From patchwork Fri Nov 29 09:47:57 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Janosch Frank X-Patchwork-Id: 11266819 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 06712921 for ; Fri, 29 Nov 2019 10:06:42 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id C97AA206E0 for ; Fri, 29 Nov 2019 10:06:41 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C97AA206E0 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.ibm.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Received: from localhost ([::1]:56614 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iadAf-00072D-0V for patchwork-qemu-devel@patchwork.kernel.org; Fri, 29 Nov 2019 05:06:41 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:47728) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iactK-0002q8-Jv for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:48 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iactE-0003ev-RJ for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:45 -0500 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:9818 helo=mx0a-001b2d01.pphosted.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iactE-0003N6-Kh for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:40 -0500 Received: from pps.filterd (m0098417.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xAT9mZCC089256 for ; Fri, 29 Nov 2019 04:48:37 -0500 Received: from e06smtp01.uk.ibm.com (e06smtp01.uk.ibm.com [195.75.94.97]) by mx0a-001b2d01.pphosted.com with ESMTP id 2whcxskxqc-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 29 Nov 2019 04:48:36 -0500 Received: from localhost by e06smtp01.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 29 Nov 2019 09:48:26 -0000 Received: from b06cxnps3075.portsmouth.uk.ibm.com (9.149.109.195) by e06smtp01.uk.ibm.com (192.168.101.131) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 29 Nov 2019 09:48:23 -0000 Received: from d06av23.portsmouth.uk.ibm.com (d06av23.portsmouth.uk.ibm.com [9.149.105.59]) by b06cxnps3075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xAT9mLS158720480 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Nov 2019 09:48:21 GMT Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id B2707A4051; Fri, 29 Nov 2019 09:48:21 +0000 (GMT) Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id CC673A4057; Fri, 29 Nov 2019 09:48:19 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.188.128]) by d06av23.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 29 Nov 2019 09:48:19 +0000 (GMT) From: Janosch Frank To: qemu-devel@nongnu.org Subject: [PATCH v2 01/13] s390x: protvirt: Add diag308 subcodes 8 - 10 Date: Fri, 29 Nov 2019 04:47:57 -0500 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191129094809.26684-1-frankja@linux.ibm.com> References: <20191129094809.26684-1-frankja@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19112909-4275-0000-0000-00000387EFC8 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19112909-4276-0000-0000-0000389B844F Message-Id: <20191129094809.26684-2-frankja@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-11-29_02:2019-11-29,2019-11-29 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=999 malwarescore=0 impostorscore=0 clxscore=1015 adultscore=0 suspectscore=3 phishscore=0 spamscore=0 lowpriorityscore=0 bulkscore=0 priorityscore=1501 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1911290086 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.158.5 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: thuth@redhat.com, pmorel@linux.ibm.com, david@redhat.com, cohuck@redhat.com, borntraeger@de.ibm.com, qemu-s390x@nongnu.org, mihajlov@linux.ibm.com Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" For diag308 subcodes 8 - 10 we have a new ipib of type 5. The ipib holds the address and length of the secure execution header, as well as a list of guest components. Each component is a block of memory, for example kernel or initrd, which needs to be decrypted by the Ultravisor in order to run a protected VM. The secure execution header instructs the Ultravisor on how to handle the protected VM and its components. Subcodes 8 and 9 are similiar to 5 and 6 and subcode 10 will finally start the protected guest. Subcodes 8-10 are not valid in protected mode, we have to do a subcode 3 and then the 8 and 10 combination for a protected reboot. Signed-off-by: Janosch Frank --- hw/s390x/ipl.c | 48 ++++++++++++++++++++++++++++++++++++++++++--- hw/s390x/ipl.h | 33 +++++++++++++++++++++++++++++++ target/s390x/diag.c | 26 ++++++++++++++++++++++-- 3 files changed, 102 insertions(+), 5 deletions(-) diff --git a/hw/s390x/ipl.c b/hw/s390x/ipl.c index ca544d64c5..a077926f36 100644 --- a/hw/s390x/ipl.c +++ b/hw/s390x/ipl.c @@ -529,15 +529,56 @@ static bool is_virtio_scsi_device(IplParameterBlock *iplb) return is_virtio_ccw_device_of_type(iplb, VIRTIO_ID_SCSI); } +int s390_ipl_pv_check_comp(IplParameterBlock *iplb) +{ + int i; + IPLBlockPV *ipib_pv = &iplb->pv; + + if (ipib_pv->num_comp == 0) { + return -EINVAL; + } + + for (i = 0; i < ipib_pv->num_comp; i++) { + + /* Addr must be 4k aligned */ + if (ipib_pv->components[i].addr & ~TARGET_PAGE_MASK) { + return -EINVAL; + } + + /* Tweak prefix is monotonously increasing with each component */ + if (i < ipib_pv->num_comp - 1 && + ipib_pv->components[i].tweak_pref > + ipib_pv->components[i + 1].tweak_pref) { + return -EINVAL; + } + } + return 1; +} + void s390_ipl_update_diag308(IplParameterBlock *iplb) { S390IPLState *ipl = get_ipl_device(); - ipl->iplb = *iplb; - ipl->iplb_valid = true; + if (iplb->pbt == 5) { + ipl->iplb_pbt5 = *iplb; + ipl->iplb_valid_pbt5 = true; + } else { + ipl->iplb = *iplb; + ipl->iplb_valid = true; + } ipl->netboot = is_virtio_net_device(iplb); } +IplParameterBlock *s390_ipl_get_iplb_secure(void) +{ + S390IPLState *ipl = get_ipl_device(); + + if (!ipl->iplb_valid_pbt5) { + return NULL; + } + return &ipl->iplb_pbt5; +} + IplParameterBlock *s390_ipl_get_iplb(void) { S390IPLState *ipl = get_ipl_device(); @@ -552,7 +593,8 @@ void s390_ipl_reset_request(CPUState *cs, enum s390_reset reset_type) { S390IPLState *ipl = get_ipl_device(); - if (reset_type == S390_RESET_EXTERNAL || reset_type == S390_RESET_REIPL) { + if (reset_type == S390_RESET_EXTERNAL || reset_type == S390_RESET_REIPL || + reset_type == S390_RESET_PV) { /* use CPU 0 for full resets */ ipl->reset_cpu_index = 0; } else { diff --git a/hw/s390x/ipl.h b/hw/s390x/ipl.h index d4813105db..7b8a493509 100644 --- a/hw/s390x/ipl.h +++ b/hw/s390x/ipl.h @@ -15,6 +15,24 @@ #include "cpu.h" #include "hw/qdev-core.h" +struct IPLBlockPVComp { + uint64_t tweak_pref; + uint64_t addr; + uint64_t size; +} QEMU_PACKED; +typedef struct IPLBlockPVComp IPLBlockPVComp; + +struct IPLBlockPV { + uint8_t reserved[84]; + uint8_t reserved67[3]; + uint8_t version; + uint32_t num_comp; + uint64_t pv_header_addr; + uint64_t pv_header_len; + struct IPLBlockPVComp components[]; +} QEMU_PACKED; +typedef struct IPLBlockPV IPLBlockPV; + struct IplBlockCcw { uint8_t reserved0[85]; uint8_t ssid; @@ -71,6 +89,7 @@ union IplParameterBlock { union { IplBlockCcw ccw; IplBlockFcp fcp; + IPLBlockPV pv; IplBlockQemuScsi scsi; }; } QEMU_PACKED; @@ -84,9 +103,11 @@ union IplParameterBlock { typedef union IplParameterBlock IplParameterBlock; int s390_ipl_set_loadparm(uint8_t *loadparm); +int s390_ipl_pv_check_comp(IplParameterBlock *iplb); void s390_ipl_update_diag308(IplParameterBlock *iplb); void s390_ipl_prepare_cpu(S390CPU *cpu); IplParameterBlock *s390_ipl_get_iplb(void); +IplParameterBlock *s390_ipl_get_iplb_secure(void); enum s390_reset { /* default is a reset not triggered by a CPU e.g. issued by QMP */ @@ -94,6 +115,7 @@ enum s390_reset { S390_RESET_REIPL, S390_RESET_MODIFIED_CLEAR, S390_RESET_LOAD_NORMAL, + S390_RESET_PV, }; void s390_ipl_reset_request(CPUState *cs, enum s390_reset reset_type); void s390_ipl_get_reset_request(CPUState **cs, enum s390_reset *reset_type); @@ -133,6 +155,7 @@ struct S390IPLState { /*< private >*/ DeviceState parent_obj; IplParameterBlock iplb; + IplParameterBlock iplb_pbt5; QemuIplParameters qipl; uint64_t start_addr; uint64_t compat_start_addr; @@ -140,6 +163,7 @@ struct S390IPLState { uint64_t compat_bios_start_addr; bool enforce_bios; bool iplb_valid; + bool iplb_valid_pbt5; bool netboot; /* reset related properties don't have to be migrated or reset */ enum s390_reset reset_type; @@ -161,9 +185,11 @@ QEMU_BUILD_BUG_MSG(offsetof(S390IPLState, iplb) & 3, "alignment of iplb wrong"); #define S390_IPL_TYPE_FCP 0x00 #define S390_IPL_TYPE_CCW 0x02 +#define S390_IPL_TYPE_PV 0x05 #define S390_IPL_TYPE_QEMU_SCSI 0xff #define S390_IPLB_HEADER_LEN 8 +#define S390_IPLB_MIN_PV_LEN 148 #define S390_IPLB_MIN_CCW_LEN 200 #define S390_IPLB_MIN_FCP_LEN 384 #define S390_IPLB_MIN_QEMU_SCSI_LEN 200 @@ -185,4 +211,11 @@ static inline bool iplb_valid_fcp(IplParameterBlock *iplb) iplb->pbt == S390_IPL_TYPE_FCP; } +static inline bool iplb_valid_se(IplParameterBlock *iplb) +{ + return be32_to_cpu(iplb->len) >= S390_IPLB_MIN_PV_LEN && + iplb->pbt == S390_IPL_TYPE_PV; +} + + #endif diff --git a/target/s390x/diag.c b/target/s390x/diag.c index b5aec06d6b..112a6c92e0 100644 --- a/target/s390x/diag.c +++ b/target/s390x/diag.c @@ -52,6 +52,8 @@ int handle_diag_288(CPUS390XState *env, uint64_t r1, uint64_t r3) #define DIAG_308_RC_OK 0x0001 #define DIAG_308_RC_NO_CONF 0x0102 #define DIAG_308_RC_INVALID 0x0402 +#define DIAG_308_RC_NO_PV_CONF 0x0a02 +#define DIAG_308_RC_INV_FOR_PV 0x0b02 #define DIAG308_RESET_MOD_CLR 0 #define DIAG308_RESET_LOAD_NORM 1 @@ -59,6 +61,9 @@ int handle_diag_288(CPUS390XState *env, uint64_t r1, uint64_t r3) #define DIAG308_LOAD_NORMAL_DUMP 4 #define DIAG308_SET 5 #define DIAG308_STORE 6 +#define DIAG308_PV_SET 8 +#define DIAG308_PV_STORE 9 +#define DIAG308_PV_START 10 static int diag308_parm_check(CPUS390XState *env, uint64_t r1, uint64_t addr, uintptr_t ra, bool write) @@ -105,6 +110,7 @@ void handle_diag_308(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra) s390_ipl_reset_request(cs, S390_RESET_REIPL); break; case DIAG308_SET: + case DIAG308_PV_SET: if (diag308_parm_check(env, r1, addr, ra, false)) { return; } @@ -117,7 +123,8 @@ void handle_diag_308(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra) cpu_physical_memory_read(addr, iplb, be32_to_cpu(iplb->len)); - if (!iplb_valid_ccw(iplb) && !iplb_valid_fcp(iplb)) { + if (!iplb_valid_ccw(iplb) && !iplb_valid_fcp(iplb) && + !(iplb_valid_se(iplb) && s390_ipl_pv_check_comp(iplb) >= 0)) { env->regs[r1 + 1] = DIAG_308_RC_INVALID; goto out; } @@ -128,10 +135,15 @@ out: g_free(iplb); return; case DIAG308_STORE: + case DIAG308_PV_STORE: if (diag308_parm_check(env, r1, addr, ra, true)) { return; } - iplb = s390_ipl_get_iplb(); + if (subcode == DIAG308_PV_STORE) { + iplb = s390_ipl_get_iplb_secure(); + } else { + iplb = s390_ipl_get_iplb(); + } if (iplb) { cpu_physical_memory_write(addr, iplb, be32_to_cpu(iplb->len)); env->regs[r1 + 1] = DIAG_308_RC_OK; @@ -139,6 +151,16 @@ out: env->regs[r1 + 1] = DIAG_308_RC_NO_CONF; } return; + break; + case DIAG308_PV_START: + iplb = s390_ipl_get_iplb_secure(); + if (!iplb_valid_se(iplb)) { + env->regs[r1 + 1] = DIAG_308_RC_NO_PV_CONF; + return; + } + + s390_ipl_reset_request(cs, S390_RESET_PV); + break; default: s390_program_interrupt(env, PGM_SPECIFICATION, ra); break; From patchwork Fri Nov 29 09:47:58 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Janosch Frank X-Patchwork-Id: 11266823 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id B74AE6C1 for ; Fri, 29 Nov 2019 10:08:21 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 97BA0217F5 for ; Fri, 29 Nov 2019 10:08:21 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 97BA0217F5 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.ibm.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Received: from localhost ([::1]:56626 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iadCG-00005E-JN for patchwork-qemu-devel@patchwork.kernel.org; Fri, 29 Nov 2019 05:08:20 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:47405) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iactF-0002m8-J1 for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:42 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iactD-0003Xf-Ec for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:40 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:46600) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iactD-0003TD-5u for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:39 -0500 Received: from pps.filterd (m0098404.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xAT9mc8M095515 for ; Fri, 29 Nov 2019 04:48:38 -0500 Received: from e06smtp04.uk.ibm.com (e06smtp04.uk.ibm.com [195.75.94.100]) by mx0a-001b2d01.pphosted.com with ESMTP id 2wje2jh0p0-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 29 Nov 2019 04:48:37 -0500 Received: from localhost by e06smtp04.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 29 Nov 2019 09:48:27 -0000 Received: from b06avi18626390.portsmouth.uk.ibm.com (9.149.26.192) by e06smtp04.uk.ibm.com (192.168.101.134) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 29 Nov 2019 09:48:25 -0000 Received: from d06av23.portsmouth.uk.ibm.com (d06av23.portsmouth.uk.ibm.com [9.149.105.59]) by b06avi18626390.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xAT9liHR48890280 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Nov 2019 09:47:44 GMT Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0C7F6A4040; Fri, 29 Nov 2019 09:48:24 +0000 (GMT) Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 10279A4051; Fri, 29 Nov 2019 09:48:22 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.188.128]) by d06av23.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 29 Nov 2019 09:48:21 +0000 (GMT) From: Janosch Frank To: qemu-devel@nongnu.org Subject: [PATCH v2 02/13] Header sync protvirt Date: Fri, 29 Nov 2019 04:47:58 -0500 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191129094809.26684-1-frankja@linux.ibm.com> References: <20191129094809.26684-1-frankja@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19112909-0016-0000-0000-000002CDD4F6 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19112909-0017-0000-0000-0000332FBEDD Message-Id: <20191129094809.26684-3-frankja@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-11-29_02:2019-11-29,2019-11-29 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 suspectscore=1 spamscore=0 clxscore=1015 lowpriorityscore=0 priorityscore=1501 impostorscore=0 phishscore=0 adultscore=0 mlxlogscore=999 malwarescore=0 mlxscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1911290086 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.156.1 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: thuth@redhat.com, pmorel@linux.ibm.com, david@redhat.com, cohuck@redhat.com, borntraeger@de.ibm.com, qemu-s390x@nongnu.org, mihajlov@linux.ibm.com Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" Let's sync all the protvirt header changes Signed-off-by: Janosch Frank --- linux-headers/linux/kvm.h | 42 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h index 3d9b18f7f8..4448d59960 100644 --- a/linux-headers/linux/kvm.h +++ b/linux-headers/linux/kvm.h @@ -1000,6 +1000,8 @@ struct kvm_ppc_resize_hpt { #define KVM_CAP_PMU_EVENT_FILTER 173 #define KVM_CAP_ARM_IRQ_LINE_LAYOUT_2 174 #define KVM_CAP_HYPERV_DIRECT_TLBFLUSH 175 +#define KVM_CAP_S390_PROTECTED 180 +#define KVM_CAP_S390_VCPU_RESETS 181 #ifdef KVM_CAP_IRQ_ROUTING @@ -1461,6 +1463,46 @@ struct kvm_enc_region { /* Available with KVM_CAP_ARM_SVE */ #define KVM_ARM_VCPU_FINALIZE _IOW(KVMIO, 0xc2, int) +struct kvm_s390_pv_sec_parm { + __u64 origin; + __u64 length; +}; + +struct kvm_s390_pv_unp { + __u64 addr; + __u64 size; + __u64 tweak; +}; + +enum pv_cmd_id { + KVM_PV_VM_CREATE, + KVM_PV_VM_DESTROY, + KVM_PV_VM_SET_SEC_PARMS, + KVM_PV_VM_UNPACK, + KVM_PV_VM_VERIFY, + KVM_PV_VM_PERF_CLEAR_RESET, + KVM_PV_VM_UNSHARE, + KVM_PV_VCPU_CREATE, + KVM_PV_VCPU_DESTROY, +}; + +struct kvm_pv_cmd { + __u32 cmd; + __u16 rc; + __u16 rrc; + __u64 data; +}; + +/* Available with KVM_CAP_S390_PROTECTED */ +#define KVM_S390_PV_COMMAND _IOW(KVMIO, 0xc3, struct kvm_pv_cmd) +#define KVM_S390_PV_COMMAND_VCPU _IOW(KVMIO, 0xc4, struct kvm_pv_cmd) + +#define KVM_S390_VCPU_RESET_NORMAL 0 +#define KVM_S390_VCPU_RESET_INITIAL 1 +#define KVM_S390_VCPU_RESET_CLEAR 2 + +#define KVM_S390_VCPU_RESET _IO(KVMIO, 0xc5) + /* Secure Encrypted Virtualization command */ enum sev_cmd_id { /* Guest initialization commands */ From patchwork Fri Nov 29 09:47:59 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Janosch Frank X-Patchwork-Id: 11266813 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 1D8B26C1 for ; Fri, 29 Nov 2019 10:01:54 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 9D8332176D for ; Fri, 29 Nov 2019 10:01:53 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 9D8332176D Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.ibm.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Received: from localhost ([::1]:56570 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iad5z-0003QF-AH for patchwork-qemu-devel@patchwork.kernel.org; Fri, 29 Nov 2019 05:01:51 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:47273) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iactD-0002k6-MD for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:42 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iactA-0003K9-Mw for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:38 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:39890) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iactA-00037S-C6 for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:36 -0500 Received: from pps.filterd (m0098396.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xAT9mWHv137717 for ; Fri, 29 Nov 2019 04:48:33 -0500 Received: from e06smtp04.uk.ibm.com (e06smtp04.uk.ibm.com [195.75.94.100]) by mx0a-001b2d01.pphosted.com with ESMTP id 2wjvfg8e5t-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 29 Nov 2019 04:48:33 -0500 Received: from localhost by e06smtp04.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 29 Nov 2019 09:48:30 -0000 Received: from b06cxnps4075.portsmouth.uk.ibm.com (9.149.109.197) by e06smtp04.uk.ibm.com (192.168.101.134) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 29 Nov 2019 09:48:28 -0000 Received: from d06av23.portsmouth.uk.ibm.com (d06av23.portsmouth.uk.ibm.com [9.149.105.59]) by b06cxnps4075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xAT9mQtM58392824 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Nov 2019 09:48:26 GMT Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 7BBBBA4040; Fri, 29 Nov 2019 09:48:26 +0000 (GMT) Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6C6D3A4053; Fri, 29 Nov 2019 09:48:24 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.188.128]) by d06av23.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 29 Nov 2019 09:48:24 +0000 (GMT) From: Janosch Frank To: qemu-devel@nongnu.org Subject: [PATCH v2 03/13] s390x: protvirt: Support unpack facility Date: Fri, 29 Nov 2019 04:47:59 -0500 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191129094809.26684-1-frankja@linux.ibm.com> References: <20191129094809.26684-1-frankja@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19112909-0016-0000-0000-000002CDD4F7 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19112909-0017-0000-0000-0000332FBEDF Message-Id: <20191129094809.26684-4-frankja@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-11-29_02:2019-11-29,2019-11-29 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 mlxlogscore=999 adultscore=0 clxscore=1015 spamscore=0 priorityscore=1501 suspectscore=3 lowpriorityscore=0 phishscore=0 bulkscore=0 malwarescore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1911290086 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.156.1 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: thuth@redhat.com, pmorel@linux.ibm.com, david@redhat.com, cohuck@redhat.com, borntraeger@de.ibm.com, qemu-s390x@nongnu.org, mihajlov@linux.ibm.com Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" When a guest has saved a ipib of type 5 and call diagnose308 with subcode 10, we have to setup the protected processing environment via Ultravisor calls. The calls are done by KVM and are exposed via an API. The following steps are necessary: 1. Create a VM (register it with the Ultravisor) 2. Create secure CPUs for all of our current cpus 3. Forward the secure header to the Ultravisor (has all information on how to decrypt the image and VM information) 4. Protect image pages from the host and decrypt them 5. Verify the image integrity Only after step 5 a protected VM is allowed to run. Signed-off-by: Janosch Frank --- hw/s390x/Makefile.objs | 1 + hw/s390x/ipl.c | 33 ++++++++ hw/s390x/ipl.h | 2 + hw/s390x/pv.c | 118 ++++++++++++++++++++++++++++ hw/s390x/pv.h | 26 ++++++ hw/s390x/s390-virtio-ccw.c | 26 ++++++ target/s390x/cpu_features_def.inc.h | 1 + 7 files changed, 207 insertions(+) create mode 100644 hw/s390x/pv.c create mode 100644 hw/s390x/pv.h diff --git a/hw/s390x/Makefile.objs b/hw/s390x/Makefile.objs index e02ed80b68..a46a1c7894 100644 --- a/hw/s390x/Makefile.objs +++ b/hw/s390x/Makefile.objs @@ -31,6 +31,7 @@ obj-y += tod-qemu.o obj-$(CONFIG_KVM) += tod-kvm.o obj-$(CONFIG_KVM) += s390-skeys-kvm.o obj-$(CONFIG_KVM) += s390-stattrib-kvm.o +obj-$(CONFIG_KVM) += pv.o obj-y += s390-ccw.o obj-y += ap-device.o obj-y += ap-bridge.o diff --git a/hw/s390x/ipl.c b/hw/s390x/ipl.c index a077926f36..50501fcd27 100644 --- a/hw/s390x/ipl.c +++ b/hw/s390x/ipl.c @@ -33,6 +33,7 @@ #include "qemu/cutils.h" #include "qemu/option.h" #include "exec/exec-all.h" +#include "pv.h" #define KERN_IMAGE_START 0x010000UL #define LINUX_MAGIC_ADDR 0x010008UL @@ -668,6 +669,38 @@ static void s390_ipl_prepare_qipl(S390CPU *cpu) cpu_physical_memory_unmap(addr, len, 1, len); } +int s390_ipl_prepare_pv_header(void) +{ + int rc; + IplParameterBlock *iplb = s390_ipl_get_iplb_secure(); + IPLBlockPV *ipib_pv = &iplb->pv; + void *hdr = g_malloc(ipib_pv->pv_header_len); + + cpu_physical_memory_read(ipib_pv->pv_header_addr, hdr, + ipib_pv->pv_header_len); + rc = s390_pv_set_sec_parms((uint64_t)hdr, + ipib_pv->pv_header_len); + g_free(hdr); + return rc; +} + +int s390_ipl_pv_unpack(void) +{ + int i, rc; + IplParameterBlock *iplb = s390_ipl_get_iplb_secure(); + IPLBlockPV *ipib_pv = &iplb->pv; + + for (i = 0; i < ipib_pv->num_comp; i++) { + rc = s390_pv_unpack(ipib_pv->components[i].addr, + TARGET_PAGE_ALIGN(ipib_pv->components[i].size), + ipib_pv->components[i].tweak_pref); + if (rc) { + return rc; + } + } + return rc; +} + void s390_ipl_prepare_cpu(S390CPU *cpu) { S390IPLState *ipl = get_ipl_device(); diff --git a/hw/s390x/ipl.h b/hw/s390x/ipl.h index 7b8a493509..e848602c16 100644 --- a/hw/s390x/ipl.h +++ b/hw/s390x/ipl.h @@ -105,6 +105,8 @@ typedef union IplParameterBlock IplParameterBlock; int s390_ipl_set_loadparm(uint8_t *loadparm); int s390_ipl_pv_check_comp(IplParameterBlock *iplb); void s390_ipl_update_diag308(IplParameterBlock *iplb); +int s390_ipl_prepare_pv_header(void); +int s390_ipl_pv_unpack(void); void s390_ipl_prepare_cpu(S390CPU *cpu); IplParameterBlock *s390_ipl_get_iplb(void); IplParameterBlock *s390_ipl_get_iplb_secure(void); diff --git a/hw/s390x/pv.c b/hw/s390x/pv.c new file mode 100644 index 0000000000..0218070322 --- /dev/null +++ b/hw/s390x/pv.c @@ -0,0 +1,118 @@ +/* + * Secure execution functions + * + * Copyright IBM Corp. 2019 + * Author(s): + * Janosch Frank + * + * This work is licensed under the terms of the GNU GPL, version 2 or (at + * your option) any later version. See the COPYING file in the top-level + * directory. + */ +#include "qemu/osdep.h" +#include + +#include + +#include "qemu/error-report.h" +#include "sysemu/kvm.h" +#include "pv.h" + +static int s390_pv_cmd(uint32_t cmd, void *data) +{ + int rc; + struct kvm_pv_cmd pv_cmd = { + .cmd = cmd, + .data = (uint64_t)data, + }; + + rc = kvm_vm_ioctl(kvm_state, KVM_S390_PV_COMMAND, &pv_cmd); + if (rc) { + error_report("KVM PV command failed cmd: %d rc: %d", cmd, rc); + exit(1); + } + return rc; +} + +static int s390_pv_cmd_vcpu(CPUState *cs, uint32_t cmd, void *data) +{ + int rc; + struct kvm_pv_cmd pv_cmd = { + .cmd = cmd, + .data = (uint64_t)data, + }; + + rc = kvm_vcpu_ioctl(cs, KVM_S390_PV_COMMAND_VCPU, &pv_cmd); + if (rc) { + error_report("KVM PV VCPU command failed cmd: %d rc: %d", cmd, rc); + exit(1); + } + return rc; +} + +int s390_pv_vm_create(void) +{ + return s390_pv_cmd(KVM_PV_VM_CREATE, NULL); +} + +int s390_pv_vm_destroy(void) +{ + return s390_pv_cmd(KVM_PV_VM_DESTROY, NULL); +} + +int s390_pv_vcpu_create(CPUState *cs) +{ + return s390_pv_cmd_vcpu(cs, KVM_PV_VCPU_CREATE, NULL); +} + +int s390_pv_vcpu_destroy(CPUState *cs) +{ + S390CPU *cpu = S390_CPU(cs); + CPUS390XState *env = &cpu->env; + int rc; + + rc = s390_pv_cmd_vcpu(cs, KVM_PV_VCPU_DESTROY, NULL); + if (!rc) { + env->pv = false; + } + return rc; +} + +int s390_pv_set_sec_parms(uint64_t origin, uint64_t length) +{ + struct kvm_s390_pv_sec_parm args = { + .origin = origin, + .length = length, + }; + + return s390_pv_cmd(KVM_PV_VM_SET_SEC_PARMS, &args); +} + +/* + * Called for each component in the SE type IPL parameter block 0. + */ +int s390_pv_unpack(uint64_t addr, uint64_t size, uint64_t tweak) +{ + struct kvm_s390_pv_unp args = { + .addr = addr, + .size = size, + .tweak = tweak, + }; + + return s390_pv_cmd(KVM_PV_VM_UNPACK, &args); +} + +int s390_pv_perf_clear_reset(void) +{ + return s390_pv_cmd(KVM_PV_VM_PERF_CLEAR_RESET, NULL); +} + +int s390_pv_verify(void) +{ + return s390_pv_cmd(KVM_PV_VM_VERIFY, NULL); +} + +int s390_pv_unshare(void) +{ + return s390_pv_cmd(KVM_PV_VM_UNSHARE, NULL); +} diff --git a/hw/s390x/pv.h b/hw/s390x/pv.h new file mode 100644 index 0000000000..eb074e4bc9 --- /dev/null +++ b/hw/s390x/pv.h @@ -0,0 +1,26 @@ +/* + * Protected Virtualization header + * + * Copyright IBM Corp. 2019 + * Author(s): + * Janosch Frank + * + * This work is licensed under the terms of the GNU GPL, version 2 or (at + * your option) any later version. See the COPYING file in the top-level + * directory. + */ + +#ifndef HW_S390_PV_H +#define HW_S390_PV_H + +int s390_pv_vm_create(void); +int s390_pv_vm_destroy(void); +int s390_pv_vcpu_destroy(CPUState *cs); +int s390_pv_vcpu_create(CPUState *cs); +int s390_pv_set_sec_parms(uint64_t origin, uint64_t length); +int s390_pv_unpack(uint64_t addr, uint64_t size, uint64_t tweak); +int s390_pv_perf_clear_reset(void); +int s390_pv_verify(void); +int s390_pv_unshare(void); + +#endif /* HW_S390_PV_H */ diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c index c1d1440272..f9481ccace 100644 --- a/hw/s390x/s390-virtio-ccw.c +++ b/hw/s390x/s390-virtio-ccw.c @@ -41,6 +41,7 @@ #include "hw/qdev-properties.h" #include "hw/s390x/tod.h" #include "sysemu/sysemu.h" +#include "hw/s390x/pv.h" S390CPU *s390_cpu_addr2state(uint16_t cpu_addr) { @@ -322,6 +323,7 @@ static void s390_machine_reset(MachineState *machine) { enum s390_reset reset_type; CPUState *cs, *t; + S390CPU *cpu; /* get the reset parameters, reset them once done */ s390_ipl_get_reset_request(&cs, &reset_type); @@ -329,6 +331,8 @@ static void s390_machine_reset(MachineState *machine) /* all CPUs are paused and synchronized at this point */ s390_cmma_reset(); + cpu = S390_CPU(cs); + switch (reset_type) { case S390_RESET_EXTERNAL: case S390_RESET_REIPL: @@ -357,6 +361,28 @@ static void s390_machine_reset(MachineState *machine) run_on_cpu(cs, s390_do_cpu_initial_reset, RUN_ON_CPU_NULL); run_on_cpu(cs, s390_do_cpu_load_normal, RUN_ON_CPU_NULL); break; + case S390_RESET_PV: /* Subcode 10 */ + subsystem_reset(); + s390_crypto_reset(); + + CPU_FOREACH(t) { + run_on_cpu(t, s390_do_cpu_full_reset, RUN_ON_CPU_NULL); + } + + /* Create SE VM */ + s390_pv_vm_create(); + CPU_FOREACH(t) { + s390_pv_vcpu_create(t); + } + + /* Set SE header and unpack */ + s390_ipl_prepare_pv_header(); + /* Decrypt image */ + s390_ipl_pv_unpack(); + /* Verify integrity */ + s390_pv_verify(); + s390_cpu_set_state(S390_CPU_STATE_OPERATING, cpu); + break; default: g_assert_not_reached(); } diff --git a/target/s390x/cpu_features_def.inc.h b/target/s390x/cpu_features_def.inc.h index 31dff0d84e..60db28351d 100644 --- a/target/s390x/cpu_features_def.inc.h +++ b/target/s390x/cpu_features_def.inc.h @@ -107,6 +107,7 @@ DEF_FEAT(DEFLATE_BASE, "deflate-base", STFL, 151, "Deflate-conversion facility ( DEF_FEAT(VECTOR_PACKED_DECIMAL_ENH, "vxpdeh", STFL, 152, "Vector-Packed-Decimal-Enhancement Facility") DEF_FEAT(MSA_EXT_9, "msa9-base", STFL, 155, "Message-security-assist-extension-9 facility (excluding subfunctions)") DEF_FEAT(ETOKEN, "etoken", STFL, 156, "Etoken facility") +DEF_FEAT(UNPACK, "unpack", STFL, 161, "Unpack facility") /* Features exposed via SCLP SCCB Byte 80 - 98 (bit numbers relative to byte-80) */ DEF_FEAT(SIE_GSLS, "gsls", SCLP_CONF_CHAR, 40, "SIE: Guest-storage-limit-suppression facility") From patchwork Fri Nov 29 09:48:00 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Janosch Frank X-Patchwork-Id: 11266817 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 79BD4921 for ; Fri, 29 Nov 2019 10:06:33 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 59253217AB for ; Fri, 29 Nov 2019 10:06:33 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 59253217AB Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.ibm.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Received: from localhost ([::1]:56612 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iadAW-0006un-Gd for patchwork-qemu-devel@patchwork.kernel.org; Fri, 29 Nov 2019 05:06:32 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:47315) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iactD-0002kM-6f for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:41 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iactB-0003QA-Vc for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:39 -0500 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:22240 helo=mx0a-001b2d01.pphosted.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iactB-0003CT-Mr for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:37 -0500 Received: from pps.filterd (m0098421.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xAT9mXtm032517 for ; Fri, 29 Nov 2019 04:48:35 -0500 Received: from e06smtp03.uk.ibm.com (e06smtp03.uk.ibm.com [195.75.94.99]) by mx0a-001b2d01.pphosted.com with ESMTP id 2wjp2eht3w-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 29 Nov 2019 04:48:34 -0500 Received: from localhost by e06smtp03.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 29 Nov 2019 09:48:32 -0000 Received: from b06cxnps3075.portsmouth.uk.ibm.com (9.149.109.195) by e06smtp03.uk.ibm.com (192.168.101.133) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 29 Nov 2019 09:48:30 -0000 Received: from d06av23.portsmouth.uk.ibm.com (d06av23.portsmouth.uk.ibm.com [9.149.105.59]) by b06cxnps3075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xAT9mSHU58720504 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Nov 2019 09:48:28 GMT Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D3A83A4051; Fri, 29 Nov 2019 09:48:28 +0000 (GMT) Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id DC4C4A404D; Fri, 29 Nov 2019 09:48:26 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.188.128]) by d06av23.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 29 Nov 2019 09:48:26 +0000 (GMT) From: Janosch Frank To: qemu-devel@nongnu.org Subject: [PATCH v2 04/13] s390x: protvirt: Handle diag 308 subcodes 0,1,3,4 Date: Fri, 29 Nov 2019 04:48:00 -0500 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191129094809.26684-1-frankja@linux.ibm.com> References: <20191129094809.26684-1-frankja@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19112909-0012-0000-0000-0000036DD310 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19112909-0013-0000-0000-000021A98338 Message-Id: <20191129094809.26684-5-frankja@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-11-29_02:2019-11-29,2019-11-29 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxlogscore=951 lowpriorityscore=0 priorityscore=1501 impostorscore=0 bulkscore=0 phishscore=0 malwarescore=0 clxscore=1015 suspectscore=1 spamscore=0 mlxscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1911290086 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.158.5 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: thuth@redhat.com, pmorel@linux.ibm.com, david@redhat.com, cohuck@redhat.com, borntraeger@de.ibm.com, qemu-s390x@nongnu.org, mihajlov@linux.ibm.com Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" Now that we know the protection state off the cpus, we can start handling all diag 308 subcodes in the protected state. For subcodes 0 and 1 we need to unshare all pages before continuing, so the guest doesn't accidentally expose data when dumping. For subcode 3/4 we tear down the protected VM and reboot into unprotected mode. We do not provide a secure reboot. Before we can do the unshare calls, we need to mark all cpus as stopped. Signed-off-by: Janosch Frank --- hw/s390x/s390-virtio-ccw.c | 31 ++++++++++++++++++++++++++++--- target/s390x/diag.c | 4 ++++ 2 files changed, 32 insertions(+), 3 deletions(-) diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c index f9481ccace..e2a302398d 100644 --- a/hw/s390x/s390-virtio-ccw.c +++ b/hw/s390x/s390-virtio-ccw.c @@ -319,11 +319,26 @@ static inline void s390_do_cpu_ipl(CPUState *cs, run_on_cpu_data arg) s390_cpu_set_state(S390_CPU_STATE_OPERATING, cpu); } +static void s390_pv_prepare_reset(CPUS390XState *env) +{ + CPUState *cs; + + if (!env->pv) { + return; + } + CPU_FOREACH(cs) { + s390_cpu_set_state(S390_CPU_STATE_STOPPED, S390_CPU(cs)); + } + s390_pv_unshare(); + s390_pv_perf_clear_reset(); +} + static void s390_machine_reset(MachineState *machine) { enum s390_reset reset_type; CPUState *cs, *t; S390CPU *cpu; + CPUS390XState *env; /* get the reset parameters, reset them once done */ s390_ipl_get_reset_request(&cs, &reset_type); @@ -332,10 +347,18 @@ static void s390_machine_reset(MachineState *machine) s390_cmma_reset(); cpu = S390_CPU(cs); + env = &cpu->env; switch (reset_type) { case S390_RESET_EXTERNAL: case S390_RESET_REIPL: + if (env->pv) { + CPU_FOREACH(t) { + s390_pv_vcpu_destroy(t); + } + s390_pv_vm_destroy(); + } + qemu_devices_reset(); s390_crypto_reset(); @@ -343,21 +366,23 @@ static void s390_machine_reset(MachineState *machine) run_on_cpu(cs, s390_do_cpu_ipl, RUN_ON_CPU_NULL); break; case S390_RESET_MODIFIED_CLEAR: + subsystem_reset(); + s390_crypto_reset(); + s390_pv_prepare_reset(env); CPU_FOREACH(t) { run_on_cpu(t, s390_do_cpu_full_reset, RUN_ON_CPU_NULL); } - subsystem_reset(); - s390_crypto_reset(); run_on_cpu(cs, s390_do_cpu_load_normal, RUN_ON_CPU_NULL); break; case S390_RESET_LOAD_NORMAL: + subsystem_reset(); + s390_pv_prepare_reset(env); CPU_FOREACH(t) { if (t == cs) { continue; } run_on_cpu(t, s390_do_cpu_reset, RUN_ON_CPU_NULL); } - subsystem_reset(); run_on_cpu(cs, s390_do_cpu_initial_reset, RUN_ON_CPU_NULL); run_on_cpu(cs, s390_do_cpu_load_normal, RUN_ON_CPU_NULL); break; diff --git a/target/s390x/diag.c b/target/s390x/diag.c index 112a6c92e0..5489fc721a 100644 --- a/target/s390x/diag.c +++ b/target/s390x/diag.c @@ -68,6 +68,10 @@ int handle_diag_288(CPUS390XState *env, uint64_t r1, uint64_t r3) static int diag308_parm_check(CPUS390XState *env, uint64_t r1, uint64_t addr, uintptr_t ra, bool write) { + /* Handled by the Ultravisor */ + if (env->pv) { + return 0; + } if ((r1 & 1) || (addr & ~TARGET_PAGE_MASK)) { s390_program_interrupt(env, PGM_SPECIFICATION, ra); return -1; From patchwork Fri Nov 29 09:48:01 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Janosch Frank X-Patchwork-Id: 11266811 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 53FCB6C1 for ; Fri, 29 Nov 2019 10:01:41 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 33FB22176D for ; Fri, 29 Nov 2019 10:01:41 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 33FB22176D Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.ibm.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Received: from localhost ([::1]:56568 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iad5o-0003E5-9n for patchwork-qemu-devel@patchwork.kernel.org; Fri, 29 Nov 2019 05:01:40 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:47341) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iactF-0002kk-IN for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:42 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iactC-0003Rr-8v for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:39 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:39576) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iactB-0003Mt-VJ for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:38 -0500 Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xAT9mWFO109979 for ; Fri, 29 Nov 2019 04:48:37 -0500 Received: from e06smtp03.uk.ibm.com (e06smtp03.uk.ibm.com [195.75.94.99]) by mx0a-001b2d01.pphosted.com with ESMTP id 2wjuwh1duf-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 29 Nov 2019 04:48:36 -0500 Received: from localhost by e06smtp03.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 29 Nov 2019 09:48:34 -0000 Received: from b06avi18626390.portsmouth.uk.ibm.com (9.149.26.192) by e06smtp03.uk.ibm.com (192.168.101.133) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 29 Nov 2019 09:48:32 -0000 Received: from d06av23.portsmouth.uk.ibm.com (d06av23.portsmouth.uk.ibm.com [9.149.105.59]) by b06avi18626390.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xAT9lpJ548890302 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Nov 2019 09:47:51 GMT Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 1B7A2A4051; Fri, 29 Nov 2019 09:48:31 +0000 (GMT) Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 3ECD9A4040; Fri, 29 Nov 2019 09:48:29 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.188.128]) by d06av23.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 29 Nov 2019 09:48:29 +0000 (GMT) From: Janosch Frank To: qemu-devel@nongnu.org Subject: [PATCH v2 05/13] s390x: protvirt: Add pv state to cpu env Date: Fri, 29 Nov 2019 04:48:01 -0500 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191129094809.26684-1-frankja@linux.ibm.com> References: <20191129094809.26684-1-frankja@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19112909-0012-0000-0000-0000036DD311 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19112909-0013-0000-0000-000021A98339 Message-Id: <20191129094809.26684-6-frankja@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-11-29_02:2019-11-29,2019-11-29 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 spamscore=0 impostorscore=0 priorityscore=1501 adultscore=0 mlxscore=0 bulkscore=0 suspectscore=1 clxscore=1015 malwarescore=0 mlxlogscore=999 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1911290086 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.156.1 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: thuth@redhat.com, pmorel@linux.ibm.com, david@redhat.com, cohuck@redhat.com, borntraeger@de.ibm.com, qemu-s390x@nongnu.org, mihajlov@linux.ibm.com Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" We need to know if we run in pv state or not when emulating instructions. Signed-off-by: Janosch Frank --- hw/s390x/s390-virtio-ccw.c | 2 ++ target/s390x/cpu.h | 1 + 2 files changed, 3 insertions(+) diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c index e2a302398d..6fcd695b81 100644 --- a/hw/s390x/s390-virtio-ccw.c +++ b/hw/s390x/s390-virtio-ccw.c @@ -357,6 +357,7 @@ static void s390_machine_reset(MachineState *machine) s390_pv_vcpu_destroy(t); } s390_pv_vm_destroy(); + env->pv = false; } qemu_devices_reset(); @@ -406,6 +407,7 @@ static void s390_machine_reset(MachineState *machine) s390_ipl_pv_unpack(); /* Verify integrity */ s390_pv_verify(); + env->pv = true; s390_cpu_set_state(S390_CPU_STATE_OPERATING, cpu); break; default: diff --git a/target/s390x/cpu.h b/target/s390x/cpu.h index d2af13b345..43e6c286d2 100644 --- a/target/s390x/cpu.h +++ b/target/s390x/cpu.h @@ -116,6 +116,7 @@ struct CPUS390XState { /* Fields up to this point are cleared by a CPU reset */ struct {} end_reset_fields; + bool pv; /* protected virtualization */ #if !defined(CONFIG_USER_ONLY) uint32_t core_id; /* PoP "CPU address", same as cpu_index */ From patchwork Fri Nov 29 09:48:02 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Janosch Frank X-Patchwork-Id: 11266831 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4FD08139A for ; Fri, 29 Nov 2019 10:15:09 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 2FB2820833 for ; Fri, 29 Nov 2019 10:15:09 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 2FB2820833 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.ibm.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Received: from localhost ([::1]:56686 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iadIq-0004lM-Au for patchwork-qemu-devel@patchwork.kernel.org; Fri, 29 Nov 2019 05:15:08 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:47737) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iactL-0002qO-R2 for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:50 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iactI-0003xp-Ig for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:45 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:63840) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iactI-0003jT-B8 for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:44 -0500 Received: from pps.filterd (m0187473.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xAT9mPgJ117991 for ; Fri, 29 Nov 2019 04:48:41 -0500 Received: from e06smtp07.uk.ibm.com (e06smtp07.uk.ibm.com [195.75.94.103]) by mx0a-001b2d01.pphosted.com with ESMTP id 2wjah7fsy5-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 29 Nov 2019 04:48:40 -0500 Received: from localhost by e06smtp07.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 29 Nov 2019 09:48:37 -0000 Received: from b06cxnps4075.portsmouth.uk.ibm.com (9.149.109.197) by e06smtp07.uk.ibm.com (192.168.101.137) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 29 Nov 2019 09:48:34 -0000 Received: from d06av23.portsmouth.uk.ibm.com (d06av23.portsmouth.uk.ibm.com [9.149.105.59]) by b06cxnps4075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xAT9mXcH43319496 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Nov 2019 09:48:33 GMT Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 264DBA404D; Fri, 29 Nov 2019 09:48:33 +0000 (GMT) Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 7C987A4055; Fri, 29 Nov 2019 09:48:31 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.188.128]) by d06av23.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 29 Nov 2019 09:48:31 +0000 (GMT) From: Janosch Frank To: qemu-devel@nongnu.org Subject: [PATCH v2 06/13] s390x: protvirt: KVM intercept changes Date: Fri, 29 Nov 2019 04:48:02 -0500 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191129094809.26684-1-frankja@linux.ibm.com> References: <20191129094809.26684-1-frankja@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19112909-0028-0000-0000-000003C18C1E X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19112909-0029-0000-0000-000024849A19 Message-Id: <20191129094809.26684-7-frankja@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-11-29_02:2019-11-29,2019-11-29 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 malwarescore=0 mlxscore=0 suspectscore=1 impostorscore=0 clxscore=1015 bulkscore=0 adultscore=0 priorityscore=1501 mlxlogscore=984 phishscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1911290086 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.156.1 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: thuth@redhat.com, pmorel@linux.ibm.com, david@redhat.com, cohuck@redhat.com, borntraeger@de.ibm.com, qemu-s390x@nongnu.org, mihajlov@linux.ibm.com Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" Secure guests no longer intercept with code 4 for an instruction interception. Instead they have codes 104 and 108 for secure instruction interception and secure instruction notification respectively. The 104 mirrors the 4 interception. The 108 is a notification interception to let KVM and QEMU know that something changed and we need to update tracking information or perform specific tasks. It's currently taken for the following instructions: * stpx (To inform about the changed prefix location) * sclp (On incorrect SCCB values, so we can inject a IRQ) * sigp (All but "stop and store status") * diag308 (Subcodes 0/1) Signed-off-by: Janosch Frank --- target/s390x/kvm.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/target/s390x/kvm.c b/target/s390x/kvm.c index ad6e38c876..3d9c44ba9d 100644 --- a/target/s390x/kvm.c +++ b/target/s390x/kvm.c @@ -115,6 +115,8 @@ #define ICPT_CPU_STOP 0x28 #define ICPT_OPEREXC 0x2c #define ICPT_IO 0x40 +#define ICPT_PV_INSTR 0x68 +#define ICPT_PV_INSTR_NOTIFICATION 0x6c #define NR_LOCAL_IRQS 32 /* @@ -151,6 +153,7 @@ static int cap_s390_irq; static int cap_ri; static int cap_gs; static int cap_hpage_1m; +static int cap_protvirt; static int active_cmma; @@ -342,6 +345,7 @@ int kvm_arch_init(MachineState *ms, KVMState *s) cap_async_pf = kvm_check_extension(s, KVM_CAP_ASYNC_PF); cap_mem_op = kvm_check_extension(s, KVM_CAP_S390_MEM_OP); cap_s390_irq = kvm_check_extension(s, KVM_CAP_S390_INJECT_IRQ); + cap_protvirt = kvm_check_extension(s, KVM_CAP_S390_PROTECTED); if (!kvm_check_extension(s, KVM_CAP_S390_GMAP) || !kvm_check_extension(s, KVM_CAP_S390_COW)) { @@ -1664,6 +1668,8 @@ static int handle_intercept(S390CPU *cpu) (long)cs->kvm_run->psw_addr); switch (icpt_code) { case ICPT_INSTRUCTION: + case ICPT_PV_INSTR: + case ICPT_PV_INSTR_NOTIFICATION: r = handle_instruction(cpu, run); break; case ICPT_PROGRAM: From patchwork Fri Nov 29 09:48:03 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Janosch Frank X-Patchwork-Id: 11266883 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8DB77139A for ; Fri, 29 Nov 2019 10:21:52 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 6C84B215F1 for ; Fri, 29 Nov 2019 10:21:52 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 6C84B215F1 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.ibm.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Received: from localhost ([::1]:56774 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iadPL-0001xe-IO for patchwork-qemu-devel@patchwork.kernel.org; Fri, 29 Nov 2019 05:21:51 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:47960) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iactQ-0002uu-3B for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:54 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iactM-0004Fm-Nx for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:51 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:22232) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iactM-00043w-FI for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:48 -0500 Received: from pps.filterd (m0187473.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xAT9mQqD118027 for ; Fri, 29 Nov 2019 04:48:45 -0500 Received: from e06smtp07.uk.ibm.com (e06smtp07.uk.ibm.com [195.75.94.103]) by mx0a-001b2d01.pphosted.com with ESMTP id 2wjah7ft0n-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 29 Nov 2019 04:48:43 -0500 Received: from localhost by e06smtp07.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 29 Nov 2019 09:48:39 -0000 Received: from b06cxnps3075.portsmouth.uk.ibm.com (9.149.109.195) by e06smtp07.uk.ibm.com (192.168.101.137) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 29 Nov 2019 09:48:36 -0000 Received: from d06av23.portsmouth.uk.ibm.com (d06av23.portsmouth.uk.ibm.com [9.149.105.59]) by b06cxnps3075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xAT9mZ3A50266122 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Nov 2019 09:48:35 GMT Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 1FFB8A4040; Fri, 29 Nov 2019 09:48:35 +0000 (GMT) Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 7C774A404D; Fri, 29 Nov 2019 09:48:33 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.188.128]) by d06av23.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 29 Nov 2019 09:48:33 +0000 (GMT) From: Janosch Frank To: qemu-devel@nongnu.org Subject: [PATCH v2 07/13] s390x: protvirt: SCLP interpretation Date: Fri, 29 Nov 2019 04:48:03 -0500 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191129094809.26684-1-frankja@linux.ibm.com> References: <20191129094809.26684-1-frankja@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19112909-0028-0000-0000-000003C18C21 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19112909-0029-0000-0000-000024849A1A Message-Id: <20191129094809.26684-8-frankja@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-11-29_02:2019-11-29,2019-11-29 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 malwarescore=0 mlxscore=0 suspectscore=1 impostorscore=0 clxscore=1015 bulkscore=0 adultscore=0 priorityscore=1501 mlxlogscore=709 phishscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1911290086 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.156.1 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: thuth@redhat.com, pmorel@linux.ibm.com, david@redhat.com, cohuck@redhat.com, borntraeger@de.ibm.com, qemu-s390x@nongnu.org, mihajlov@linux.ibm.com Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" SCLP for a protected guest is done over the SIDAD, so we need to use the s390_cpu_virt_mem_* functions to access the SIDAD instead of guest memory when reading/writing SCBs. To not confuse the sclp emulation, we set 0x4000 as the SCCB address, since the function that injects the sclp external interrupt would reject a zero sccb address. Signed-off-by: Janosch Frank --- hw/s390x/sclp.c | 17 +++++++++++++++++ include/hw/s390x/sclp.h | 2 ++ target/s390x/kvm.c | 5 +++++ 3 files changed, 24 insertions(+) diff --git a/hw/s390x/sclp.c b/hw/s390x/sclp.c index f57ce7b739..ca71ace664 100644 --- a/hw/s390x/sclp.c +++ b/hw/s390x/sclp.c @@ -193,6 +193,23 @@ static void sclp_execute(SCLPDevice *sclp, SCCB *sccb, uint32_t code) } } +#define SCLP_PV_DUMMY_ADDR 0x4000 +int sclp_service_call_protected(CPUS390XState *env, uint64_t sccb, + uint32_t code) +{ + SCLPDevice *sclp = get_sclp_device(); + SCLPDeviceClass *sclp_c = SCLP_GET_CLASS(sclp); + SCCB work_sccb; + hwaddr sccb_len = sizeof(SCCB); + + s390_cpu_virt_mem_read(env_archcpu(env), 0, 0, &work_sccb, sccb_len); + sclp_c->execute(sclp, &work_sccb, code); + s390_cpu_virt_mem_write(env_archcpu(env), 0, 0, &work_sccb, + be16_to_cpu(work_sccb.h.length)); + sclp_c->service_interrupt(sclp, SCLP_PV_DUMMY_ADDR); + return 0; +} + int sclp_service_call(CPUS390XState *env, uint64_t sccb, uint32_t code) { SCLPDevice *sclp = get_sclp_device(); diff --git a/include/hw/s390x/sclp.h b/include/hw/s390x/sclp.h index c54413b78c..c0a3faa37d 100644 --- a/include/hw/s390x/sclp.h +++ b/include/hw/s390x/sclp.h @@ -217,5 +217,7 @@ void s390_sclp_init(void); void sclp_service_interrupt(uint32_t sccb); void raise_irq_cpu_hotplug(void); int sclp_service_call(CPUS390XState *env, uint64_t sccb, uint32_t code); +int sclp_service_call_protected(CPUS390XState *env, uint64_t sccb, + uint32_t code); #endif diff --git a/target/s390x/kvm.c b/target/s390x/kvm.c index 3d9c44ba9d..b802d02ff5 100644 --- a/target/s390x/kvm.c +++ b/target/s390x/kvm.c @@ -1174,6 +1174,11 @@ static void kvm_sclp_service_call(S390CPU *cpu, struct kvm_run *run, sccb = env->regs[ipbh0 & 0xf]; code = env->regs[(ipbh0 & 0xf0) >> 4]; + if (run->s390_sieic.icptcode == ICPT_PV_INSTR) { + sclp_service_call_protected(env, sccb, code); + return; + } + r = sclp_service_call(env, sccb, code); if (r < 0) { kvm_s390_program_interrupt(cpu, -r); From patchwork Fri Nov 29 09:48:04 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Janosch Frank X-Patchwork-Id: 11266999 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 1D369921 for ; Fri, 29 Nov 2019 10:33:56 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id F184B215F1 for ; Fri, 29 Nov 2019 10:33:55 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org F184B215F1 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.ibm.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Received: from localhost ([::1]:56858 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iadb0-0001Wf-6Q for patchwork-qemu-devel@patchwork.kernel.org; Fri, 29 Nov 2019 05:33:55 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:48171) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iactV-00032E-71 for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:58 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iactQ-0004XR-Rp for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:55 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:13630) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iactQ-0004Gz-Jj for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:52 -0500 Received: from pps.filterd (m0187473.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xAT9mR6F118074 for ; Fri, 29 Nov 2019 04:48:48 -0500 Received: from e06smtp04.uk.ibm.com (e06smtp04.uk.ibm.com [195.75.94.100]) by mx0a-001b2d01.pphosted.com with ESMTP id 2wjah7ft25-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 29 Nov 2019 04:48:45 -0500 Received: from localhost by e06smtp04.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 29 Nov 2019 09:48:41 -0000 Received: from b06avi18878370.portsmouth.uk.ibm.com (9.149.26.194) by e06smtp04.uk.ibm.com (192.168.101.134) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 29 Nov 2019 09:48:39 -0000 Received: from d06av23.portsmouth.uk.ibm.com (d06av23.portsmouth.uk.ibm.com [9.149.105.59]) by b06avi18878370.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xAT9mbIC44564904 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Nov 2019 09:48:37 GMT Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 7B0B3A4053; Fri, 29 Nov 2019 09:48:37 +0000 (GMT) Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 7ABE5A4051; Fri, 29 Nov 2019 09:48:35 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.188.128]) by d06av23.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 29 Nov 2019 09:48:35 +0000 (GMT) From: Janosch Frank To: qemu-devel@nongnu.org Subject: [PATCH v2 08/13] s390x: protvirt: Add new VCPU reset functions Date: Fri, 29 Nov 2019 04:48:04 -0500 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191129094809.26684-1-frankja@linux.ibm.com> References: <20191129094809.26684-1-frankja@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19112909-0016-0000-0000-000002CDD4FC X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19112909-0017-0000-0000-0000332FBEE4 Message-Id: <20191129094809.26684-9-frankja@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-11-29_02:2019-11-29,2019-11-29 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 malwarescore=0 mlxscore=0 suspectscore=1 impostorscore=0 clxscore=1015 bulkscore=0 adultscore=0 priorityscore=1501 mlxlogscore=999 phishscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1911290086 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.156.1 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: thuth@redhat.com, pmorel@linux.ibm.com, david@redhat.com, cohuck@redhat.com, borntraeger@de.ibm.com, qemu-s390x@nongnu.org, mihajlov@linux.ibm.com Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" CPU resets for protected guests need to be done via Ultravisor calls. Hence we need a way to issue these calls for each reset. As we formerly had only one reset function and it was called for initial, as well as for the clear reset, we now need a new interface. Signed-off-by: Janosch Frank --- target/s390x/cpu.c | 14 ++++++++++++-- target/s390x/kvm-stub.c | 10 +++++++++- target/s390x/kvm.c | 38 ++++++++++++++++++++++++++++++++------ target/s390x/kvm_s390x.h | 4 +++- 4 files changed, 56 insertions(+), 10 deletions(-) diff --git a/target/s390x/cpu.c b/target/s390x/cpu.c index bd39cb54b7..52fefa1586 100644 --- a/target/s390x/cpu.c +++ b/target/s390x/cpu.c @@ -131,8 +131,18 @@ static void s390_cpu_reset(CPUState *s, cpu_reset_type type) } /* Reset state inside the kernel that we cannot access yet from QEMU. */ - if (kvm_enabled() && type != S390_CPU_RESET_NORMAL) { - kvm_s390_reset_vcpu(cpu); + if (kvm_enabled()) { + switch (type) { + case S390_CPU_RESET_CLEAR: + kvm_s390_reset_vcpu_clear(cpu); + break; + case S390_CPU_RESET_INITIAL: + kvm_s390_reset_vcpu_initial(cpu); + break; + case S390_CPU_RESET_NORMAL: + kvm_s390_reset_vcpu_normal(cpu); + break; + } } } diff --git a/target/s390x/kvm-stub.c b/target/s390x/kvm-stub.c index 5152e2bdf1..c4cd497f85 100644 --- a/target/s390x/kvm-stub.c +++ b/target/s390x/kvm-stub.c @@ -83,7 +83,15 @@ void kvm_s390_cmma_reset(void) { } -void kvm_s390_reset_vcpu(S390CPU *cpu) +void kvm_s390_reset_vcpu_initial(S390CPU *cpu) +{ +} + +void kvm_s390_reset_vcpu_clear(S390CPU *cpu) +{ +} + +void kvm_s390_reset_vcpu_normal(S390CPU *cpu) { } diff --git a/target/s390x/kvm.c b/target/s390x/kvm.c index b802d02ff5..5b1ed3acb4 100644 --- a/target/s390x/kvm.c +++ b/target/s390x/kvm.c @@ -154,6 +154,7 @@ static int cap_ri; static int cap_gs; static int cap_hpage_1m; static int cap_protvirt; +static int cap_vcpu_resets; static int active_cmma; @@ -346,6 +347,7 @@ int kvm_arch_init(MachineState *ms, KVMState *s) cap_mem_op = kvm_check_extension(s, KVM_CAP_S390_MEM_OP); cap_s390_irq = kvm_check_extension(s, KVM_CAP_S390_INJECT_IRQ); cap_protvirt = kvm_check_extension(s, KVM_CAP_S390_PROTECTED); + cap_vcpu_resets = kvm_check_extension(s, KVM_CAP_S390_VCPU_RESETS); if (!kvm_check_extension(s, KVM_CAP_S390_GMAP) || !kvm_check_extension(s, KVM_CAP_S390_COW)) { @@ -407,20 +409,44 @@ int kvm_arch_destroy_vcpu(CPUState *cs) return 0; } -void kvm_s390_reset_vcpu(S390CPU *cpu) +static void kvm_s390_reset_vcpu(S390CPU *cpu, unsigned long type) { CPUState *cs = CPU(cpu); - /* The initial reset call is needed here to reset in-kernel - * vcpu data that we can't access directly from QEMU - * (i.e. with older kernels which don't support sync_regs/ONE_REG). - * Before this ioctl cpu_synchronize_state() is called in common kvm - * code (kvm-all) */ + /* + * The reset call is needed here to reset in-kernel vcpu data that + * we can't access directly from QEMU (i.e. with older kernels + * which don't support sync_regs/ONE_REG). Before this ioctl + * cpu_synchronize_state() is called in common kvm code + * (kvm-all). + */ + if (cap_vcpu_resets) { + if (kvm_vcpu_ioctl(cs, KVM_S390_VCPU_RESET, type)) { + error_report("CPU reset type %ld failed on CPU %i", + type, cs->cpu_index); + } + return; + } if (kvm_vcpu_ioctl(cs, KVM_S390_INITIAL_RESET, NULL)) { error_report("Initial CPU reset failed on CPU %i", cs->cpu_index); } } +void kvm_s390_reset_vcpu_initial(S390CPU *cpu) +{ + kvm_s390_reset_vcpu(cpu, KVM_S390_VCPU_RESET_INITIAL); +} + +void kvm_s390_reset_vcpu_clear(S390CPU *cpu) +{ + kvm_s390_reset_vcpu(cpu, KVM_S390_VCPU_RESET_CLEAR); +} + +void kvm_s390_reset_vcpu_normal(S390CPU *cpu) +{ + kvm_s390_reset_vcpu(cpu, KVM_S390_VCPU_RESET_NORMAL); +} + static int can_sync_regs(CPUState *cs, int regs) { return cap_sync_regs && (cs->kvm_run->kvm_valid_regs & regs) == regs; diff --git a/target/s390x/kvm_s390x.h b/target/s390x/kvm_s390x.h index caf985955b..0b21789796 100644 --- a/target/s390x/kvm_s390x.h +++ b/target/s390x/kvm_s390x.h @@ -34,7 +34,9 @@ int kvm_s390_assign_subch_ioeventfd(EventNotifier *notifier, uint32_t sch, int vq, bool assign); int kvm_s390_cmma_active(void); void kvm_s390_cmma_reset(void); -void kvm_s390_reset_vcpu(S390CPU *cpu); +void kvm_s390_reset_vcpu_clear(S390CPU *cpu); +void kvm_s390_reset_vcpu_normal(S390CPU *cpu); +void kvm_s390_reset_vcpu_initial(S390CPU *cpu); int kvm_s390_set_mem_limit(uint64_t new_limit, uint64_t *hw_limit); void kvm_s390_set_max_pagesize(uint64_t pagesize, Error **errp); void kvm_s390_crypto_reset(void); From patchwork Fri Nov 29 09:48:05 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Janosch Frank X-Patchwork-Id: 11266889 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 68AFD930 for ; Fri, 29 Nov 2019 10:28:16 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 48D6A215F1 for ; Fri, 29 Nov 2019 10:28:16 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 48D6A215F1 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.ibm.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Received: from localhost ([::1]:56816 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iadVW-000688-Fx for patchwork-qemu-devel@patchwork.kernel.org; Fri, 29 Nov 2019 05:28:14 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:48134) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iactT-00031P-7o for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:58 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iactP-0004Qt-6O for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:53 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:40752) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iactO-0004IE-UO for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:48:51 -0500 Received: from pps.filterd (m0187473.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xAT9mP0H117995 for ; Fri, 29 Nov 2019 04:48:49 -0500 Received: from e06smtp02.uk.ibm.com (e06smtp02.uk.ibm.com [195.75.94.98]) by mx0a-001b2d01.pphosted.com with ESMTP id 2wjah7ft3v-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 29 Nov 2019 04:48:48 -0500 Received: from localhost by e06smtp02.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 29 Nov 2019 09:48:44 -0000 Received: from b06cxnps4074.portsmouth.uk.ibm.com (9.149.109.196) by e06smtp02.uk.ibm.com (192.168.101.132) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 29 Nov 2019 09:48:41 -0000 Received: from d06av23.portsmouth.uk.ibm.com (d06av23.portsmouth.uk.ibm.com [9.149.105.59]) by b06cxnps4074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xAT9mdkV52953198 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Nov 2019 09:48:39 GMT Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id A1745A4053; Fri, 29 Nov 2019 09:48:39 +0000 (GMT) Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C6E5EA4055; Fri, 29 Nov 2019 09:48:37 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.188.128]) by d06av23.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 29 Nov 2019 09:48:37 +0000 (GMT) From: Janosch Frank To: qemu-devel@nongnu.org Subject: [PATCH v2 09/13] s390x: Exit on vcpu reset error Date: Fri, 29 Nov 2019 04:48:05 -0500 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191129094809.26684-1-frankja@linux.ibm.com> References: <20191129094809.26684-1-frankja@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19112909-0008-0000-0000-00000339D0EC X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19112909-0009-0000-0000-00004A58E03D Message-Id: <20191129094809.26684-10-frankja@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-11-29_02:2019-11-29,2019-11-29 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 malwarescore=0 mlxscore=0 suspectscore=1 impostorscore=0 clxscore=1015 bulkscore=0 adultscore=0 priorityscore=1501 mlxlogscore=999 phishscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1911290086 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.156.1 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: thuth@redhat.com, pmorel@linux.ibm.com, david@redhat.com, cohuck@redhat.com, borntraeger@de.ibm.com, qemu-s390x@nongnu.org, mihajlov@linux.ibm.com Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" If a vcpu is not properly reset it might be better to just end the VM. Signed-off-by: Janosch Frank Reviewed-by: David Hildenbrand --- target/s390x/kvm.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/target/s390x/kvm.c b/target/s390x/kvm.c index 5b1ed3acb4..15b041a601 100644 --- a/target/s390x/kvm.c +++ b/target/s390x/kvm.c @@ -424,11 +424,13 @@ static void kvm_s390_reset_vcpu(S390CPU *cpu, unsigned long type) if (kvm_vcpu_ioctl(cs, KVM_S390_VCPU_RESET, type)) { error_report("CPU reset type %ld failed on CPU %i", type, cs->cpu_index); + exit(1); } return; } if (kvm_vcpu_ioctl(cs, KVM_S390_INITIAL_RESET, NULL)) { error_report("Initial CPU reset failed on CPU %i", cs->cpu_index); + exit(1); } } From patchwork Fri Nov 29 09:48:06 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Janosch Frank X-Patchwork-Id: 11266887 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 9244915AB for ; Fri, 29 Nov 2019 10:27:04 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 675FE215F1 for ; Fri, 29 Nov 2019 10:27:04 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 675FE215F1 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.ibm.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Received: from localhost ([::1]:56810 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iadUN-0005RQ-FQ for patchwork-qemu-devel@patchwork.kernel.org; Fri, 29 Nov 2019 05:27:03 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:48600) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iacto-0003Ha-5k for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:49:17 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iacti-0005MX-Bj for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:49:12 -0500 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:48856) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iactf-0005Gl-Tv for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:49:08 -0500 Received: from pps.filterd (m0127361.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xAT9mw3G164552 for ; Fri, 29 Nov 2019 04:49:06 -0500 Received: from e06smtp04.uk.ibm.com (e06smtp04.uk.ibm.com [195.75.94.100]) by mx0a-001b2d01.pphosted.com with ESMTP id 2wjar9f7jk-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 29 Nov 2019 04:49:04 -0500 Received: from localhost by e06smtp04.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 29 Nov 2019 09:48:46 -0000 Received: from b06cxnps3074.portsmouth.uk.ibm.com (9.149.109.194) by e06smtp04.uk.ibm.com (192.168.101.134) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 29 Nov 2019 09:48:43 -0000 Received: from d06av23.portsmouth.uk.ibm.com (d06av23.portsmouth.uk.ibm.com [9.149.105.59]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xAT9mfKb51511516 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Nov 2019 09:48:41 GMT Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9FE77A4059; Fri, 29 Nov 2019 09:48:41 +0000 (GMT) Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 027C3A404D; Fri, 29 Nov 2019 09:48:40 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.188.128]) by d06av23.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 29 Nov 2019 09:48:39 +0000 (GMT) From: Janosch Frank To: qemu-devel@nongnu.org Subject: [PATCH v2 10/13] s390x: protvirt: Set guest IPL PSW Date: Fri, 29 Nov 2019 04:48:06 -0500 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191129094809.26684-1-frankja@linux.ibm.com> References: <20191129094809.26684-1-frankja@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19112909-0016-0000-0000-000002CDD502 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19112909-0017-0000-0000-0000332FBEE8 Message-Id: <20191129094809.26684-11-frankja@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-11-29_02:2019-11-29,2019-11-29 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 mlxscore=0 phishscore=0 impostorscore=0 clxscore=1015 suspectscore=1 mlxlogscore=999 adultscore=0 malwarescore=0 spamscore=0 bulkscore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1911290086 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.158.5 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: thuth@redhat.com, pmorel@linux.ibm.com, david@redhat.com, cohuck@redhat.com, borntraeger@de.ibm.com, qemu-s390x@nongnu.org, mihajlov@linux.ibm.com Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" Handling of CPU reset and setting of the IPL psw from guest storage at offset 0 is done by a Ultravisor call. Let's only fetch it if necessary. Signed-off-by: Janosch Frank Reviewed-by: Thomas Huth --- hw/s390x/pv.c | 5 +++++ hw/s390x/pv.h | 1 + hw/s390x/s390-virtio-ccw.c | 2 +- linux-headers/linux/kvm.h | 1 + target/s390x/cpu.c | 9 ++++++++- 5 files changed, 16 insertions(+), 2 deletions(-) diff --git a/hw/s390x/pv.c b/hw/s390x/pv.c index 0218070322..106252833f 100644 --- a/hw/s390x/pv.c +++ b/hw/s390x/pv.c @@ -88,6 +88,11 @@ int s390_pv_set_sec_parms(uint64_t origin, uint64_t length) return s390_pv_cmd(KVM_PV_VM_SET_SEC_PARMS, &args); } +int s390_pv_set_ipl_psw(CPUState *cs) +{ + return s390_pv_cmd_vcpu(cs, KVM_PV_VCPU_SET_IPL_PSW, NULL); +} + /* * Called for each component in the SE type IPL parameter block 0. */ diff --git a/hw/s390x/pv.h b/hw/s390x/pv.h index eb074e4bc9..e670c67270 100644 --- a/hw/s390x/pv.h +++ b/hw/s390x/pv.h @@ -18,6 +18,7 @@ int s390_pv_vm_destroy(void); int s390_pv_vcpu_destroy(CPUState *cs); int s390_pv_vcpu_create(CPUState *cs); int s390_pv_set_sec_parms(uint64_t origin, uint64_t length); +int s390_pv_set_ipl_psw(CPUState *cs); int s390_pv_unpack(uint64_t addr, uint64_t size, uint64_t tweak); int s390_pv_perf_clear_reset(void); int s390_pv_verify(void); diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c index 6fcd695b81..1133de9423 100644 --- a/hw/s390x/s390-virtio-ccw.c +++ b/hw/s390x/s390-virtio-ccw.c @@ -408,7 +408,7 @@ static void s390_machine_reset(MachineState *machine) /* Verify integrity */ s390_pv_verify(); env->pv = true; - s390_cpu_set_state(S390_CPU_STATE_OPERATING, cpu); + run_on_cpu(cs, s390_do_cpu_load_normal, RUN_ON_CPU_NULL); break; default: g_assert_not_reached(); diff --git a/linux-headers/linux/kvm.h b/linux-headers/linux/kvm.h index 4448d59960..7c6118c703 100644 --- a/linux-headers/linux/kvm.h +++ b/linux-headers/linux/kvm.h @@ -1484,6 +1484,7 @@ enum pv_cmd_id { KVM_PV_VM_UNSHARE, KVM_PV_VCPU_CREATE, KVM_PV_VCPU_DESTROY, + KVM_PV_VCPU_SET_IPL_PSW, }; struct kvm_pv_cmd { diff --git a/target/s390x/cpu.c b/target/s390x/cpu.c index 52fefa1586..8c673dab2c 100644 --- a/target/s390x/cpu.c +++ b/target/s390x/cpu.c @@ -37,6 +37,7 @@ #include "sysemu/hw_accel.h" #include "hw/qdev-properties.h" #ifndef CONFIG_USER_ONLY +#include "hw/s390x/pv.h" #include "hw/boards.h" #include "sysemu/arch_init.h" #include "sysemu/sysemu.h" @@ -76,7 +77,13 @@ static bool s390_cpu_has_work(CPUState *cs) static void s390_cpu_load_normal(CPUState *s) { S390CPU *cpu = S390_CPU(s); - cpu->env.psw.addr = ldl_phys(s->as, 4) & PSW_MASK_ESA_ADDR; + CPUS390XState *env = &cpu->env; + + if (!env->pv) { + cpu->env.psw.addr = ldl_phys(s->as, 4) & PSW_MASK_ESA_ADDR; + } else { + s390_pv_set_ipl_psw(s); + } cpu->env.psw.mask = PSW_MASK_32 | PSW_MASK_64; s390_cpu_set_state(S390_CPU_STATE_OPERATING, cpu); } From patchwork Fri Nov 29 09:48:07 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Janosch Frank X-Patchwork-Id: 11267003 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 00C65921 for ; Fri, 29 Nov 2019 10:39:13 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id CB6C3217AB for ; Fri, 29 Nov 2019 10:39:13 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org CB6C3217AB Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.ibm.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Received: from localhost ([::1]:56890 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iadg8-0005Fu-Oz for patchwork-qemu-devel@patchwork.kernel.org; Fri, 29 Nov 2019 05:39:12 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:48688) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iactp-0003IZ-7h for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:49:19 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iacto-0005TQ-2T for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:49:17 -0500 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:42230) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iactm-0005Pg-3I for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:49:15 -0500 Received: from pps.filterd (m0127361.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xAT9n04K164781 for ; Fri, 29 Nov 2019 04:49:12 -0500 Received: from e06smtp01.uk.ibm.com (e06smtp01.uk.ibm.com [195.75.94.97]) by mx0a-001b2d01.pphosted.com with ESMTP id 2wjar9f7k9-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 29 Nov 2019 04:49:06 -0500 Received: from localhost by e06smtp01.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 29 Nov 2019 09:48:48 -0000 Received: from b06cxnps4076.portsmouth.uk.ibm.com (9.149.109.198) by e06smtp01.uk.ibm.com (192.168.101.131) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 29 Nov 2019 09:48:45 -0000 Received: from d06av23.portsmouth.uk.ibm.com (d06av23.portsmouth.uk.ibm.com [9.149.105.59]) by b06cxnps4076.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xAT9mhE555509240 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Nov 2019 09:48:43 GMT Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id ABD97A4040; Fri, 29 Nov 2019 09:48:43 +0000 (GMT) Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0E3D0A404D; Fri, 29 Nov 2019 09:48:42 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.188.128]) by d06av23.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 29 Nov 2019 09:48:41 +0000 (GMT) From: Janosch Frank To: qemu-devel@nongnu.org Subject: [PATCH v2 11/13] s390x: protvirt: Move diag 308 data over SIDAD Date: Fri, 29 Nov 2019 04:48:07 -0500 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191129094809.26684-1-frankja@linux.ibm.com> References: <20191129094809.26684-1-frankja@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19112909-4275-0000-0000-00000387EFCF X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19112909-4276-0000-0000-0000389B8457 Message-Id: <20191129094809.26684-12-frankja@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-11-29_02:2019-11-29,2019-11-29 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 mlxscore=0 phishscore=0 impostorscore=0 clxscore=1015 suspectscore=1 mlxlogscore=809 adultscore=0 malwarescore=0 spamscore=0 bulkscore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1911290086 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.158.5 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: thuth@redhat.com, pmorel@linux.ibm.com, david@redhat.com, cohuck@redhat.com, borntraeger@de.ibm.com, qemu-s390x@nongnu.org, mihajlov@linux.ibm.com Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" For protected guests the IPIB is written/read to/from the satellite block, so we need to make those accesses virtual to make them go through KVM mem ops. Signed-off-by: Janosch Frank --- target/s390x/diag.c | 26 +++++++++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) diff --git a/target/s390x/diag.c b/target/s390x/diag.c index 5489fc721a..6d78759151 100644 --- a/target/s390x/diag.c +++ b/target/s390x/diag.c @@ -88,6 +88,7 @@ static int diag308_parm_check(CPUS390XState *env, uint64_t r1, uint64_t addr, void handle_diag_308(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra) { CPUState *cs = env_cpu(env); + S390CPU *cpu = S390_CPU(cs); uint64_t addr = env->regs[r1]; uint64_t subcode = env->regs[r3]; IplParameterBlock *iplb; @@ -118,14 +119,27 @@ void handle_diag_308(CPUS390XState *env, uint64_t r1, uint64_t r3, uintptr_t ra) if (diag308_parm_check(env, r1, addr, ra, false)) { return; } + iplb = g_new0(IplParameterBlock, 1); - cpu_physical_memory_read(addr, iplb, sizeof(iplb->len)); + if (!env->pv) { + cpu_physical_memory_read(addr, iplb, sizeof(iplb->len)); + } else { + s390_cpu_virt_mem_read(cpu, 0, 0, iplb, sizeof(iplb->len)); + s390_cpu_virt_mem_handle_exc(cpu, ra); + } + if (!iplb_valid_len(iplb)) { env->regs[r1 + 1] = DIAG_308_RC_INVALID; goto out; } - cpu_physical_memory_read(addr, iplb, be32_to_cpu(iplb->len)); + if (!env->pv) { + cpu_physical_memory_read(addr, iplb, be32_to_cpu(iplb->len)); + } else { + s390_cpu_virt_mem_read(cpu, 0, 0, iplb, be32_to_cpu(iplb->len)); + s390_cpu_virt_mem_handle_exc(cpu, ra); + } + if (!iplb_valid_ccw(iplb) && !iplb_valid_fcp(iplb) && !(iplb_valid_se(iplb) && s390_ipl_pv_check_comp(iplb) >= 0)) { @@ -149,7 +163,13 @@ out: iplb = s390_ipl_get_iplb(); } if (iplb) { - cpu_physical_memory_write(addr, iplb, be32_to_cpu(iplb->len)); + if (!env->pv) { + cpu_physical_memory_write(addr, iplb, be32_to_cpu(iplb->len)); + } else { + s390_cpu_virt_mem_write(cpu, 0, 0, iplb, + be32_to_cpu(iplb->len)); + s390_cpu_virt_mem_handle_exc(cpu, ra); + } env->regs[r1 + 1] = DIAG_308_RC_OK; } else { env->regs[r1 + 1] = DIAG_308_RC_NO_CONF; From patchwork Fri Nov 29 09:48:08 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Janosch Frank X-Patchwork-Id: 11266997 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id EDC59930 for ; Fri, 29 Nov 2019 10:32:01 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id CE771215F1 for ; Fri, 29 Nov 2019 10:32:01 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org CE771215F1 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.ibm.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Received: from localhost ([::1]:56844 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iadZA-0000WQ-Hz for patchwork-qemu-devel@patchwork.kernel.org; Fri, 29 Nov 2019 05:32:00 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:48609) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iactn-0003Hi-8X for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:49:18 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iacti-0005Mq-CN for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:49:14 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:44236) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iactg-0004ZT-DQ for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:49:10 -0500 Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xAT9mY9c110150 for ; Fri, 29 Nov 2019 04:48:53 -0500 Received: from e06smtp02.uk.ibm.com (e06smtp02.uk.ibm.com [195.75.94.98]) by mx0a-001b2d01.pphosted.com with ESMTP id 2wjuwh1e7d-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 29 Nov 2019 04:48:52 -0500 Received: from localhost by e06smtp02.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 29 Nov 2019 09:48:50 -0000 Received: from b06avi18626390.portsmouth.uk.ibm.com (9.149.26.192) by e06smtp02.uk.ibm.com (192.168.101.132) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 29 Nov 2019 09:48:47 -0000 Received: from d06av23.portsmouth.uk.ibm.com (d06av23.portsmouth.uk.ibm.com [9.149.105.59]) by b06avi18626390.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xAT9m6Pi47186332 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Nov 2019 09:48:06 GMT Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id D0700A4055; Fri, 29 Nov 2019 09:48:45 +0000 (GMT) Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 0A590A4051; Fri, 29 Nov 2019 09:48:44 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.188.128]) by d06av23.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 29 Nov 2019 09:48:43 +0000 (GMT) From: Janosch Frank To: qemu-devel@nongnu.org Subject: [PATCH v2 12/13] s390x: protvirt: Disable address checks for PV guest IO emulation Date: Fri, 29 Nov 2019 04:48:08 -0500 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191129094809.26684-1-frankja@linux.ibm.com> References: <20191129094809.26684-1-frankja@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19112909-0008-0000-0000-00000339D0EE X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19112909-0009-0000-0000-00004A58E03F Message-Id: <20191129094809.26684-13-frankja@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-11-29_02:2019-11-29,2019-11-29 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 spamscore=0 impostorscore=0 priorityscore=1501 adultscore=0 mlxscore=0 bulkscore=0 suspectscore=1 clxscore=1015 malwarescore=0 mlxlogscore=605 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1911290086 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.156.1 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: thuth@redhat.com, pmorel@linux.ibm.com, david@redhat.com, cohuck@redhat.com, borntraeger@de.ibm.com, qemu-s390x@nongnu.org, mihajlov@linux.ibm.com Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" IO instruction data is routed through SIDAD for protected guests, so adresses do not need to be checked, as this is kernel memory. Signed-off-by: Janosch Frank Reviewed-by: Thomas Huth --- target/s390x/ioinst.c | 26 +++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/target/s390x/ioinst.c b/target/s390x/ioinst.c index c437a1d8c6..e4102430aa 100644 --- a/target/s390x/ioinst.c +++ b/target/s390x/ioinst.c @@ -17,6 +17,16 @@ #include "trace.h" #include "hw/s390x/s390-pci-bus.h" +static uint64_t get_address_from_regs(CPUS390XState *env, uint32_t ipb, + uint8_t *ar) +{ + if (env->pv) { + *ar = 0; + return 0; + } + return decode_basedisp_s(env, ipb, ar); +} + int ioinst_disassemble_sch_ident(uint32_t value, int *m, int *cssid, int *ssid, int *schid) { @@ -114,7 +124,7 @@ void ioinst_handle_msch(S390CPU *cpu, uint64_t reg1, uint32_t ipb, uintptr_t ra) CPUS390XState *env = &cpu->env; uint8_t ar; - addr = decode_basedisp_s(env, ipb, &ar); + addr = get_address_from_regs(env, ipb, &ar); if (addr & 3) { s390_program_interrupt(env, PGM_SPECIFICATION, ra); return; @@ -171,7 +181,7 @@ void ioinst_handle_ssch(S390CPU *cpu, uint64_t reg1, uint32_t ipb, uintptr_t ra) CPUS390XState *env = &cpu->env; uint8_t ar; - addr = decode_basedisp_s(env, ipb, &ar); + addr = get_address_from_regs(env, ipb, &ar); if (addr & 3) { s390_program_interrupt(env, PGM_SPECIFICATION, ra); return; @@ -203,7 +213,7 @@ void ioinst_handle_stcrw(S390CPU *cpu, uint32_t ipb, uintptr_t ra) CPUS390XState *env = &cpu->env; uint8_t ar; - addr = decode_basedisp_s(env, ipb, &ar); + addr = get_address_from_regs(env, ipb, &ar); if (addr & 3) { s390_program_interrupt(env, PGM_SPECIFICATION, ra); return; @@ -234,7 +244,7 @@ void ioinst_handle_stsch(S390CPU *cpu, uint64_t reg1, uint32_t ipb, CPUS390XState *env = &cpu->env; uint8_t ar; - addr = decode_basedisp_s(env, ipb, &ar); + addr = get_address_from_regs(env, ipb, &ar); if (addr & 3) { s390_program_interrupt(env, PGM_SPECIFICATION, ra); return; @@ -303,7 +313,7 @@ int ioinst_handle_tsch(S390CPU *cpu, uint64_t reg1, uint32_t ipb, uintptr_t ra) return -EIO; } trace_ioinst_sch_id("tsch", cssid, ssid, schid); - addr = decode_basedisp_s(env, ipb, &ar); + addr = get_address_from_regs(env, ipb, &ar); if (addr & 3) { s390_program_interrupt(env, PGM_SPECIFICATION, ra); return -EIO; @@ -601,7 +611,7 @@ void ioinst_handle_chsc(S390CPU *cpu, uint32_t ipb, uintptr_t ra) { ChscReq *req; ChscResp *res; - uint64_t addr; + uint64_t addr = 0; int reg; uint16_t len; uint16_t command; @@ -610,7 +620,9 @@ void ioinst_handle_chsc(S390CPU *cpu, uint32_t ipb, uintptr_t ra) trace_ioinst("chsc"); reg = (ipb >> 20) & 0x00f; - addr = env->regs[reg]; + if (!env->pv) { + addr = env->regs[reg]; + } /* Page boundary? */ if (addr & 0xfff) { s390_program_interrupt(env, PGM_SPECIFICATION, ra); From patchwork Fri Nov 29 09:48:09 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Janosch Frank X-Patchwork-Id: 11266871 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 91764109A for ; Fri, 29 Nov 2019 10:19:43 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 702C4217BC for ; Fri, 29 Nov 2019 10:19:43 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 702C4217BC Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.ibm.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Received: from localhost ([::1]:56736 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iadNG-0000UH-If for patchwork-qemu-devel@patchwork.kernel.org; Fri, 29 Nov 2019 05:19:42 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:48608) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iactn-0003Hg-8A for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:49:16 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iacti-0005Ln-7u for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:49:14 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:55692) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iactf-0004hf-Cs for qemu-devel@nongnu.org; Fri, 29 Nov 2019 04:49:08 -0500 Received: from pps.filterd (m0098410.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id xAT9mXtQ109227 for ; Fri, 29 Nov 2019 04:48:55 -0500 Received: from e06smtp02.uk.ibm.com (e06smtp02.uk.ibm.com [195.75.94.98]) by mx0a-001b2d01.pphosted.com with ESMTP id 2wjaehhr8e-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 29 Nov 2019 04:48:54 -0500 Received: from localhost by e06smtp02.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 29 Nov 2019 09:48:52 -0000 Received: from b06cxnps3074.portsmouth.uk.ibm.com (9.149.109.194) by e06smtp02.uk.ibm.com (192.168.101.132) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 29 Nov 2019 09:48:49 -0000 Received: from d06av23.portsmouth.uk.ibm.com (d06av23.portsmouth.uk.ibm.com [9.149.105.59]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xAT9mmuc63242396 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 29 Nov 2019 09:48:48 GMT Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 05DDFA4040; Fri, 29 Nov 2019 09:48:48 +0000 (GMT) Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 27E21A4057; Fri, 29 Nov 2019 09:48:46 +0000 (GMT) Received: from localhost.localdomain (unknown [9.145.188.128]) by d06av23.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 29 Nov 2019 09:48:45 +0000 (GMT) From: Janosch Frank To: qemu-devel@nongnu.org Subject: [PATCH v2 13/13] s390x: protvirt: Handle SIGP store status correctly Date: Fri, 29 Nov 2019 04:48:09 -0500 X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191129094809.26684-1-frankja@linux.ibm.com> References: <20191129094809.26684-1-frankja@linux.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 x-cbid: 19112909-0008-0000-0000-00000339D0EF X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19112909-0009-0000-0000-00004A58E040 Message-Id: <20191129094809.26684-14-frankja@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,18.0.572 definitions=2019-11-29_02:2019-11-29,2019-11-29 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 suspectscore=1 mlxscore=0 malwarescore=0 priorityscore=1501 lowpriorityscore=0 impostorscore=0 phishscore=0 mlxlogscore=615 spamscore=0 clxscore=1015 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1910280000 definitions=main-1911290086 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.156.1 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: thuth@redhat.com, pmorel@linux.ibm.com, david@redhat.com, cohuck@redhat.com, borntraeger@de.ibm.com, qemu-s390x@nongnu.org, mihajlov@linux.ibm.com Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" Status storing is obviously not done by qemu anymore. Signed-off-by: Janosch Frank --- target/s390x/helper.c | 4 ++++ target/s390x/sigp.c | 1 + 2 files changed, 5 insertions(+) diff --git a/target/s390x/helper.c b/target/s390x/helper.c index a3a49164e4..3800c4b395 100644 --- a/target/s390x/helper.c +++ b/target/s390x/helper.c @@ -246,6 +246,10 @@ int s390_store_status(S390CPU *cpu, hwaddr addr, bool store_arch) hwaddr len = sizeof(*sa); int i; + if (cpu->env.pv) { + return 0; + } + sa = cpu_physical_memory_map(addr, &len, 1); if (!sa) { return -EFAULT; diff --git a/target/s390x/sigp.c b/target/s390x/sigp.c index 727875bb4a..2007946299 100644 --- a/target/s390x/sigp.c +++ b/target/s390x/sigp.c @@ -497,6 +497,7 @@ void do_stop_interrupt(CPUS390XState *env) if (s390_cpu_set_state(S390_CPU_STATE_STOPPED, cpu) == 0) { qemu_system_shutdown_request(SHUTDOWN_CAUSE_GUEST_SHUTDOWN); } + /* Storing will occur on next SIE entry for fmt 4 */ if (cpu->env.sigp_order == SIGP_STOP_STORE_STATUS) { s390_store_status(cpu, S390_STORE_STATUS_DEF_ADDR, true); }