From: Thomas Huth <thuth@redhat.com>
To: Richard Henderson <richard.henderson@linaro.org>,
qemu-devel@nongnu.org, David Hildenbrand <david@redhat.com>,
Ilya Leoshkevich <iii@linux.ibm.com>
Cc: qemu-s390x@nongnu.org
Subject: Re: [PATCH v2 for-8.0] target/s390x/tcg: Fix and improve the SACF instruction
Date: Fri, 2 Dec 2022 08:41:16 +0100 [thread overview]
Message-ID: <04b7fbcd-c753-2863-23bb-59ed3a2cbd43@redhat.com> (raw)
In-Reply-To: <2ab9d798-4feb-62d3-3713-aa12235a7034@linaro.org>
On 01/12/2022 21.51, Richard Henderson wrote:
> On 12/1/22 10:44, Thomas Huth wrote:
>> The SET ADDRESS SPACE CONTROL FAST instruction is not privileged, it can be
>> used from problem space, too. Just the switching to the home address space
>> is privileged and should still generate a privilege exception. This bug is
>> e.g. causing programs like Java that use the "getcpu" vdso kernel function
>> to crash (see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990417#26 ).
>>
>> While we're at it, also check if DAT is not enabled. In that case the
>> instruction is supposed to generate a special operation exception.
>>
>> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/655
>> Signed-off-by: Thomas Huth <thuth@redhat.com>
>> ---
>
> Looks ok, as far as it goes. We appear to be missing the check for
> CR0_SECONDARY, which is unpredictable for SACF but mandatory for SAC.
Yes, but if I got our sources right, we do not implement SAC yet. Looks like
Linux does not use it, so nobody bothered to implement it yet. Since it
should be very similar to SACF, it should be easy to add - I can try to come
up with an additional patch for it later.
> I'll give you
>
> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
>
> for fixing the incorrect IF_PRIV check, which by itself should be enough to
> fix the Java issue.
Thanks!
Thomas
PS: We might have a similar bug with the MVCP and MVCS instructions ...
seems like they could be called from userspace in certain situations, too.
next prev parent reply other threads:[~2022-12-02 7:42 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-01 18:44 [PATCH v2 for-8.0] target/s390x/tcg: Fix and improve the SACF instruction Thomas Huth
2022-12-01 20:51 ` Richard Henderson
2022-12-02 7:41 ` Thomas Huth [this message]
2022-12-02 12:31 ` David Hildenbrand
2022-12-02 23:39 ` Ilya Leoshkevich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=04b7fbcd-c753-2863-23bb-59ed3a2cbd43@redhat.com \
--to=thuth@redhat.com \
--cc=david@redhat.com \
--cc=iii@linux.ibm.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-s390x@nongnu.org \
--cc=richard.henderson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.