Commit b108f7f0 authored by Claudio Imbrenda's avatar Claudio Imbrenda Committed by Janosch Frank

KVM: s390: pv: handle secure storage exceptions for normal guests

With upcoming patches, normal guests might touch secure pages.

This patch extends the existing exception handler to convert the pages
to non secure also when the exception is triggered by a normal guest.

This can happen for example when a secure guest reboots; the first
stage of a secure guest is non secure, and in general a secure guest
can reboot into non-secure mode.

If the secure memory of the previous boot has not been cleared up
completely yet (which will be allowed to happen in an upcoming patch),
a non-secure guest might touch secure memory, which will need to be
handled properly.

This means that gmap faults must be handled and not cause termination
of the process. The handling is the same as userspace accesses, it's
enough to translate the gmap address to a user address and then let the
normal user fault code handle it.
Signed-off-by: default avatarClaudio Imbrenda <imbrenda@linux.ibm.com>
Reviewed-by: default avatarJanosch Frank <frankja@linux.ibm.com>
Link: https://lore.kernel.org/r/20220628135619.32410-4-imbrenda@linux.ibm.com
Message-Id: <20220628135619.32410-4-imbrenda@linux.ibm.com>
Signed-off-by: default avatarJanosch Frank <frankja@linux.ibm.com>
parent a52c2584
...@@ -754,6 +754,7 @@ void do_secure_storage_access(struct pt_regs *regs) ...@@ -754,6 +754,7 @@ void do_secure_storage_access(struct pt_regs *regs)
struct vm_area_struct *vma; struct vm_area_struct *vma;
struct mm_struct *mm; struct mm_struct *mm;
struct page *page; struct page *page;
struct gmap *gmap;
int rc; int rc;
/* /*
...@@ -783,6 +784,17 @@ void do_secure_storage_access(struct pt_regs *regs) ...@@ -783,6 +784,17 @@ void do_secure_storage_access(struct pt_regs *regs)
} }
switch (get_fault_type(regs)) { switch (get_fault_type(regs)) {
case GMAP_FAULT:
mm = current->mm;
gmap = (struct gmap *)S390_lowcore.gmap;
mmap_read_lock(mm);
addr = __gmap_translate(gmap, addr);
mmap_read_unlock(mm);
if (IS_ERR_VALUE(addr)) {
do_fault_error(regs, VM_ACCESS_FLAGS, VM_FAULT_BADMAP);
break;
}
fallthrough;
case USER_FAULT: case USER_FAULT:
mm = current->mm; mm = current->mm;
mmap_read_lock(mm); mmap_read_lock(mm);
...@@ -811,7 +823,6 @@ void do_secure_storage_access(struct pt_regs *regs) ...@@ -811,7 +823,6 @@ void do_secure_storage_access(struct pt_regs *regs)
if (rc) if (rc)
BUG(); BUG();
break; break;
case GMAP_FAULT:
default: default:
do_fault_error(regs, VM_READ | VM_WRITE, VM_FAULT_BADMAP); do_fault_error(regs, VM_READ | VM_WRITE, VM_FAULT_BADMAP);
WARN_ON_ONCE(1); WARN_ON_ONCE(1);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment