[GIT PULL 0/1] KVM: s390: fix for 4.9 (via kvm/master)

[GIT PULL 0/1] KVM: s390: fix for 4.9 (via kvm/master)

[Christian Borntraeger]

Paolo, Radim,

The following changes since commit 1001354ca34179f3db924eb66672442a173147dc:

  Linux 4.9-rc1 (2016-10-15 12:17:50 -0700)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux.git  tags/kvm-s390-master-4.9-1

for you to fetch changes up to a5efb6b6c99a3a6dc4330f51d8066f638bdea0ac:

  KVM: s390: reject invalid modes for runtime instrumentation (2016-10-20 20:06:12 +0200)

----------------------------------------------------------------
KVM: s390: Fix for user-triggerable WARN_ON

A malicious user space can provide an invalid mode for runtime
instrumentation via the interfaces that are normally used on
the target host during migration. This would trigger a WARN_ON
via validity intercept. Let's detect this special case.

----------------------------------------------------------------
Christian Borntraeger (1):
      KVM: s390: reject invalid modes for runtime instrumentation

 arch/s390/kvm/intercept.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

[GIT PULL 1/1] KVM: s390: reject invalid modes for runtime instrumentation

[Christian Borntraeger]

Usually a validity intercept is a programming error of the host
because of invalid entries in the state description.
We can get a validity intercept if the mode of the runtime
instrumentation control block is wrong. As the host does not know
which modes are valid, this can be used by userspace to trigger
a WARN.
Instead of printing a WARN let's return an error to userspace as
this can only happen if userspace provides a malformed initial
value (e.g. on migration). The kernel should never warn on bogus
input. Instead let's log it into the s390 debug feature.

While at it, let's return -EINVAL for all validity intercepts as
this will trigger an error in QEMU like

error: kvm run failed Invalid argument
PSW=mask 0404c00180000000 addr 000000000063c226 cc 00
R00=000000000000004f R01=0000000000000004 R02=0000000000760005 R03=000000007fe0a000
R04=000000000064ba2a R05=000000049db73dd0 R06=000000000082c4b0 R07=0000000000000041
R08=0000000000000002 R09=000003e0804042a8 R10=0000000496152c42 R11=000000007fe0afb0
[...]

This will avoid an endless loop of validity intercepts.

Cc: stable@vger.kernel.org # v4.5+
Fixes: c6e5f166373a ("KVM: s390: implement the RI support of guest")
Acked-by: Fan Zhang <zhangfan@linux.vnet.ibm.com>
Reviewed-by: Pierre Morel <pmorel@linux.vnet.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
---
 arch/s390/kvm/intercept.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/arch/s390/kvm/intercept.c b/arch/s390/kvm/intercept.c
index 1cab8a1..7a27eeb 100644
--- a/arch/s390/kvm/intercept.c
+++ b/arch/s390/kvm/intercept.c
@@ -119,8 +119,13 @@ static int handle_validity(struct kvm_vcpu *vcpu)
 
 	vcpu->stat.exit_validity++;
 	trace_kvm_s390_intercept_validity(vcpu, viwhy);
-	WARN_ONCE(true, "kvm: unhandled validity intercept 0x%x\n", viwhy);
-	return -EOPNOTSUPP;
+	KVM_EVENT(3, "validity intercept 0x%x for pid %u (kvm 0x%pK)", viwhy,
+		  current->pid, vcpu->kvm);
+
+	/* do not warn on invalid runtime instrumentation mode */
+	WARN_ONCE(viwhy != 0x44, "kvm: unhandled validity intercept 0x%x\n",
+		  viwhy);
+	return -EINVAL;
 }
 
 static int handle_instruction(struct kvm_vcpu *vcpu)
-- 
2.5.5

Re: [GIT PULL 0/1] KVM: s390: fix for 4.9 (via kvm/master)

[Radim Krčmář]

2016-10-20 20:20+0200, Christian Borntraeger:
> Paolo, Radim,
> 
> The following changes since commit 1001354ca34179f3db924eb66672442a173147dc:
> 
>   Linux 4.9-rc1 (2016-10-15 12:17:50 -0700)
> 
> are available in the git repository at:
> 
>   git://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux.git  tags/kvm-s390-master-4.9-1
> 
> for you to fetch changes up to a5efb6b6c99a3a6dc4330f51d8066f638bdea0ac:
> 
>   KVM: s390: reject invalid modes for runtime instrumentation (2016-10-20 20:06:12 +0200)

Pulled, thanks.

