Ubuntu
linux package

[22.04 FEAT] KVM: Enable storage key checking for intercepted instructions handled by KVM

Bug #1933176 reported by bugproxy
14
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu on IBM z Systems
Fix Released
High
Skipper Bug Screeners
linux (Ubuntu)
Fix Released
Undecided
Skipper Bug Screeners

Bug Description

KVM uses lazy storage key enablement as Linux does no longer make use of the storage keys. When the guest enters keyed mode, then KVM will save/restore the key during paging, provide change/reference tracking for guest and host and for all interpreted instructions will do key protection.
If an instruction is intercepted and interpreted by the KVM module, no storage key protection is checked, though. This is in violation of the architecture and it can result in misbehaving guests that rely on key protection for all instructions.
This item will add key checking for all kvm-module guest memory read/writes that are done for instruction emulation. In case of a key protection the right fault is injected in the guest.

Value: Interoperability

kernel >= 5.15

bugproxy (bugproxy)
tags: added: architecture-s39064 bugnameltc-193313 severity-high targetmilestone-inin2110
Changed in ubuntu:
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
affects: ubuntu → linux (Ubuntu)
Revision history for this message
Frank Heimes (fheimes) wrote :

Tbh I think it's very unlikely that this will make it into 21.10 if it's planned for >= 5.15,
since it would mean that it comes earliest with a kernel that is tow releases after the planned target kernel for Impish.
Anyway, I'm changing to Incomplete for now until the code/patch is available and we will see and decide when it's there.

Changed in ubuntu-z-systems:
importance: Undecided → High
Changed in linux (Ubuntu):
status: New → Incomplete
Changed in ubuntu-z-systems:
status: New → Incomplete
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
Revision history for this message
bugproxy (bugproxy) wrote : Comment bridged from LTC Bugzilla

------- Comment From <email address hidden> 2021-09-09 04:55 EDT-------
Feature doesn't make it into impish / 21.10, hence moving to 22.04
Changing IBM BZ Target Milestone:21.10->22.04

tags: added: targetmilestone-inin2204
removed: targetmilestone-inin2110
Frank Heimes (fheimes)
summary: - [21.10 FEAT] KVM: Enable storage key checking for intercepted
+ [22.04 FEAT] KVM: Enable storage key checking for intercepted
instructions handled by KVM
Revision history for this message
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2022-02-04 08:01 EDT-------
This item has been merged into
Bug 193314 - LP1933179 : [22.04 FEAT] [VS2103] KVM: Enable storage key checking for intercepted instructionis

Therefore, closing this bug as duplicate of BZ193314 - LP#193317
Changing Status: -> REJECTED / DUPLICATE of 193314

*** This bug has been marked as a duplicate of bug 193314 ***

Frank Heimes (fheimes)
Changed in linux (Ubuntu):
status: Incomplete → Fix Released
Changed in ubuntu-z-systems:
status: Incomplete → Fix Released
Frank Heimes (fheimes)
information type: Private → Public
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.