apr 2018 08:12:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933642AbeD0OEH (ORCPT + 99 others); Fri, 27 Apr 2018 10:04:07 -0400 Received: from mail.kernel.org ([198.145.29.99]:50462 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933596AbeD0OED (ORCPT ); Fri, 27 Apr 2018 10:04:03 -0400 Received: from localhost (LFbn-1-12247-202.w90-92.abo.wanadoo.fr [90.92.61.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 5DC7221890; Fri, 27 Apr 2018 14:04:02 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 5DC7221890 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linuxfoundation.org Authentication-Results: mail.kernel.org; spf=fail smtp.mailfrom=gregkh@linuxfoundation.org From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Martin Schwidefsky , Christian Borntraeger , Janosch Frank , David Hildenbrand Subject: [PATCH 4.9 37/74] KVM: s390: force bp isolation for VSIE Date: Fri, 27 Apr 2018 15:58:27 +0200 Message-Id: <20180427135711.467958579@linuxfoundation.org> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20180427135709.899303463@linuxfoundation.org> References: <20180427135709.899303463@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.9-stable review patch. If anyone has any objections, please let me know. ------------------ From: Martin Schwidefsky From: Christian Borntraeger [ Upstream commit f315104ad8b0c32be13eac628569ae707c332cb5 ] If the guest runs with bp isolation when doing a SIE instruction, we must also run the nested guest with bp isolation when emulating that SIE instruction. This is done by activating BPBC in the lpar, which acts as an override for lower level guests. Signed-off-by: Christian Borntraeger Reviewed-by: Janosch Frank Reviewed-by: David Hildenbrand Signed-off-by: Christian Borntraeger Signed-off-by: Martin Schwidefsky Signed-off-by: Greg Kroah-Hartman --- arch/s390/kvm/vsie.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) --- a/arch/s390/kvm/vsie.c +++ b/arch/s390/kvm/vsie.c @@ -764,6 +764,7 @@ static int do_vsie_run(struct kvm_vcpu * { struct kvm_s390_sie_block *scb_s = &vsie_page->scb_s; struct kvm_s390_sie_block *scb_o = vsie_page->scb_o; + int guest_bp_isolation; int rc; handle_last_fault(vcpu, vsie_page); @@ -774,6 +775,20 @@ static int do_vsie_run(struct kvm_vcpu * s390_handle_mcck(); srcu_read_unlock(&vcpu->kvm->srcu, vcpu->srcu_idx); + + /* save current guest state of bp isolation override */ + guest_bp_isolation = test_thread_flag(TIF_ISOLATE_BP_GUEST); + + /* + * The guest is running with BPBC, so we have to force it on for our + * nested guest. This is done by enabling BPBC globally, so the BPBC + * control in the SCB (which the nested guest can modify) is simply + * ignored. + */ + if (test_kvm_facility(vcpu->kvm, 82) && + vcpu->arch.sie_block->fpf & FPF_BPBC) + set_thread_flag(TIF_ISOLATE_BP_GUEST); + local_irq_disable(); guest_enter_irqoff(); local_irq_enable(); @@ -783,6 +798,11 @@ static int do_vsie_run(struct kvm_vcpu * local_irq_disable(); guest_exit_irqoff(); local_irq_enable(); + + /* restore guest state for bp isolation override */ + if (!guest_bp_isolation) + clear_thread_flag(TIF_ISOLATE_BP_GUEST); + vcpu->srcu_idx = srcu_read_lock(&vcpu->kvm->srcu); if (rc > 0)