From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 89DDDE54A for ; Thu, 1 Jun 2023 13:24:13 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id C3556C433EF; Thu, 1 Jun 2023 13:24:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1685625853; bh=HrSnKsT0CEKtiGz96gQ3ZubLQ7pkKN6ZHueH0n0A2YM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=TtMt4HuF2eW8uXjcDBPPWwmI/liFlXJZ7pIHQ++hMGtiMYA/f1ajJR4a/XDD+UkUM FCwS+QJeyeHcLUjdOUv5Tb+2bG0XVhOp7YSsmF4xRZHIwIFSCFm0POlScQC25D1ClK Cn9V3bUVCzF5NLH5KjaxNx0fXF6yxmiNCxGDAvTY= From: Greg Kroah-Hartman To: stable@vger.kernel.org Cc: Greg Kroah-Hartman , patches@lists.linux.dev, Claudio Imbrenda , Janosch Frank , Sasha Levin Subject: [PATCH 5.15 19/42] KVM: s390: pv: add export before import Date: Thu, 1 Jun 2023 14:21:06 +0100 Message-Id: <20230601131937.588176314@linuxfoundation.org> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230601131936.699199833@linuxfoundation.org> References: <20230601131936.699199833@linuxfoundation.org> User-Agent: quilt/0.67 Precedence: bulk X-Mailing-List: patches@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit From: Claudio Imbrenda [ Upstream commit 72b1daff2671cef2c8cccc6c4e52f8d5ce4ebe58 ] Due to upcoming changes, it will be possible to temporarily have multiple protected VMs in the same address space, although only one will be actually active. In that scenario, it is necessary to perform an export of every page that is to be imported, since the hardware does not allow a page belonging to a protected guest to be imported into a different protected guest. This also applies to pages that are shared, and thus accessible by the host. Signed-off-by: Claudio Imbrenda Reviewed-by: Janosch Frank Link: https://lore.kernel.org/r/20220628135619.32410-7-imbrenda@linux.ibm.com Message-Id: <20220628135619.32410-7-imbrenda@linux.ibm.com> Signed-off-by: Janosch Frank Stable-dep-of: c148dc8e2fa4 ("KVM: s390: fix race in gmap_make_secure()") Signed-off-by: Sasha Levin --- arch/s390/kernel/uv.c | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/arch/s390/kernel/uv.c b/arch/s390/kernel/uv.c index f95ccbd396925..7d7961c7b1281 100644 --- a/arch/s390/kernel/uv.c +++ b/arch/s390/kernel/uv.c @@ -189,6 +189,32 @@ static int make_secure_pte(pte_t *ptep, unsigned long addr, return rc; } +/** + * should_export_before_import - Determine whether an export is needed + * before an import-like operation + * @uvcb: the Ultravisor control block of the UVC to be performed + * @mm: the mm of the process + * + * Returns whether an export is needed before every import-like operation. + * This is needed for shared pages, which don't trigger a secure storage + * exception when accessed from a different guest. + * + * Although considered as one, the Unpin Page UVC is not an actual import, + * so it is not affected. + * + * No export is needed also when there is only one protected VM, because the + * page cannot belong to the wrong VM in that case (there is no "other VM" + * it can belong to). + * + * Return: true if an export is needed before every import, otherwise false. + */ +static bool should_export_before_import(struct uv_cb_header *uvcb, struct mm_struct *mm) +{ + if (uvcb->cmd == UVC_CMD_UNPIN_PAGE_SHARED) + return false; + return atomic_read(&mm->context.protected_count) > 1; +} + /* * Requests the Ultravisor to make a page accessible to a guest. * If it's brought in the first time, it will be cleared. If @@ -232,6 +258,8 @@ int gmap_make_secure(struct gmap *gmap, unsigned long gaddr, void *uvcb) lock_page(page); ptep = get_locked_pte(gmap->mm, uaddr, &ptelock); + if (should_export_before_import(uvcb, gmap->mm)) + uv_convert_from_secure(page_to_phys(page)); rc = make_secure_pte(ptep, uaddr, page, uvcb); pte_unmap_unlock(ptep, ptelock); unlock_page(page); -- 2.39.2