From: Martin Schwidefsky <schwidefsky@de.ibm.com>
To: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Christian Borntraeger <borntraeger@de.ibm.com>,
David Hildenbrand <david@redhat.com>,
kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
Thomas Huth <thuth@redhat.com>,
Andreas Krebbel <krebbel@linux.vnet.ibm.com>
Subject: Re: [PATCH RFC 0/2] KVM: s390: avoid having to enable vm.alloc_pgste
Date: Thu, 8 Jun 2017 13:24:01 +0200 [thread overview]
Message-ID: <20170608132401.5eafacc4@mschwideX1> (raw)
In-Reply-To: <20170608062531.GA3266@osiris>
On Thu, 8 Jun 2017 08:25:31 +0200
Heiko Carstens <heiko.carstens@de.ibm.com> wrote:
> On Thu, Jun 08, 2017 at 07:35:28AM +0200, Martin Schwidefsky wrote:
> > On Wed, 7 Jun 2017 22:47:56 +0200
> > Heiko Carstens <heiko.carstens@de.ibm.com> wrote:
> > > On Wed, Jun 07, 2017 at 02:34:40PM +0200, Martin Schwidefsky wrote:
> > > > +#define arch_elf_pt_proc(ehdr, phdr, elf, interp, state) \
> > > > +({ \
> > > > + struct elf64_hdr *_ehdr = (void *) ehdr; \
> > > > + struct elf64_phdr *_phdr = (void *) phdr; \
> > > > + int _rc = 0; \
> > > > + if (_ehdr->e_ident[EI_CLASS] == ELFCLASS64 && \
> > > > + _phdr->p_type == PT_S390_REQUEST_PGSTE && \
> > > > + !page_table_allocate_pgste && \
> > > > + !test_thread_flag(TIF_REQUEST_PGSTE)) { \
> > > > + set_thread_flag(TIF_REQUEST_PGSTE); \
> > > > + set_pt_regs_flag(task_pt_regs(current), \
> > > > + PIF_SYSCALL_RESTART); \
> > > > + _rc = -EAGAIN; \
> > > > + } \
> > > > + _rc; \
> > > > +})
> > >
> > > I'm wondering if this should simply fail, if a PT_S390_REQUEST_PGSTE type
> > > segment exists, but it is not ELFCLASS64?
> > > It will fail later anyway on s390_enable_sie(), but...
> >
> > Does it matter if it fails for a 32-bit ELF file? Just makes the code more
> > complex without benefit, no?
>
> It would be more consistent, since right now a 32-bit ELF file with
> PT_S390_REQUEST_PGSTE will be exectuted, but the page tables won't have any
> pgstes. That's sort of odd, isn't it? And that later on it won't be able to
> create a virtual machine because our current implementation doesn't allow
> that for compat tasks is sort of unrelated.
> But anyway, I'll leave that up to you, it doesn't really matter.
Actually the code will be less complex if we add PT_S390_REQUEST_PGSTE for
32-bit ELF files as well. It does not make sense to define the segment for
a compat process as KVM won't work but you get what you ask for..
This looks like this:
#define arch_elf_pt_proc(ehdr, phdr, elf, interp, state) \
({ \
int _rc = 0; \
if (phdr->p_type == PT_S390_REQUEST_PGSTE && \
!page_table_allocate_pgste && \
!test_thread_flag(TIF_REQUEST_PGSTE)) { \
set_thread_flag(TIF_REQUEST_PGSTE); \
set_pt_regs_flag(task_pt_regs(current), \
PIF_SYSCALL_RESTART); \
_rc = -EAGAIN; \
} \
_rc; \
})
phdr is a (struct elf_phd *) which is either define to a a (struct elf64_phdr *)
or a (struct elf32_phdr *). The check works in both cases.
