From: Janosch Frank <frankja@linux.ibm.com>
To: Christian Borntraeger <borntraeger@linux.ibm.com>,
Janis Schoetterl-Glausch <scgl@linux.ibm.com>,
Claudio Imbrenda <imbrenda@linux.ibm.com>
Cc: David Hildenbrand <david@redhat.com>,
Heiko Carstens <hca@linux.ibm.com>,
Vasily Gorbik <gor@linux.ibm.com>,
Alexander Gordeev <agordeev@linux.ibm.com>,
Sven Schnelle <svens@linux.ibm.com>,
Paolo Bonzini <pbonzini@redhat.com>,
kvm@vger.kernel.org, Shuah Khan <shuah@kernel.org>,
linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-s390@vger.kernel.org
Subject: Re: [PATCH v2 0/2] Dirtying, failing memop: don't indicate suppression
Date: Tue, 26 Apr 2022 09:25:17 +0200 [thread overview]
Message-ID: <40038a9a-5647-c355-bad2-297b0a2baf4f@linux.ibm.com> (raw)
In-Reply-To: <1ccb1333-2233-8832-4102-a6c082b29108@linux.ibm.com>
On 4/26/22 08:19, Christian Borntraeger wrote:
>
>
> Am 25.04.22 um 19:29 schrieb Janis Schoetterl-Glausch:
>> On 4/25/22 18:30, Christian Borntraeger wrote:
>>> Am 25.04.22 um 12:01 schrieb Janis Schoetterl-Glausch:
>>>> If a memop fails due to key checked protection, after already having
>>>> written to the guest, don't indicate suppression to the guest, as that
>>>> would imply that memory wasn't modified.
>>>>
>>>> This could be considered a fix to the code introducing storage key
>>>> support, however this is a bug in KVM only if we emulate an
>>>> instructions writing to an operand spanning multiple pages, which I
>>>> don't believe we do.
>>>>
>>>
>>> Thanks applied. I think it makes sense for 5.18 nevertheless.
>>
>> Janosch had some concerns because the protection code being 000 implies
>> that the effective address in the TEID is unpredictable.
>> Let's see if he chimes in.
>
> z/VM does exactly the same on key protection crossing a page boundary. The
> architecture was written in a way to allow all zeros exactly for this case.
> (hypervisor emulation of key protection crossing pages).
> This is even true for ESOP-2. See Figure 3-5 or figure 3-8 (the first line)
> which allows to NOT have a valid address in the TEID for key controlled
> protection.
>
> The only question is, do we need to change the suppression parameter in
> access_guest_with_key
>
> (mode != GACC_STORE) || (idx == 0)
>
> to also check for prot != PROT_TYPE_KEYC
> ? I think we do not need this as we have checked other reasons before.
To me this measure looks like a last resort option and the POP doesn't
state a 100% what is to be done. Some instructions can mandate
suppression instead of termination according to the architects.
My intuition tells me that if we are in a situation where this would
happen then we would be much better off just doing it by hand (i.e. in
the instruction emulation code) and not letting this function decide.
So I'm not entirely sure if we're replacing something that is not
correct with something that also won't be correct for all cases.
But to summarize this: I'm not entirely sure even after reading the POP
for more than an hour and consulting an architect
next prev parent reply other threads:[~2022-04-26 7:25 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-25 10:01 [PATCH v2 0/2] Dirtying, failing memop: don't indicate suppression Janis Schoetterl-Glausch
2022-04-25 10:01 ` [PATCH v2 1/2] KVM: s390: Don't indicate suppression on dirtying, failing memop Janis Schoetterl-Glausch
2022-04-25 13:46 ` Claudio Imbrenda
2022-04-25 16:01 ` Christian Borntraeger
2022-04-26 7:18 ` Janosch Frank
2022-04-26 13:25 ` Janis Schoetterl-Glausch
2022-04-26 13:39 ` Janosch Frank
2022-04-25 10:01 ` [PATCH v2 2/2] KVM: s390: selftest: Test suppression indication on key prot exception Janis Schoetterl-Glausch
2022-04-25 13:47 ` Claudio Imbrenda
2022-04-28 16:48 ` Janis Schoetterl-Glausch
2022-04-25 16:30 ` [PATCH v2 0/2] Dirtying, failing memop: don't indicate suppression Christian Borntraeger
2022-04-25 17:29 ` Janis Schoetterl-Glausch
2022-04-26 6:19 ` Christian Borntraeger
2022-04-26 7:25 ` Janosch Frank [this message]
2022-04-26 11:56 ` Janis Schoetterl-Glausch
2022-04-26 12:34 ` Janosch Frank
2022-05-02 7:58 ` Christian Borntraeger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=40038a9a-5647-c355-bad2-297b0a2baf4f@linux.ibm.com \
--to=frankja@linux.ibm.com \
--cc=agordeev@linux.ibm.com \
--cc=borntraeger@linux.ibm.com \
--cc=david@redhat.com \
--cc=gor@linux.ibm.com \
--cc=hca@linux.ibm.com \
--cc=imbrenda@linux.ibm.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=scgl@linux.ibm.com \
--cc=shuah@kernel.org \
--cc=svens@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox