Commit cd4d3d5f authored by Janosch Frank's avatar Janosch Frank Committed by Vasily Gorbik
Browse files

s390: add 3f program exception handler 



Program exception 3f (secure storage violation) can only be detected
when the CPU is running in SIE with a format 4 state description,
e.g. running a protected guest. Because of this and because user
space partly controls the guest memory mapping and can trigger this
exception, we want to send a SIGSEGV to the process running the guest
and not panic the kernel.

Signed-off-by: default avatarJanosch Frank <frankja@linux.ibm.com>
Cc: <stable@vger.kernel.org> # 5.7
Fixes: 084ea4d6 ("s390/mm: add (non)secure page access exceptions handlers")
Reviewed-by: default avatarClaudio Imbrenda <imbrenda@linux.ibm.com>
Reviewed-by: default avatarCornelia Huck <cohuck@redhat.com>
Acked-by: default avatarChristian Borntraeger <borntraeger@de.ibm.com>
Signed-off-by: default avatarHeiko Carstens <hca@linux.ibm.com>
Signed-off-by: default avatarVasily Gorbik <gor@linux.ibm.com>
parent 73ac74c7

arch/s390/kernel/entry.h

+1 −0
Original line number Diff line number Diff line
@@ -26,6 +26,7 @@ void do_protection_exception(struct pt_regs *regs); 
void do_dat_exception(struct pt_regs *regs);

void do_secure_storage_access(struct pt_regs *regs);

void do_non_secure_storage_access(struct pt_regs *regs);

void do_secure_storage_violation(struct pt_regs *regs);



void addressing_exception(struct pt_regs *regs);

void data_exception(struct pt_regs *regs);

arch/s390/kernel/pgm_check.S

+1 −1
Original line number Diff line number Diff line
@@ -80,7 +80,7 @@ PGM_CHECK(do_dat_exception) /* 3b */ 
PGM_CHECK_DEFAULT			/* 3c */

PGM_CHECK(do_secure_storage_access)	/* 3d */

PGM_CHECK(do_non_secure_storage_access)	/* 3e */

PGM_CHECK_DEFAULT			/* 3f */

PGM_CHECK(do_secure_storage_violation)	/* 3f */

PGM_CHECK(monitor_event_exception)	/* 40 */

PGM_CHECK_DEFAULT			/* 41 */

PGM_CHECK_DEFAULT			/* 42 */

arch/s390/mm/fault.c

+20 −0
Original line number Diff line number Diff line
@@ -859,6 +859,21 @@ void do_non_secure_storage_access(struct pt_regs *regs) 
}

NOKPROBE_SYMBOL(do_non_secure_storage_access);



void do_secure_storage_violation(struct pt_regs *regs)

{

	/*

	 * Either KVM messed up the secure guest mapping or the same

	 * page is mapped into multiple secure guests.

	 *

	 * This exception is only triggered when a guest 2 is running

	 * and can therefore never occur in kernel context.

	 */

	printk_ratelimited(KERN_WARNING

			   "Secure storage violation in task: %s, pid %d\n",

			   current->comm, current->pid);

	send_sig(SIGSEGV, current, 0);

}



#else

void do_secure_storage_access(struct pt_regs *regs)

{
@@ -869,4 +884,9 @@ void do_non_secure_storage_access(struct pt_regs *regs) 
{

	default_trap_handler(regs);

}



void do_secure_storage_violation(struct pt_regs *regs)

{

	default_trap_handler(regs);

}

#endif

CRA Git | Maintained and supported by SUSTech CRA and CCSE