diff mbox series

[v3,4/9] s390x/cpumodel: msa9 facility

Message ID 20190429090250.7648-5-borntraeger@de.ibm.com (mailing list archive)
State New, archived
Headers show
Series s390x: new guest features | expand

Commit Message

Christian Borntraeger April 29, 2019, 9:02 a.m. UTC
Provide the MSA9 facility (stfle.155).
This also contains pckmo functions for key wrapping. Keep them in a
separate group to disable those as a block if necessary.

Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
---
 target/s390x/cpu_features.c     | 32 +++++++++++++++++++++++++
 target/s390x/cpu_features.h     |  1 +
 target/s390x/cpu_features_def.h | 31 ++++++++++++++++++++++++
 target/s390x/cpu_models.c       |  2 ++
 target/s390x/gen-features.c     | 42 +++++++++++++++++++++++++++++++++
 target/s390x/kvm.c              |  6 +++++
 6 files changed, 114 insertions(+)

Comments

David Hildenbrand April 29, 2019, 7:24 p.m. UTC | #1
On 29.04.19 11:02, Christian Borntraeger wrote:
> Provide the MSA9 facility (stfle.155).
> This also contains pckmo functions for key wrapping. Keep them in a
> separate group to disable those as a block if necessary.
> 
> Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
> ---
>  target/s390x/cpu_features.c     | 32 +++++++++++++++++++++++++
>  target/s390x/cpu_features.h     |  1 +
>  target/s390x/cpu_features_def.h | 31 ++++++++++++++++++++++++
>  target/s390x/cpu_models.c       |  2 ++
>  target/s390x/gen-features.c     | 42 +++++++++++++++++++++++++++++++++
>  target/s390x/kvm.c              |  6 +++++
>  6 files changed, 114 insertions(+)
> 
> diff --git a/target/s390x/cpu_features.c b/target/s390x/cpu_features.c
> index bbd8902087..154e2bb354 100644
> --- a/target/s390x/cpu_features.c
> +++ b/target/s390x/cpu_features.c
> @@ -108,6 +108,7 @@ static const S390FeatDef s390_features[] = {
>      FEAT_INIT("irbm", S390_FEAT_TYPE_STFL, 145, "Insert-reference-bits-multiple facility"),
>      FEAT_INIT("msa8-base", S390_FEAT_TYPE_STFL, 146, "Message-security-assist-extension-8 facility (excluding subfunctions)"),
>      FEAT_INIT("cmmnt", S390_FEAT_TYPE_STFL, 147, "CMM: ESSA-enhancement (no translate) facility"),
> +    FEAT_INIT("msa9-base", S390_FEAT_TYPE_STFL, 155, "Message-security-assist-extension-9 facility (excluding subfunctions)"),
>      FEAT_INIT("etoken", S390_FEAT_TYPE_STFL, 156, "Etoken facility"),
>  
>      /* SCLP SCCB Byte 80 - 98  (bit numbers relative to byte-80) */
> @@ -242,6 +243,11 @@ static const S390FeatDef s390_features[] = {
>      FEAT_INIT("pckmo-aes-128", S390_FEAT_TYPE_PCKMO, 18, "PCKMO Encrypted-AES-128-Key"),
>      FEAT_INIT("pckmo-aes-192", S390_FEAT_TYPE_PCKMO, 19, "PCKMO Encrypted-AES-192-Key"),
>      FEAT_INIT("pckmo-aes-256", S390_FEAT_TYPE_PCKMO, 20, "PCKMO Encrypted-AES-256-Key"),
> +    FEAT_INIT("pckmo-ecc-p256", S390_FEAT_TYPE_PCKMO, 32, "PCKMO Encrypt-ECC-P256-Key"),
> +    FEAT_INIT("pckmo-ecc-p384", S390_FEAT_TYPE_PCKMO, 33, "PCKMO Encrypt-ECC-P384-Key"),
> +    FEAT_INIT("pckmo-ecc-p521", S390_FEAT_TYPE_PCKMO, 34, "PCKMO Encrypt-ECC-P521-Key"),
> +    FEAT_INIT("pckmo-ecc-ed25519", S390_FEAT_TYPE_PCKMO, 40 , "PCKMO Encrypt-ECC-Ed25519-Key"),
