Received: by 2002:a25:868d:0:0:0:0:0 with SMTP id z13csp777512ybk; Wed, 20 May 2020 11:41:10 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyHnh5vIRZOTfALBS+5HAH58PMugCNN9RzYsF3p976fyU7hi4IGe2bUZdzLg5LcPpb3gWPP X-Received: by 2002:a50:8307:: with SMTP id 7mr4718827edh.283.1590000070171; Wed, 20 May 2020 11:41:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1590000070; cv=none; d=google.com; s=arc-20160816; b=s5mBCFrSSOxwlsCeg4ITVjp93A54gPMyqltcuA8EyAidDfLhGSCt7Niy5H2K7aSiWE 0nH5oKTdOD/4tV3uUDF3bG2dAHfwOVePyd79NHJFxyzIH19ZqKEq5EJqrMH8BfNXM+nC q6qrzbjDZ0LMaW7uZdQ0tcwrpOOcrEb6zifCREFebq8J5diPjK68JjxLQzdJ114Up7YD WVGDi//wj7K/DE6gwuIfLFv8aYkXOn7chK0sEOmDPv1r48wjzk/rTTePae8NrlWICQ3N EEhUsgEXcw5dkZpYx+ZLZ0zh9e4T7XKdLs+3c+4sD8xZu4n91nWvoR+zQhTPzX9fQfVR BR9A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date; bh=imno0EdbMtyEVL4/v/O/ekEX4QpwMY9TvjLlhbcNsQc=; b=MdooZ+l9gP/CzkOkNWhCBEUzlk/V1A8I2Nlq9gXAC03G2u/Vb13P64dr/+REAohSQM ojQ0m9qUC9MYr/wnu4SXyFNDjalDDq2cYgMLDBKBNOJ3OyxGZAGkCaVNTo4jqi9nOX+J DboGTAfv3yvlodtLqvQrLmYh9w2/qPDbeim9XgdAN2VTQXt68rUOMduVQqppCu5ClFZk 5eeAxEQ7bd50jW5FSisnYfW6tuJqxH2fVztqMFLqkqB9pht9nkwAkmUCW+CnxEN4MiVW s2bAoc9RzxVt8DFyD9jat1jglNxqBspy+dxpl1APsFJgUTT6+lG2XX1H3RyHKTLI5D6P uKqA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id p2si1883898edx.419.2020.05.20.11.40.47; Wed, 20 May 2020 11:41:10 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726847AbgETSjM (ORCPT + 99 others); Wed, 20 May 2020 14:39:12 -0400 Received: from 1.mo173.mail-out.ovh.net ([178.33.111.180]:51486 "EHLO 1.mo173.mail-out.ovh.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726510AbgETSjM (ORCPT ); Wed, 20 May 2020 14:39:12 -0400 X-Greylist: delayed 925 seconds by postgrey-1.27 at vger.kernel.org; Wed, 20 May 2020 14:39:11 EDT Received: from player792.ha.ovh.net (unknown [10.110.103.180]) by mo173.mail-out.ovh.net (Postfix) with ESMTP id 2D00213CDD9 for ; Wed, 20 May 2020 20:23:45 +0200 (CEST) Received: from kaod.org (lns-bzn-46-82-253-208-248.adsl.proxad.net [82.253.208.248]) (Authenticated sender: groug@kaod.org) by player792.ha.ovh.net (Postfix) with ESMTPSA id 6F0A9129C9408; Wed, 20 May 2020 18:23:37 +0000 (UTC) Authentication-Results: garm.ovh; auth=pass (GARM-101G00477dc0413-69de-485b-8c2c-a864b1457d08,D4AE9CB3A4750E3488E7135F1D4D455A9A9A4933) smtp.auth=groug@kaod.org Date: Wed, 20 May 2020 20:23:36 +0200 From: Greg Kurz To: Laurent Dufour Cc: kvm-ppc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org, paulus@samba.org, mpe@ellerman.id.au, sukadev@linux.ibm.com, linuxram@us.ibm.com Subject: Re: [PATCH v2] KVM: PPC: Book3S HV: relax check on H_SVM_INIT_ABORT Message-ID: <20200520202336.661ae973@bahia.lan> In-Reply-To: <20200520174308.77820-1-ldufour@linux.ibm.com> References: <20200520193259.0b66db32@bahia.lan> <20200520174308.77820-1-ldufour@linux.ibm.com> X-Mailer: Claws Mail 3.17.4 (GTK+ 2.24.32; x86_64-redhat-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Ovh-Tracer-Id: 8480559574304070084 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: -100 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgeduhedruddtledguddvvdcutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemucehtddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjughrpeffhffvuffkjghfofggtgfgsehtjeertdertddvnecuhfhrohhmpefirhgvghcumfhurhiiuceoghhrohhugheskhgrohgurdhorhhgqeenucggtffrrghtthgvrhhnpeehkefhtdehgeehheejledufeekhfdvleefvdeihefhkefhudffhfeuuedvffdthfenucfkpheptddrtddrtddrtddpkedvrddvheefrddvtdekrddvgeeknecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmohguvgepshhmthhpqdhouhhtpdhhvghlohepphhlrgihvghrjeelvddrhhgrrdhovhhhrdhnvghtpdhinhgvtheptddrtddrtddrtddpmhgrihhlfhhrohhmpehgrhhouhhgsehkrghougdrohhrghdprhgtphhtthhopehlihhnuhigqdhkvghrnhgvlhesvhhgvghrrdhkvghrnhgvlhdrohhrgh Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 20 May 2020 19:43:08 +0200 Laurent Dufour wrote: > The commit 8c47b6ff29e3 ("KVM: PPC: Book3S HV: Check caller of H_SVM_* > Hcalls") added checks of secure bit of SRR1 to filter out the Hcall > reserved to the Ultravisor. > > However, the Hcall H_SVM_INIT_ABORT is made by the Ultravisor passing the > context of the VM calling UV_ESM. This allows the Hypervisor to return to > the guest without going through the Ultravisor. Thus the Secure bit of SRR1 > is not set in that particular case. > > In the case a regular VM is calling H_SVM_INIT_ABORT, this hcall will be > filtered out in kvmppc_h_svm_init_abort() because kvm->arch.secure_guest is > not set in that case. > > Fixes: 8c47b6ff29e3 ("KVM: PPC: Book3S HV: Check caller of H_SVM_* Hcalls") > Signed-off-by: Laurent Dufour > --- Reviewed-by: Greg Kurz > arch/powerpc/kvm/book3s_hv.c | 9 ++++++--- > 1 file changed, 6 insertions(+), 3 deletions(-) > > diff --git a/arch/powerpc/kvm/book3s_hv.c b/arch/powerpc/kvm/book3s_hv.c > index 93493f0cbfe8..6ad1a3b14300 100644 > --- a/arch/powerpc/kvm/book3s_hv.c > +++ b/arch/powerpc/kvm/book3s_hv.c > @@ -1099,9 +1099,12 @@ int kvmppc_pseries_do_hcall(struct kvm_vcpu *vcpu) > ret = kvmppc_h_svm_init_done(vcpu->kvm); > break; > case H_SVM_INIT_ABORT: > - ret = H_UNSUPPORTED; > - if (kvmppc_get_srr1(vcpu) & MSR_S) > - ret = kvmppc_h_svm_init_abort(vcpu->kvm); > + /* > + * Even if that call is made by the Ultravisor, the SSR1 value > + * is the guest context one, with the secure bit clear as it has > + * not yet been secured. So we can't check it here. > + */ > + ret = kvmppc_h_svm_init_abort(vcpu->kvm); > break; > > default: