From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-9.0 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id ADD4BC282D8 for ; Fri, 1 Feb 2019 09:52:21 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 8366320870 for ; Fri, 1 Feb 2019 09:52:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727308AbfBAJwT (ORCPT ); Fri, 1 Feb 2019 04:52:19 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:47584 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725765AbfBAJwR (ORCPT ); Fri, 1 Feb 2019 04:52:17 -0500 Received: from pps.filterd (m0098393.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x119mVmK027566 for ; Fri, 1 Feb 2019 04:52:14 -0500 Received: from e06smtp03.uk.ibm.com (e06smtp03.uk.ibm.com [195.75.94.99]) by mx0a-001b2d01.pphosted.com with ESMTP id 2qck4829ft-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 01 Feb 2019 04:52:14 -0500 Received: from localhost by e06smtp03.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 1 Feb 2019 09:52:12 -0000 Received: from b06cxnps4074.portsmouth.uk.ibm.com (9.149.109.196) by e06smtp03.uk.ibm.com (192.168.101.133) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 1 Feb 2019 09:52:09 -0000 Received: from d06av24.portsmouth.uk.ibm.com (d06av24.portsmouth.uk.ibm.com [9.149.105.60]) by b06cxnps4074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x119q7cp51118262 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Fri, 1 Feb 2019 09:52:07 GMT Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9EF2942045; Fri, 1 Feb 2019 09:52:07 +0000 (GMT) Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 36F7042041; Fri, 1 Feb 2019 09:52:07 +0000 (GMT) Received: from morel-ThinkPad-W530.boeblingen.de.ibm.com (unknown [9.145.32.190]) by d06av24.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 1 Feb 2019 09:52:07 +0000 (GMT) From: Pierre Morel To: borntraeger@de.ibm.com Cc: david@redhat.com, linux-kernel@vger.kernel.org, cohuck@redhat.com, linux-s390@vger.kernel.org, kvm@vger.kernel.org, frankja@linux.ibm.com, akrowiak@linux.ibm.com, pasic@linux.ibm.com Subject: [PATCH v1] KVM: s390: vsie: fix Do the CRYCB validation first Date: Fri, 1 Feb 2019 10:52:05 +0100 X-Mailer: git-send-email 2.7.4 In-Reply-To: <1549014725-28216-1-git-send-email-pmorel@linux.ibm.com> References: <1549014725-28216-1-git-send-email-pmorel@linux.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 19020109-0012-0000-0000-000002EFE3D9 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19020109-0013-0000-0000-000021273340 Message-Id: <1549014725-28216-2-git-send-email-pmorel@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2019-02-01_07:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=882 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1902010072 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The case when the SIE for guest3 is not setup for using encryption keys nor Adjunct processor but the guest2 does use these features was not properly handled. This leads SIE entry for guest3 to crash with validity intercept because the guest2, not having the use of encryption keys nor Adjunct Processor did not initialize the CRYCB designation. In the case where none of ECA_APIE, ECB3_AES or ECB3_DEA are set in guest3 a format 0 CRYCB is allowed for guest3 and the CRYCB designation in the SIE for guest3 is not checked on SIE entry. Let's allow the CRYCD designation to be ignored when the SIE for guest3 is not initialized for encryption key usage nor AP. Fixup: d6f6959 (KVM: s390: vsie: Do the CRYCB validation first) Signed-off-by: Pierre Morel Reported-by: Claudio Imbrenda --- arch/s390/kvm/vsie.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/s390/kvm/vsie.c b/arch/s390/kvm/vsie.c index a153257..a748f76 100644 --- a/arch/s390/kvm/vsie.c +++ b/arch/s390/kvm/vsie.c @@ -300,6 +300,9 @@ static int shadow_crycb(struct kvm_vcpu *vcpu, struct vsie_page *vsie_page) if (!apie_h && !key_msk) return 0; + if (!(scb_o->eca & ECA_APIE) && !(scb_o->ecb3 & (ECB3_AES | ECB3_DEA))) + return 0; + if (!crycb_addr) return set_validity_icpt(scb_s, 0x0039U); -- 2.7.4