> +    FEAT_INIT("pckmo-ecc-ed448", S390_FEAT_TYPE_PCKMO, 41 , "PCKMO Encrypt-ECC-Ed448-Key"),
>  
>      FEAT_INIT("kmctr-dea", S390_FEAT_TYPE_KMCTR, 1, "KMCTR DEA"),
>      FEAT_INIT("kmctr-tdea-128", S390_FEAT_TYPE_KMCTR, 2, "KMCTR TDEA-128"),
> @@ -298,6 +304,13 @@ static const S390FeatDef s390_features[] = {
>      FEAT_INIT("pcc-xts-aes-256", S390_FEAT_TYPE_PCC, 52, "PCC Compute-XTS-Parameter-Using-AES-256"),
>      FEAT_INIT("pcc-xts-eaes-128", S390_FEAT_TYPE_PCC, 58, "PCC Compute-XTS-Parameter-Using-Encrypted-AES-128"),
>      FEAT_INIT("pcc-xts-eaes-256", S390_FEAT_TYPE_PCC, 60, "PCC Compute-XTS-Parameter-Using-Encrypted-AES-256"),
> +    FEAT_INIT("pcc-scalar-mult-p256", S390_FEAT_TYPE_PCC, 64, "PCC Scalar-Multiply-P256"),
> +    FEAT_INIT("pcc-scalar-mult-p384", S390_FEAT_TYPE_PCC, 65, "PCC Scalar-Multiply-P384"),
> +    FEAT_INIT("pcc-scalar-mult-p521", S390_FEAT_TYPE_PCC, 66, "PCC Scalar-Multiply-P521"),
> +    FEAT_INIT("pcc-scalar-mult-ed25519", S390_FEAT_TYPE_PCC, 72, "PCC Scalar-Multiply-Ed25519"),
> +    FEAT_INIT("pcc-scalar-mult-ed448", S390_FEAT_TYPE_PCC, 73, "PCC Scalar-Multiply-Ed448"),
> +    FEAT_INIT("pcc-scalar-mult-x25519", S390_FEAT_TYPE_PCC, 80, "PCC Scalar-Multiply-X25519"),
> +    FEAT_INIT("pcc-scalar-mult-x448", S390_FEAT_TYPE_PCC, 81, "PCC Scalar-Multiply-X448"),
>  
>      FEAT_INIT("ppno-sha-512-drng", S390_FEAT_TYPE_PPNO, 3, "PPNO SHA-512-DRNG"),
>      FEAT_INIT("prno-trng-qrtcr", S390_FEAT_TYPE_PPNO, 112, "PRNO TRNG-Query-Raw-to-Conditioned-Ratio"),
> @@ -309,6 +322,22 @@ static const S390FeatDef s390_features[] = {
>      FEAT_INIT("kma-gcm-eaes-128", S390_FEAT_TYPE_KMA, 26, "KMA GCM-Encrypted-AES-128"),
>      FEAT_INIT("kma-gcm-eaes-192", S390_FEAT_TYPE_KMA, 27, "KMA GCM-Encrypted-AES-192"),
>      FEAT_INIT("kma-gcm-eaes-256", S390_FEAT_TYPE_KMA, 28, "KMA GCM-Encrypted-AES-256"),
> +
> +    FEAT_INIT("kdsa-ecdsa-verify-p256", S390_FEAT_TYPE_KDSA, 1, "KDSA ECDSA-Verify-P256"),
> +    FEAT_INIT("kdsa-ecdsa-verify-p384", S390_FEAT_TYPE_KDSA, 2, "KDSA ECDSA-Verify-P384"),
> +    FEAT_INIT("kdsa-ecdsa-verify-p521", S390_FEAT_TYPE_KDSA, 3, "KDSA ECDSA-Verify-P521"),
> +    FEAT_INIT("kdsa-ecdsa-sign-p256", S390_FEAT_TYPE_KDSA, 9, "KDSA ECDSA-Sign-P256"),
> +    FEAT_INIT("kdsa-ecdsa-sign-p384", S390_FEAT_TYPE_KDSA, 10, "KDSA ECDSA-Sign-P384"),
> +    FEAT_INIT("kdsa-ecdsa-sign-p521", S390_FEAT_TYPE_KDSA, 11, "KDSA ECDSA-Sign-P521"),
> +    FEAT_INIT("kdsa-eecdsa-sign-p256", S390_FEAT_TYPE_KDSA, 17, "KDSA Encrypted-ECDSA-Sign-P256"),
> +    FEAT_INIT("kdsa-eecdsa-sign-p384", S390_FEAT_TYPE_KDSA, 18, "KDSA Encrypted-ECDSA-Sign-P384"),
> +    FEAT_INIT("kdsa-eecdsa-sign-p521", S390_FEAT_TYPE_KDSA, 19, "KDSA Encrypted-ECDSA-Sign-P521"),
> +    FEAT_INIT("kdsa-eddsa-verify-ed25519", S390_FEAT_TYPE_KDSA, 32, "KDSA EdDSA-Verify-Ed25519"),
> +    FEAT_INIT("kdsa-eddsa-verify-ed448", S390_FEAT_TYPE_KDSA, 36, "KDSA EdDSA-Verify-Ed448"),
> +    FEAT_INIT("kdsa-eddsa-sign-ed25519", S390_FEAT_TYPE_KDSA, 40, "KDSA EdDSA-Sign-Ed25519"),
> +    FEAT_INIT("kdsa-eddsa-sign-ed448", S390_FEAT_TYPE_KDSA, 44, "KDSA EdDSA-Sign-Ed448"),
> +    FEAT_INIT("kdsa-eeddsa-sign-ed25519", S390_FEAT_TYPE_KDSA, 48, "KDSA Encrypted-EdDSA-Sign-Ed25519"),
> +    FEAT_INIT("kdsa-eeddsa-sign-ed448", S390_FEAT_TYPE_KDSA, 52, "KDSA Encrypted-EdDSA-Sign-Ed448"),
>  };
>  
>  const S390FeatDef *s390_feat_def(S390Feat feat)
> @@ -371,6 +400,7 @@ void s390_fill_feat_block(const S390FeatBitmap features, S390FeatType type,
>      case S390_FEAT_TYPE_PCC:
>      case S390_FEAT_TYPE_PPNO:
>      case S390_FEAT_TYPE_KMA:
> +    case S390_FEAT_TYPE_KDSA:
>          set_be_bit(0, data); /* query is always available */
>          break;
>      default:
> @@ -466,6 +496,8 @@ static S390FeatGroupDef s390_feature_groups[] = {
>      FEAT_GROUP_INIT("msa6", MSA_EXT_6, "Message-security-assist-extension 6 facility"),
>      FEAT_GROUP_INIT("msa7", MSA_EXT_7, "Message-security-assist-extension 7 facility"),
>      FEAT_GROUP_INIT("msa8", MSA_EXT_8, "Message-security-assist-extension 8 facility"),
> +    FEAT_GROUP_INIT("msa9", MSA_EXT_9, "Message-security-assist-extension 9 facility"),
> +    FEAT_GROUP_INIT("msa9_pckmo", MSA_EXT_9_PCKMO, "Message-security-assist-extension 9 PCKMO subfunctions"),
>      FEAT_GROUP_INIT("mepochptff", MULTIPLE_EPOCH_PTFF, "PTFF enhancements introduced with Multiple-epoch facility"),
>  };
>  
> diff --git a/target/s390x/cpu_features.h b/target/s390x/cpu_features.h
> index effe790271..5ffd3db083 100644
> --- a/target/s390x/cpu_features.h
> +++ b/target/s390x/cpu_features.h
> @@ -39,6 +39,7 @@ typedef enum {
>      S390_FEAT_TYPE_PCC,
>      S390_FEAT_TYPE_PPNO,
>      S390_FEAT_TYPE_KMA,
> +    S390_FEAT_TYPE_KDSA,
>  } S390FeatType;
>  
>  /* Definition of a CPU feature */
> diff --git a/target/s390x/cpu_features_def.h b/target/s390x/cpu_features_def.h
> index 31dd678301..030784811b 100644
> --- a/target/s390x/cpu_features_def.h
> +++ b/target/s390x/cpu_features_def.h
> @@ -96,6 +96,7 @@ typedef enum {
>      S390_FEAT_INSERT_REFERENCE_BITS_MULT,
>      S390_FEAT_MSA_EXT_8,
>      S390_FEAT_CMM_NT,
> +    S390_FEAT_MSA_EXT_9,
>      S390_FEAT_ETOKEN,
>  
>      /* Sclp Conf Char */
> @@ -240,6 +241,11 @@ typedef enum {
>      S390_FEAT_PCKMO_AES_128,
>      S390_FEAT_PCKMO_AES_192,
>      S390_FEAT_PCKMO_AES_256,
> +    S390_FEAT_PCKMO_ECC_P256,
> +    S390_FEAT_PCKMO_ECC_P384,
> +    S390_FEAT_PCKMO_ECC_P521,
> +    S390_FEAT_PCKMO_ECC_ED25519,
> +    S390_FEAT_PCKMO_ECC_ED448,
>  
>      /* KMCTR */
>      S390_FEAT_KMCTR_DEA,
> @@ -300,6 +306,13 @@ typedef enum {
>      S390_FEAT_PCC_XTS_AES_256,
>      S390_FEAT_PCC_XTS_EAES_128,
>      S390_FEAT_PCC_XTS_EAES_256,
> +    S390_FEAT_PCC_SCALAR_MULT_P256,
> +    S390_FEAT_PCC_SCALAR_MULT_P384,
> +    S390_FEAT_PCC_SCALAR_MULT_P512,
> +    S390_FEAT_PCC_SCALAR_MULT_ED25519,
> +    S390_FEAT_PCC_SCALAR_MULT_ED448,
> +    S390_FEAT_PCC_SCALAR_MULT_X25519,
> +    S390_FEAT_PCC_SCALAR_MULT_X448,
>  
>      /* PPNO/PRNO */
>      S390_FEAT_PPNO_SHA_512_DRNG,
> @@ -313,6 +326,24 @@ typedef enum {
>      S390_FEAT_KMA_GCM_EAES_128,
>      S390_FEAT_KMA_GCM_EAES_192,
>      S390_FEAT_KMA_GCM_EAES_256,
> +
> +    /* KDSA */
> +    S390_FEAT_ECDSA_VERIFY_P256,
> +    S390_FEAT_ECDSA_VERIFY_P384,
> +    S390_FEAT_ECDSA_VERIFY_P512,
> +    S390_FEAT_ECDSA_SIGN_P256,
> +    S390_FEAT_ECDSA_SIGN_P384,
> +    S390_FEAT_ECDSA_SIGN_P512,
> +    S390_FEAT_EECDSA_SIGN_P256,
> +    S390_FEAT_EECDSA_SIGN_P384,
> +    S390_FEAT_EECDSA_SIGN_P512,
> +    S390_FEAT_EDDSA_VERIFY_ED25519,
> +    S390_FEAT_EDDSA_VERIFY_ED448,
> +    S390_FEAT_EDDSA_SIGN_ED25519,
> +    S390_FEAT_EDDSA_SIGN_ED448,
> +    S390_FEAT_EEDDSA_SIGN_ED25519,
> +    S390_FEAT_EEDDSA_SIGN_ED448,
> +
>      S390_FEAT_MAX,
>  } S390Feat;
>  
> diff --git a/target/s390x/cpu_models.c b/target/s390x/cpu_models.c
> index b4bb5de635..d683635eb5 100644
> --- a/target/s390x/cpu_models.c
> +++ b/target/s390x/cpu_models.c
> @@ -782,6 +782,8 @@ static void check_consistency(const S390CPUModel *model)
>          { S390_FEAT_SIE_CMMA, S390_FEAT_SIE_GSLS },
>          { S390_FEAT_SIE_PFMFI, S390_FEAT_EDAT },
>          { S390_FEAT_MSA_EXT_8, S390_FEAT_MSA_EXT_3 },
> +        { S390_FEAT_MSA_EXT_9, S390_FEAT_MSA_EXT_3 },
> +        { S390_FEAT_MSA_EXT_9, S390_FEAT_MSA_EXT_4 },
>          { S390_FEAT_MULTIPLE_EPOCH, S390_FEAT_TOD_CLOCK_STEERING },
>          { S390_FEAT_VECTOR_PACKED_DECIMAL, S390_FEAT_VECTOR },
>          { S390_FEAT_VECTOR_ENH, S390_FEAT_VECTOR },
> diff --git a/target/s390x/gen-features.c b/target/s390x/gen-features.c
> index e4739a6b9f..a2f9e2b43f 100644
> --- a/target/s390x/gen-features.c
> +++ b/target/s390x/gen-features.c
> @@ -213,6 +213,38 @@
>      S390_FEAT_KMA_GCM_EAES_192, \
>      S390_FEAT_KMA_GCM_EAES_256
>  
> +#define S390_FEAT_GROUP_MSA_EXT_9 \
> +    S390_FEAT_MSA_EXT_9, \
> +    S390_FEAT_ECDSA_VERIFY_P256, \
> +    S390_FEAT_ECDSA_VERIFY_P384, \
> +    S390_FEAT_ECDSA_VERIFY_P512, \
> +    S390_FEAT_ECDSA_SIGN_P256, \
> +    S390_FEAT_ECDSA_SIGN_P384, \
> +    S390_FEAT_ECDSA_SIGN_P512, \
> +    S390_FEAT_EECDSA_SIGN_P256, \
> +    S390_FEAT_EECDSA_SIGN_P384, \
> +    S390_FEAT_EECDSA_SIGN_P512, \
> +    S390_FEAT_EDDSA_VERIFY_ED25519, \
> +    S390_FEAT_EDDSA_VERIFY_ED448, \
> +    S390_FEAT_EDDSA_SIGN_ED25519, \
> +    S390_FEAT_EDDSA_SIGN_ED448, \
> +    S390_FEAT_EEDDSA_SIGN_ED25519, \
> +    S390_FEAT_EEDDSA_SIGN_ED448, \
> +    S390_FEAT_PCC_SCALAR_MULT_P256, \
> +    S390_FEAT_PCC_SCALAR_MULT_P384, \
> +    S390_FEAT_PCC_SCALAR_MULT_P512, \
> +    S390_FEAT_PCC_SCALAR_MULT_ED25519, \
> +    S390_FEAT_PCC_SCALAR_MULT_ED448, \
> +    S390_FEAT_PCC_SCALAR_MULT_X25519, \
> +    S390_FEAT_PCC_SCALAR_MULT_X448
> +
> +#define S390_FEAT_GROUP_MSA_EXT_9_PCKMO \
> +    S390_FEAT_PCKMO_ECC_P256, \
> +    S390_FEAT_PCKMO_ECC_P384, \
> +    S390_FEAT_PCKMO_ECC_P521, \
> +    S390_FEAT_PCKMO_ECC_ED25519, \
> +    S390_FEAT_PCKMO_ECC_ED448
> +

Just wondering, why keep the PCKMO ones separate, but not e.g. PCC ?

Many subfunctions, luckily we have feature groups.

Reviewed-by: David Hildenbrand <david@redhat.com>
Christian Borntraeger April 30, 2019, 5:41 a.m. UTC | #2
On 29.04.19 21:24, David Hildenbrand wrote:
> On 29.04.19 11:02, Christian Borntraeger wrote:
>> Provide the MSA9 facility (stfle.155).
>> This also contains pckmo functions for key wrapping. Keep them in a
>> separate group to disable those as a block if necessary.
>>
>> Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
>> ---
>>  target/s390x/cpu_features.c     | 32 +++++++++++++++++++++++++
>>  target/s390x/cpu_features.h     |  1 +
>>  target/s390x/cpu_features_def.h | 31 ++++++++++++++++++++++++
>>  target/s390x/cpu_models.c       |  2 ++
>>  target/s390x/gen-features.c     | 42 +++++++++++++++++++++++++++++++++
>>  target/s390x/kvm.c              |  6 +++++
>>  6 files changed, 114 insertions(+)
>>
>> diff --git a/target/s390x/cpu_features.c b/target/s390x/cpu_features.c
>> index bbd8902087..154e2bb354 100644
>> --- a/target/s390x/cpu_features.c
>> +++ b/target/s390x/cpu_features.c
>> @@ -108,6 +108,7 @@ static const S390FeatDef s390_features[] = {
>>      FEAT_INIT("irbm", S390_FEAT_TYPE_STFL, 145, "Insert-reference-bits-multiple facility"),
>>      FEAT_INIT("msa8-base", S390_FEAT_TYPE_STFL, 146, "Message-security-assist-extension-8 facility (excluding subfunctions)"),
>>      FEAT_INIT("cmmnt", S390_FEAT_TYPE_STFL, 147, "CMM: ESSA-enhancement (no translate) facility"),
>> +    FEAT_INIT("msa9-base", S390_FEAT_TYPE_STFL, 155, "Message-security-assist-extension-9 facility (excluding subfunctions)"),
>>      FEAT_INIT("etoken", S390_FEAT_TYPE_STFL, 156, "Etoken facility"),
>>  
>>      /* SCLP SCCB Byte 80 - 98  (bit numbers relative to byte-80) */
>> @@ -242,6 +243,11 @@ static const S390FeatDef s390_features[] = {
>>      FEAT_INIT("pckmo-aes-128", S390_FEAT_TYPE_PCKMO, 18, "PCKMO Encrypted-AES-128-Key"),
>>      FEAT_INIT("pckmo-aes-192", S390_FEAT_TYPE_PCKMO, 19, "PCKMO Encrypted-AES-192-Key"),
>>      FEAT_INIT("pckmo-aes-256", S390_FEAT_TYPE_PCKMO, 20, "PCKMO Encrypted-AES-256-Key"),
>> +    FEAT_INIT("pckmo-ecc-p256", S390_FEAT_TYPE_PCKMO, 32, "PCKMO Encrypt-ECC-P256-Key"),
>> +    FEAT_INIT("pckmo-ecc-p384", S390_FEAT_TYPE_PCKMO, 33, "PCKMO Encrypt-ECC-P384-Key"),
>> +    FEAT_INIT("pckmo-ecc-p521", S390_FEAT_TYPE_PCKMO, 34, "PCKMO Encrypt-ECC-P521-Key"),
>> +    FEAT_INIT("pckmo-ecc-ed25519", S390_FEAT_TYPE_PCKMO, 40 , "PCKMO Encrypt-ECC-Ed25519-Key"),
>> +    FEAT_INIT("pckmo-ecc-ed448", S390_FEAT_TYPE_PCKMO, 41 , "PCKMO Encrypt-ECC-Ed448-Key"),
>>  
>>      FEAT_INIT("kmctr-dea", S390_FEAT_TYPE_KMCTR, 1, "KMCTR DEA"),
>>      FEAT_INIT("kmctr-tdea-128", S390_FEAT_TYPE_KMCTR, 2, "KMCTR TDEA-128"),
>> @@ -298,6 +304,13 @@ static const S390FeatDef s390_features[] = {
>>      FEAT_INIT("pcc-xts-aes-256", S390_FEAT_TYPE_PCC, 52, "PCC Compute-XTS-Parameter-Using-AES-256"),
>>      FEAT_INIT("pcc-xts-eaes-128", S390_FEAT_TYPE_PCC, 58, "PCC Compute-XTS-Parameter-Using-Encrypted-AES-128"),
>>      FEAT_INIT("pcc-xts-eaes-256", S390_FEAT_TYPE_PCC, 60, "PCC Compute-XTS-Parameter-Using-Encrypted-AES-256"),
>> +    FEAT_INIT("pcc-scalar-mult-p256", S390_FEAT_TYPE_PCC, 64, "PCC Scalar-Multiply-P256"),
>> +    FEAT_INIT("pcc-scalar-mult-p384", S390_FEAT_TYPE_PCC, 65, "PCC Scalar-Multiply-P384"),
>> +    FEAT_INIT("pcc-scalar-mult-p521", S390_FEAT_TYPE_PCC, 66, "PCC Scalar-Multiply-P521"),
>> +    FEAT_INIT("pcc-scalar-mult-ed25519", S390_FEAT_TYPE_PCC, 72, "PCC Scalar-Multiply-Ed25519"),
>> +    FEAT_INIT("pcc-scalar-mult-ed448", S390_FEAT_TYPE_PCC, 73, "PCC Scalar-Multiply-Ed448"),
>> +    FEAT_INIT("pcc-scalar-mult-x25519", S390_FEAT_TYPE_PCC, 80, "PCC Scalar-Multiply-X25519"),
>> +    FEAT_INIT("pcc-scalar-mult-x448", S390_FEAT_TYPE_PCC, 81, "PCC Scalar-Multiply-X448"),
>>  
>>      FEAT_INIT("ppno-sha-512-drng", S390_FEAT_TYPE_PPNO, 3, "PPNO SHA-512-DRNG"),
>>      FEAT_INIT("prno-trng-qrtcr", S390_FEAT_TYPE_PPNO, 112, "PRNO TRNG-Query-Raw-to-Conditioned-Ratio"),
>> @@ -309,6 +322,22 @@ static const S390FeatDef s390_features[] = {
>>      FEAT_INIT("kma-gcm-eaes-128", S390_FEAT_TYPE_KMA, 26, "KMA GCM-Encrypted-AES-128"),