> >
> > > > diff --git a/arch/s390/include/asm/mmu_context.h b/arch/s390/include/asm/mmu_context.h
> > > > index c119d564d8f2..1201b18e817d 100644
> > > > --- a/arch/s390/include/asm/mmu_context.h
> > > > +++ b/arch/s390/include/asm/mmu_context.h
> > > > @@ -25,7 +25,8 @@ static inline int init_new_context(struct task_struct *tsk,
> > > > mm->context.gmap_asce = 0;
> > > > mm->context.flush_mm = 0;
> > > > #ifdef CONFIG_PGSTE
> > > > - mm->context.alloc_pgste = page_table_allocate_pgste;
> > > > + mm->context.alloc_pgste = page_table_allocate_pgste ||
> > > > + test_thread_flag(TIF_REQUEST_PGSTE);
> > >
> > > I think the alloc_pgste flag should be inherited on fork, no?
> >
> > Yes, that makes it more consistent. I'll add it.
>
> By the way, what prevents with the _current_ code a scenario like:
>
> - set allocate_pgste sysctl to 1
> - create kvm guest
> - s390_enable_sie
> - run vcpu
> - set allocate_pgste sysctl to 0
> - clone(... CLONE_FILES ...) (that is: new mm without pgstes, but shared fds)
> - [child] run vcpu
>
> Is there anything that makes sure we cannot execute the sie instruction in
> the child process?
Yes, that looks like a loop-hole.
--
blue skies,
Martin.
"Reality continues to ruin my life." - Calvin.
next prev parent reply other threads:[~2017-06-08 11:24 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-29 16:32 [PATCH RFC 0/2] KVM: s390: avoid having to enable vm.alloc_pgste David Hildenbrand
2017-05-29 16:32 ` [PATCH RFC 1/2] s390x: mm: allow mixed page table types (2k and 4k) David Hildenbrand
2017-06-01 11:39 ` Christian Borntraeger
2017-06-01 12:44 ` David Hildenbrand
2017-06-01 12:59 ` David Hildenbrand
2017-06-02 7:11 ` Christian Borntraeger
2017-05-29 16:32 ` [PATCH RFC 2/2] KVM: s390: Introduce KVM_VM_S390_LATE_MMAP David Hildenbrand
2017-06-01 10:46 ` [PATCH RFC 0/2] KVM: s390: avoid having to enable vm.alloc_pgste Martin Schwidefsky
2017-06-01 11:24 ` Christian Borntraeger
2017-06-01 11:27 ` David Hildenbrand
2017-06-02 7:06 ` Heiko Carstens
2017-06-02 7:02 ` Heiko Carstens
2017-06-02 7:13 ` Christian Borntraeger
2017-06-02 7:16 ` Martin Schwidefsky
2017-06-02 7:18 ` Christian Borntraeger
2017-06-02 7:25 ` Christian Borntraeger
2017-06-02 8:11 ` Martin Schwidefsky
2017-06-02 9:46 ` Martin Schwidefsky
2017-06-02 10:19 ` Christian Borntraeger
2017-06-02 10:53 ` Martin Schwidefsky
2017-06-02 13:20 ` Christian Borntraeger
2017-06-07 12:34 ` Martin Schwidefsky
2017-06-07 20:47 ` Heiko Carstens
2017-06-08 5:35 ` Martin Schwidefsky
2017-06-08 6:25 ` Heiko Carstens
2017-06-08 11:24 ` Martin Schwidefsky [this message]
2017-06-08 13:17 ` Heiko Carstens
2017-06-02 10:28 ` Heiko Carstens
2017-06-02 10:48 ` Martin Schwidefsky
2017-06-02 10:54 ` David Hildenbrand
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170608132401.5eafacc4@mschwideX1 \
--to=schwidefsky@de.ibm.com \
--cc=borntraeger@de.ibm.com \
--cc=david@redhat.com \
--cc=heiko.carstens@de.ibm.com \
--cc=krebbel@linux.vnet.ibm.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.