From mboxrd@z Thu Jan 1 00:00:00 1970 From: Cornelia Huck Subject: Re: [PATCH 4/4] KVM: s390: Fix skey emulation permission check Date: Tue, 5 Dec 2017 10:13:59 +0100 Message-ID: <20171205101359.1d3b09c3.cohuck@redhat.com> References: <20171205083321.102933-1-borntraeger@de.ibm.com> <20171205083321.102933-5-borntraeger@de.ibm.com> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <20171205083321.102933-5-borntraeger@de.ibm.com> Sender: kvm-owner@vger.kernel.org List-Archive: List-Post: To: Christian Borntraeger Cc: KVM , linux-s390 , Thomas Huth , Halil Pasic , Janosch Frank List-ID: On Tue, 5 Dec 2017 09:33:21 +0100 Christian Borntraeger wrote: > From: Janosch Frank > > All skey functions call skey_check_enable at their start, which checks > if we are in the PSTATE and injects a privileged operation exception > if we are. > > Unfortunately they continue processing afterwards and perform the > operation anyhow as skey_check_enable does not deliver an error if the > exception injection was successful. > > Let's move the PSTATE check into the skey functions and exit them on > such an occasion, also we now do not enable skey handling anymore in > such a case. > > Signed-off-by: Janosch Frank > Reviewed-by: Christian Borntraeger > Fixes: a7e19ab ("KVM: s390: handle missing storage-key facility") > Cc: # v4.8+ > Signed-off-by: Christian Borntraeger > --- > arch/s390/kvm/priv.c | 11 +++++++++-- > 1 file changed, 9 insertions(+), 2 deletions(-) Reviewed-by: Cornelia Huck This reminds me of something I stumbled upon the other day: handle_ri() and handle_gs() (both implemented in priv.c) don't seem to have a check for PSTATE, yet they enable ri/gs before retrying the instruction. Is that correct?