>>      FEAT_INIT("kma-gcm-eaes-192", S390_FEAT_TYPE_KMA, 27, "KMA GCM-Encrypted-AES-192"),
>>      FEAT_INIT("kma-gcm-eaes-256", S390_FEAT_TYPE_KMA, 28, "KMA GCM-Encrypted-AES-256"),
>> +
>> +    FEAT_INIT("kdsa-ecdsa-verify-p256", S390_FEAT_TYPE_KDSA, 1, "KDSA ECDSA-Verify-P256"),
>> +    FEAT_INIT("kdsa-ecdsa-verify-p384", S390_FEAT_TYPE_KDSA, 2, "KDSA ECDSA-Verify-P384"),
>> +    FEAT_INIT("kdsa-ecdsa-verify-p521", S390_FEAT_TYPE_KDSA, 3, "KDSA ECDSA-Verify-P521"),
>> +    FEAT_INIT("kdsa-ecdsa-sign-p256", S390_FEAT_TYPE_KDSA, 9, "KDSA ECDSA-Sign-P256"),
>> +    FEAT_INIT("kdsa-ecdsa-sign-p384", S390_FEAT_TYPE_KDSA, 10, "KDSA ECDSA-Sign-P384"),
>> +    FEAT_INIT("kdsa-ecdsa-sign-p521", S390_FEAT_TYPE_KDSA, 11, "KDSA ECDSA-Sign-P521"),
>> +    FEAT_INIT("kdsa-eecdsa-sign-p256", S390_FEAT_TYPE_KDSA, 17, "KDSA Encrypted-ECDSA-Sign-P256"),
>> +    FEAT_INIT("kdsa-eecdsa-sign-p384", S390_FEAT_TYPE_KDSA, 18, "KDSA Encrypted-ECDSA-Sign-P384"),
>> +    FEAT_INIT("kdsa-eecdsa-sign-p521", S390_FEAT_TYPE_KDSA, 19, "KDSA Encrypted-ECDSA-Sign-P521"),
>> +    FEAT_INIT("kdsa-eddsa-verify-ed25519", S390_FEAT_TYPE_KDSA, 32, "KDSA EdDSA-Verify-Ed25519"),
>> +    FEAT_INIT("kdsa-eddsa-verify-ed448", S390_FEAT_TYPE_KDSA, 36, "KDSA EdDSA-Verify-Ed448"),
>> +    FEAT_INIT("kdsa-eddsa-sign-ed25519", S390_FEAT_TYPE_KDSA, 40, "KDSA EdDSA-Sign-Ed25519"),
>> +    FEAT_INIT("kdsa-eddsa-sign-ed448", S390_FEAT_TYPE_KDSA, 44, "KDSA EdDSA-Sign-Ed448"),
>> +    FEAT_INIT("kdsa-eeddsa-sign-ed25519", S390_FEAT_TYPE_KDSA, 48, "KDSA Encrypted-EdDSA-Sign-Ed25519"),
>> +    FEAT_INIT("kdsa-eeddsa-sign-ed448", S390_FEAT_TYPE_KDSA, 52, "KDSA Encrypted-EdDSA-Sign-Ed448"),
>>  };
>>  
>>  const S390FeatDef *s390_feat_def(S390Feat feat)
>> @@ -371,6 +400,7 @@ void s390_fill_feat_block(const S390FeatBitmap features, S390FeatType type,
>>      case S390_FEAT_TYPE_PCC:
>>      case S390_FEAT_TYPE_PPNO:
>>      case S390_FEAT_TYPE_KMA:
>> +    case S390_FEAT_TYPE_KDSA:
>>          set_be_bit(0, data); /* query is always available */
>>          break;
>>      default:
>> @@ -466,6 +496,8 @@ static S390FeatGroupDef s390_feature_groups[] = {
>>      FEAT_GROUP_INIT("msa6", MSA_EXT_6, "Message-security-assist-extension 6 facility"),
>>      FEAT_GROUP_INIT("msa7", MSA_EXT_7, "Message-security-assist-extension 7 facility"),
>>      FEAT_GROUP_INIT("msa8", MSA_EXT_8, "Message-security-assist-extension 8 facility"),
>> +    FEAT_GROUP_INIT("msa9", MSA_EXT_9, "Message-security-assist-extension 9 facility"),
>> +    FEAT_GROUP_INIT("msa9_pckmo", MSA_EXT_9_PCKMO, "Message-security-assist-extension 9 PCKMO subfunctions"),
>>      FEAT_GROUP_INIT("mepochptff", MULTIPLE_EPOCH_PTFF, "PTFF enhancements introduced with Multiple-epoch facility"),
>>  };
>>  
>> diff --git a/target/s390x/cpu_features.h b/target/s390x/cpu_features.h
>> index effe790271..5ffd3db083 100644
>> --- a/target/s390x/cpu_features.h
>> +++ b/target/s390x/cpu_features.h
>> @@ -39,6 +39,7 @@ typedef enum {
>>      S390_FEAT_TYPE_PCC,
>>      S390_FEAT_TYPE_PPNO,
>>      S390_FEAT_TYPE_KMA,
>> +    S390_FEAT_TYPE_KDSA,
>>  } S390FeatType;
>>  
>>  /* Definition of a CPU feature */
>> diff --git a/target/s390x/cpu_features_def.h b/target/s390x/cpu_features_def.h
>> index 31dd678301..030784811b 100644
>> --- a/target/s390x/cpu_features_def.h
>> +++ b/target/s390x/cpu_features_def.h
>> @@ -96,6 +96,7 @@ typedef enum {
>>      S390_FEAT_INSERT_REFERENCE_BITS_MULT,
>>      S390_FEAT_MSA_EXT_8,
>>      S390_FEAT_CMM_NT,
>> +    S390_FEAT_MSA_EXT_9,
>>      S390_FEAT_ETOKEN,
>>  
>>      /* Sclp Conf Char */
>> @@ -240,6 +241,11 @@ typedef enum {
>>      S390_FEAT_PCKMO_AES_128,
>>      S390_FEAT_PCKMO_AES_192,
>>      S390_FEAT_PCKMO_AES_256,
>> +    S390_FEAT_PCKMO_ECC_P256,
