[GIT PULL 00/14 v2] KVM: s390: Fixes and features for 4.11 (via kvm/next)

[GIT PULL 00/14 v2] KVM: s390: Fixes and features for 4.11 (via kvm/next)

[Christian Borntraeger]

Paolo, Radim,

since my old request is not yet processed, here is an  updated one with
2 additional patches on top.
See patches 13 and 14 as reply to this one for the new ones. All other
patches are as in the first pull request.



The following changes since commit 49def1853334396f948dcb4cedb9347abb318df5:

  Linux 4.10-rc4 (2017-01-15 16:21:59 -0800)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux.git  tags/kvm-s390-next-4.11-2

for you to fetch changes up to fb7dc1d4ddce744c8d8e1aca19d4982102cf72e1:

  KVM: s390: detect some program check loops (2017-02-06 12:35:53 +0100)

----------------------------------------------------------------
KVM: s390: Fixes and features for 4.11 (via kvm/next)

- enable some simd extensions for guests
- enable nx for guests
- debug log for cpu model
- PER fixes
- remove bitwise annotation from ar_t
- detect guests in operation exception program check loops
- fix potential null-pointer dereference for ucontrol guests

- also contains merge for fix that went into 4.10 to avoid conflicts

----------------------------------------------------------------
Christian Borntraeger (6):
      KVM: s390: do not expose random data via facility bitmap
      KVM: s390: gaccess: add ESOP2 handling
      KVM: s390: Get rid of ar_t
      Merge tag 'kvm-s390-master-4.10-1' of git://git.kernel.org/.../kvms390/linux into kernelorgnext
      KVM: s390: Add debug logging to basic cpu model interface
      KVM: s390: detect some program check loops

David Hildenbrand (3):
      KVM: s390: guestdbg: filter i-fetch events on icpts
      KVM: s390: prepare to read random guest instructions
      KVM: s390: guestdbg: filter PER i-fetch on EXECUTE properly

Guenther Hutzl (1):
      KVM: s390: Introduce BCD Vector Instructions to the guest

Heiko Carstens (1):
      KVM: s390: get rid of bogus cc initialization

Janosch Frank (3):
      KVM: s390: instruction-execution-protection support
      KVM: s390: Fix RRBE return code not being CC
      KVM: s390: Disable dirty log retrieval for UCONTROL guests

Maxim Samoylov (1):
      KVM: s390: Introduce Vector Enhancements facility 1 to the guest

 arch/s390/kvm/gaccess.c          |  26 +++++----
 arch/s390/kvm/gaccess.h          |  19 ++++---
 arch/s390/kvm/guestdbg.c         | 120 ++++++++++++++++++++++++++++++++++-----
 arch/s390/kvm/intercept.c        |  25 +++++++-
 arch/s390/kvm/kvm-s390.c         |  46 +++++++++++++--
 arch/s390/kvm/kvm-s390.h         |  12 ++--
 arch/s390/kvm/priv.c             |  30 +++++-----
 arch/s390/kvm/vsie.c             |   3 +
 arch/s390/mm/pgtable.c           |   2 +-
 arch/s390/tools/gen_facilities.c |   2 +
 10 files changed, 225 insertions(+), 60 deletions(-)

[GIT PULL 13/14] KVM: s390: Disable dirty log retrieval for UCONTROL guests

[Christian Borntraeger]

From: Janosch Frank <frankja@linux.vnet.ibm.com>

User controlled KVM guests do not support the dirty log, as they have
no single gmap that we can check for changes.

As they have no single gmap, kvm->arch.gmap is NULL and all further
referencing to it for dirty checking will result in a NULL
dereference.

Let's return -EINVAL if a caller tries to sync dirty logs for a
UCONTROL guest.

Fixes: 15f36eb ("KVM: s390: Add proper dirty bitmap support to S390 kvm.")
Cc: <stable@vger.kernel.org> # 3.16+

Signed-off-by: Janosch Frank <frankja@linux.vnet.ibm.com>
Reported-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
---
 arch/s390/kvm/kvm-s390.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c
index dabd3b15..502de74 100644
--- a/arch/s390/kvm/kvm-s390.c
+++ b/arch/s390/kvm/kvm-s390.c
@@ -442,6 +442,9 @@ int kvm_vm_ioctl_get_dirty_log(struct kvm *kvm,
 	struct kvm_memory_slot *memslot;
 	int is_dirty = 0;
 
+	if (kvm_is_ucontrol(kvm))
+		return -EINVAL;
+
 	mutex_lock(&kvm->slots_lock);
 
 	r = -EINVAL;
-- 
2.7.4

[GIT PULL 14/14] KVM: s390: detect some program check loops

[Christian Borntraeger]

Sometimes (e.g. early boot) a guest is broken in such ways that it loops
100% delivering operation exceptions (illegal operation) but the pgm new
PSW is not set properly. This will result in code being read from
address zero, which usually contains another illegal op. Let's detect
this case and return to userspace. Instead of only detecting
this for address zero apply a heuristic that will work for any program
check new psw.
We do not want guest problem state to be able to trigger a guest panic,
e.g. by faulting on an address that is the same as the program check
new PSW, so we check for the problem state bit being off.

With proper handling in userspace we
a: get rid of CPU consumption of such broken guests
b: keep the program old PSW. This allows to find out the original illegal
   operation - making debugging such early boot issues much easier than
   with single stepping

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
---
 arch/s390/kvm/intercept.c | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/arch/s390/kvm/intercept.c b/arch/s390/kvm/intercept.c
index 8b13f70..59920f9 100644
--- a/arch/s390/kvm/intercept.c
+++ b/arch/s390/kvm/intercept.c
@@ -361,6 +361,9 @@ static int handle_partial_execution(struct kvm_vcpu *vcpu)
 
 static int handle_operexc(struct kvm_vcpu *vcpu)
 {
+	psw_t oldpsw, newpsw;
+	int rc;
+
 	vcpu->stat.exit_operation_exception++;
 	trace_kvm_s390_handle_operexc(vcpu, vcpu->arch.sie_block->ipa,
 				      vcpu->arch.sie_block->ipb);
@@ -371,6 +374,24 @@ static int handle_operexc(struct kvm_vcpu *vcpu)
 
 	if (vcpu->arch.sie_block->ipa == 0 && vcpu->kvm->arch.user_instr0)
 		return -EOPNOTSUPP;
+	rc = read_guest_lc(vcpu, __LC_PGM_NEW_PSW, &newpsw, sizeof(psw_t));
+	if (rc)
+		return rc;
+	/*
+	 * Avoid endless loops of operation exceptions, if the pgm new
+	 * PSW will cause a new operation exception.
+	 * The heuristic checks if the pgm new psw is within 6 bytes before
+	 * the faulting psw address (with same DAT, AS settings) and the
+	 * new psw is not a wait psw and the fault was not triggered by
+	 * problem state.
+	 */
+	oldpsw = vcpu->arch.sie_block->gpsw;
+	if (oldpsw.addr - newpsw.addr <= 6 &&
+	    !(newpsw.mask & PSW_MASK_WAIT) &&
+	    !(oldpsw.mask & PSW_MASK_PSTATE) &&
+	    (newpsw.mask & PSW_MASK_ASC) == (oldpsw.mask & PSW_MASK_ASC) &&
+	    (newpsw.mask & PSW_MASK_DAT) == (oldpsw.mask & PSW_MASK_DAT))
+		return -EOPNOTSUPP;
 
 	return kvm_s390_inject_program_int(vcpu, PGM_OPERATION);
 }
-- 
2.7.4