> ----------------------------------------------------------------
> KVM: s390: Fix for user-triggerable WARN_ON
> 
> A malicious user space can provide an invalid mode for runtime
> instrumentation via the interfaces that are normally used on
> the target host during migration. This would trigger a WARN_ON
> via validity intercept. Let's detect this special case.
> 
> ----------------------------------------------------------------
> Christian Borntraeger (1):
>       KVM: s390: reject invalid modes for runtime instrumentation
> 
>  arch/s390/kvm/intercept.c | 9 +++++++--
>  1 file changed, 7 insertions(+), 2 deletions(-)
> 

Re: [GIT PULL 0/1] KVM: s390: fix for 4.9 (via kvm/master)

[Radim Krčmář]

2016-10-20 20:20+0200, Christian Borntraeger:
> Paolo, Radim,
> 
> The following changes since commit 1001354ca34179f3db924eb66672442a173147dc:
> 
>   Linux 4.9-rc1 (2016-10-15 12:17:50 -0700)
> 
> are available in the git repository at:
> 
>   git://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux.git  tags/kvm-s390-master-4.9-1
> 
> for you to fetch changes up to a5efb6b6c99a3a6dc4330f51d8066f638bdea0ac:
> 
>   KVM: s390: reject invalid modes for runtime instrumentation (2016-10-20 20:06:12 +0200)

Pulled, thanks.

> ----------------------------------------------------------------
> KVM: s390: Fix for user-triggerable WARN_ON
> 
> A malicious user space can provide an invalid mode for runtime
> instrumentation via the interfaces that are normally used on
> the target host during migration. This would trigger a WARN_ON
> via validity intercept. Let's detect this special case.
> 
> ----------------------------------------------------------------
> Christian Borntraeger (1):
>       KVM: s390: reject invalid modes for runtime instrumentation
> 
>  arch/s390/kvm/intercept.c | 9 +++++++--
>  1 file changed, 7 insertions(+), 2 deletions(-)
> 

[GIT PULL 0/1] KVM: s390: Fix for 4.9 (via kvm/master)

[Christian Borntraeger]

Paolo, Radim,

another fix for 4.9.

The following changes since commit a5efb6b6c99a3a6dc4330f51d8066f638bdea0ac:

  KVM: s390: reject invalid modes for runtime instrumentation (2016-10-20 20:06:12 +0200)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux.git  tags/kvm-s390-master-4.9-2

for you to fetch changes up to 45c7ee43a5184ddbff652ee0d2e826f86f1b616b:

  KVM: s390: Fix STHYI buffer alignment for diag224 (2016-10-26 13:46:44 +0200)

----------------------------------------------------------------
KVM: s390: Fix wrong memory allocation

With commit d86bd1bece6f ("mm/slub: support left redzone") or
with slab debugging the allocation of our diag224 buffer is not
aligned properly. Let's fix this.

----------------------------------------------------------------
Janosch Frank (1):
      KVM: s390: Fix STHYI buffer alignment for diag224

 arch/s390/kvm/sthyi.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Re: [GIT PULL 0/1] KVM: s390: Fix for 4.9 (via kvm/master)

[Paolo Bonzini]

On 27/10/2016 10:07, Christian Borntraeger wrote:
>   git://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux.git  tags/kvm-s390-master-4.9-2

Pulled, thanks.

Paolo