>> +    S390_FEAT_PCKMO_ECC_P384,
>> +    S390_FEAT_PCKMO_ECC_P521,
>> +    S390_FEAT_PCKMO_ECC_ED25519,
>> +    S390_FEAT_PCKMO_ECC_ED448,
>>  
>>      /* KMCTR */
>>      S390_FEAT_KMCTR_DEA,
>> @@ -300,6 +306,13 @@ typedef enum {
>>      S390_FEAT_PCC_XTS_AES_256,
>>      S390_FEAT_PCC_XTS_EAES_128,
>>      S390_FEAT_PCC_XTS_EAES_256,
>> +    S390_FEAT_PCC_SCALAR_MULT_P256,
>> +    S390_FEAT_PCC_SCALAR_MULT_P384,
>> +    S390_FEAT_PCC_SCALAR_MULT_P512,
>> +    S390_FEAT_PCC_SCALAR_MULT_ED25519,
>> +    S390_FEAT_PCC_SCALAR_MULT_ED448,
>> +    S390_FEAT_PCC_SCALAR_MULT_X25519,
>> +    S390_FEAT_PCC_SCALAR_MULT_X448,
>>  
>>      /* PPNO/PRNO */
>>      S390_FEAT_PPNO_SHA_512_DRNG,
>> @@ -313,6 +326,24 @@ typedef enum {
>>      S390_FEAT_KMA_GCM_EAES_128,
>>      S390_FEAT_KMA_GCM_EAES_192,
>>      S390_FEAT_KMA_GCM_EAES_256,
>> +
>> +    /* KDSA */
>> +    S390_FEAT_ECDSA_VERIFY_P256,
>> +    S390_FEAT_ECDSA_VERIFY_P384,
>> +    S390_FEAT_ECDSA_VERIFY_P512,
>> +    S390_FEAT_ECDSA_SIGN_P256,
>> +    S390_FEAT_ECDSA_SIGN_P384,
>> +    S390_FEAT_ECDSA_SIGN_P512,
>> +    S390_FEAT_EECDSA_SIGN_P256,
>> +    S390_FEAT_EECDSA_SIGN_P384,
>> +    S390_FEAT_EECDSA_SIGN_P512,
>> +    S390_FEAT_EDDSA_VERIFY_ED25519,
>> +    S390_FEAT_EDDSA_VERIFY_ED448,
>> +    S390_FEAT_EDDSA_SIGN_ED25519,
>> +    S390_FEAT_EDDSA_SIGN_ED448,
>> +    S390_FEAT_EEDDSA_SIGN_ED25519,
>> +    S390_FEAT_EEDDSA_SIGN_ED448,
>> +
>>      S390_FEAT_MAX,
>>  } S390Feat;
>>  
>> diff --git a/target/s390x/cpu_models.c b/target/s390x/cpu_models.c
>> index b4bb5de635..d683635eb5 100644
>> --- a/target/s390x/cpu_models.c
>> +++ b/target/s390x/cpu_models.c
>> @@ -782,6 +782,8 @@ static void check_consistency(const S390CPUModel *model)
>>          { S390_FEAT_SIE_CMMA, S390_FEAT_SIE_GSLS },
>>          { S390_FEAT_SIE_PFMFI, S390_FEAT_EDAT },
>>          { S390_FEAT_MSA_EXT_8, S390_FEAT_MSA_EXT_3 },
>> +        { S390_FEAT_MSA_EXT_9, S390_FEAT_MSA_EXT_3 },
>> +        { S390_FEAT_MSA_EXT_9, S390_FEAT_MSA_EXT_4 },
>>          { S390_FEAT_MULTIPLE_EPOCH, S390_FEAT_TOD_CLOCK_STEERING },
>>          { S390_FEAT_VECTOR_PACKED_DECIMAL, S390_FEAT_VECTOR },
>>          { S390_FEAT_VECTOR_ENH, S390_FEAT_VECTOR },
>> diff --git a/target/s390x/gen-features.c b/target/s390x/gen-features.c
>> index e4739a6b9f..a2f9e2b43f 100644
>> --- a/target/s390x/gen-features.c
>> +++ b/target/s390x/gen-features.c
>> @@ -213,6 +213,38 @@
>>      S390_FEAT_KMA_GCM_EAES_192, \
>>      S390_FEAT_KMA_GCM_EAES_256
>>  
>> +#define S390_FEAT_GROUP_MSA_EXT_9 \
>> +    S390_FEAT_MSA_EXT_9, \
>> +    S390_FEAT_ECDSA_VERIFY_P256, \
>> +    S390_FEAT_ECDSA_VERIFY_P384, \
>> +    S390_FEAT_ECDSA_VERIFY_P512, \
>> +    S390_FEAT_ECDSA_SIGN_P256, \
>> +    S390_FEAT_ECDSA_SIGN_P384, \
>> +    S390_FEAT_ECDSA_SIGN_P512, \
>> +    S390_FEAT_EECDSA_SIGN_P256, \
>> +    S390_FEAT_EECDSA_SIGN_P384, \
>> +    S390_FEAT_EECDSA_SIGN_P512, \
>> +    S390_FEAT_EDDSA_VERIFY_ED25519, \
>> +    S390_FEAT_EDDSA_VERIFY_ED448, \
>> +    S390_FEAT_EDDSA_SIGN_ED25519, \
>> +    S390_FEAT_EDDSA_SIGN_ED448, \
>> +    S390_FEAT_EEDDSA_SIGN_ED25519, \
>> +    S390_FEAT_EEDDSA_SIGN_ED448, \
>> +    S390_FEAT_PCC_SCALAR_MULT_P256, \
>> +    S390_FEAT_PCC_SCALAR_MULT_P384, \
>> +    S390_FEAT_PCC_SCALAR_MULT_P512, \
>> +    S390_FEAT_PCC_SCALAR_MULT_ED25519, \
>> +    S390_FEAT_PCC_SCALAR_MULT_ED448, \
>> +    S390_FEAT_PCC_SCALAR_MULT_X25519, \
>> +    S390_FEAT_PCC_SCALAR_MULT_X448
>> +
>> +#define S390_FEAT_GROUP_MSA_EXT_9_PCKMO \
>> +    S390_FEAT_PCKMO_ECC_P256, \
>> +    S390_FEAT_PCKMO_ECC_P384, \
>> +    S390_FEAT_PCKMO_ECC_P521, \
>> +    S390_FEAT_PCKMO_ECC_ED25519, \
>> +    S390_FEAT_PCKMO_ECC_ED448
>> +
> 
> Just wondering, why keep the PCKMO ones separate, but not e.g. PCC ?

