------- Comment From boris.m...@de.ibm.com 2022-03-03 05:34 EDT------- Here is the action performed to arrive at the specific patch, respectively:
01. backport e2c12909ae5f (selftests: kvm: add _vm_ioctl) 02. backport a46f8a63cde8 (selftests: kvm: Introduce the TEST_FAIL macro) 03. cherry-pick 3e6b94126784 (KVM: selftests: Add GUEST_ASSERT variants to pass values to host) 04. cherry-pick 416e7f0c9d61 (KVM: s390: gaccess: Refactor gpa and length calculation) 05. cherry-pick 7faa543df19b (KVM: s390: gaccess: Refactor access address range check) 06. cherry-pick bad13799e030 (KVM: s390: gaccess: Cleanup access to guest pages) 07. backport 012a224e1fa3 (s390/uaccess: introduce bit field for OAC specifier) 08. backport 3d787b392d16 (s390/uaccess: fix compile error) 09. backport 1a82f6ab2365 (s390/uaccess: Add copy_from/to_user_key functions) 10. backport e613d83454d7 (KVM: s390: Honor storage keys when accessing guest memory) 11. cherry-pick 61380a7adfce (KVM: s390: handle_tprot: Honor storage keys) 12. backport c7ef9ebbed20 (KVM: s390: selftests: Test TEST PROTECTION emulation) 13. cherry-pick e9e9feebcbc1 (KVM: s390: Add optional storage key checking to MEMOP IOCTL) 14. backport ef11c9463ae0 (KVM: s390: Add vm IOCTL for key checked guest absolute memory access) 15. cherry-pick 0e1234c02b77 (KVM: s390: Rename existing vcpu memop functions) 16. backport d004079edc16 (KVM: s390: Add capability for storage key extension of MEM_OP IOCTL) 17. backport 5e35d0eb472b (KVM: s390: Update api documentation for memop ioctl) 18. backport cbf9b8109d32 (KVM: s390: Clarify key argument for MEM_OP in api docs) 19. cherry-pick 3d9042f8b923 (KVM: s390: Add missing vm MEM_OP size check) Notes on backport 01. resolve minor conflict due to additional includes 02. resolve minor conflict due to additional functionality 07. backport needs to use primary address space 08. resolve minor conflict, only move #define 09. resolve minor conflict caused by older base, e.g. use of primary address space implement __copy_to/from_user_key by copying include/linux/uaccess.h (i.e. old code) implementation and adding key support 10. replace locking of current->mm mark_page_dirty instead of mark_page_dirty_in_slot 12. replace aligned attribute GUEST_ASSERT instead of GUEST_ASSERT_EQ, fprintf instead of print_skip 14. replace locking of current->mm 16. resolve minor conflict caused by additional capabilities ADJUST CAPABILITY NUMBER TO 211 TO ACCOUNT FOR MERGE COMMIT IN kvm-next THAT CHANGED IT 17. move documentation to api.txt 18. move documentation to api.txt As 16. mentions, capability number was adjusted to 211 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1962831 Title: [UBUNTU 20.04] KVM: Enable storage key checking for intercepted instruction (Backport to focal) Status in linux package in Ubuntu: New Bug description: Description: KVM uses lazy storage key enablement as Linux does no longer make use of the storage keys. When the guest enters keyed mode, then KVM will save/restore the key during paging, provide change/reference tracking for guest and host and for all interpreted instructions will do key protection. If an instruction is intercepted and passed along to userspace (like QEMU) no storage key protection is checked, though. This is in violation of the architecture and it can result in misbehaving guests that rely on key protection for all instructions. This item will add the missing key checking to MEMOP ioctl. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1962831/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
