Re: [PATCH v2 5/5] KVM: s390: vsie: Do the CRYCB validation first

From: Pierre Morel
Date: Thu Aug 23 2018 - 03:17:51 EST


On 22/08/2018 19:15, David Hildenbrand wrote:
On 22.08.2018 18:51, Pierre Morel wrote:
When entering the SIE the CRYCB validation better
be done independently of the instruction's
availability.

Signed-off-by: Pierre Morel <pmorel@xxxxxxxxxxxxx>
---
arch/s390/kvm/vsie.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/arch/s390/kvm/vsie.c b/arch/s390/kvm/vsie.c
index 7ee4329..fca25aa 100644
--- a/arch/s390/kvm/vsie.c
+++ b/arch/s390/kvm/vsie.c
@@ -164,17 +164,18 @@ static int shadow_crycb(struct kvm_vcpu *vcpu, struct vsie_page *vsie_page)
/* format-1 is supported with message-security-assist extension 3 */
if (!test_kvm_facility(vcpu->kvm, 76))
return 0;
- /* we may only allow it if enabled for guest 2 */
- ecb3_flags = scb_o->ecb3 & vcpu->arch.sie_block->ecb3 &
- (ECB3_AES | ECB3_DEA);
- if (!ecb3_flags)
- return 0;
if ((crycb_addr & PAGE_MASK) != ((crycb_addr + 128) & PAGE_MASK))
return set_validity_icpt(scb_s, 0x003CU);
if (!crycb_addr)
return set_validity_icpt(scb_s, 0x0039U);
+ /* we may only allow it if enabled for guest 2 */
+ ecb3_flags = scb_o->ecb3 & vcpu->arch.sie_block->ecb3 &
+ (ECB3_AES | ECB3_DEA);
+ if (!ecb3_flags)
+ return 0;
+
/* copy only the wrapping keys */
if (read_guest_real(vcpu, crycb_addr + 72,
vsie_page->crycb.dea_wrapping_key_mask, 56))


That makes sense, especially if ECB3_AES is used but effectively turned
off by us.

What is the expected behavior if ECB3_AES | ECB3_DEA are not set by g2
for g3?


The use of functions PCKMO-Encrypt-DEA/AES induce a specification error.

However other MSA3 function will continue to be usable.

Regards,
Pierre

--
Pierre Morel
Linux/KVM/QEMU in BÃblingen - Germany