Because those can be disabled at the HMC. It is painful to disable 5 elements
for LPARs that are configured that way. So I created a group for those. That
will allow to disable the full group.
(we have the same issue with the  exisiting AES and DEA pckmo functions).
 
> Many subfunctions, luckily we have feature groups.
> 
> Reviewed-by: David Hildenbrand <david@redhat.com>
>
David Hildenbrand April 30, 2019, 7 a.m. UTC | #3
On 30.04.19 07:41, Christian Borntraeger wrote:
> 
> 
> On 29.04.19 21:24, David Hildenbrand wrote:
>> On 29.04.19 11:02, Christian Borntraeger wrote:
>>> Provide the MSA9 facility (stfle.155).
>>> This also contains pckmo functions for key wrapping. Keep them in a
>>> separate group to disable those as a block if necessary.
>>>
>>> Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
>>> ---
>>>  target/s390x/cpu_features.c     | 32 +++++++++++++++++++++++++
>>>  target/s390x/cpu_features.h     |  1 +
>>>  target/s390x/cpu_features_def.h | 31 ++++++++++++++++++++++++
>>>  target/s390x/cpu_models.c       |  2 ++
>>>  target/s390x/gen-features.c     | 42 +++++++++++++++++++++++++++++++++
>>>  target/s390x/kvm.c              |  6 +++++
>>>  6 files changed, 114 insertions(+)
>>>
>>> diff --git a/target/s390x/cpu_features.c b/target/s390x/cpu_features.c
>>> index bbd8902087..154e2bb354 100644
>>> --- a/target/s390x/cpu_features.c
>>> +++ b/target/s390x/cpu_features.c
>>> @@ -108,6 +108,7 @@ static const S390FeatDef s390_features[] = {
>>>      FEAT_INIT("irbm", S390_FEAT_TYPE_STFL, 145, "Insert-reference-bits-multiple facility"),
>>>      FEAT_INIT("msa8-base", S390_FEAT_TYPE_STFL, 146, "Message-security-assist-extension-8 facility (excluding subfunctions)"),
>>>      FEAT_INIT("cmmnt", S390_FEAT_TYPE_STFL, 147, "CMM: ESSA-enhancement (no translate) facility"),
>>> +    FEAT_INIT("msa9-base", S390_FEAT_TYPE_STFL, 155, "Message-security-assist-extension-9 facility (excluding subfunctions)"),
>>>      FEAT_INIT("etoken", S390_FEAT_TYPE_STFL, 156, "Etoken facility"),
>>>  
>>>      /* SCLP SCCB Byte 80 - 98  (bit numbers relative to byte-80) */
>>> @@ -242,6 +243,11 @@ static const S390FeatDef s390_features[] = {
>>>      FEAT_INIT("pckmo-aes-128", S390_FEAT_TYPE_PCKMO, 18, "PCKMO Encrypted-AES-128-Key"),
>>>      FEAT_INIT("pckmo-aes-192", S390_FEAT_TYPE_PCKMO, 19, "PCKMO Encrypted-AES-192-Key"),
>>>      FEAT_INIT("pckmo-aes-256", S390_FEAT_TYPE_PCKMO, 20, "PCKMO Encrypted-AES-256-Key"),
>>> +    FEAT_INIT("pckmo-ecc-p256", S390_FEAT_TYPE_PCKMO, 32, "PCKMO Encrypt-ECC-P256-Key"),
>>> +    FEAT_INIT("pckmo-ecc-p384", S390_FEAT_TYPE_PCKMO, 33, "PCKMO Encrypt-ECC-P384-Key"),
>>> +    FEAT_INIT("pckmo-ecc-p521", S390_FEAT_TYPE_PCKMO, 34, "PCKMO Encrypt-ECC-P521-Key"),
>>> +    FEAT_INIT("pckmo-ecc-ed25519", S390_FEAT_TYPE_PCKMO, 40 , "PCKMO Encrypt-ECC-Ed25519-Key"),
>>> +    FEAT_INIT("pckmo-ecc-ed448", S390_FEAT_TYPE_PCKMO, 41 , "PCKMO Encrypt-ECC-Ed448-Key"),
>>>  
>>>      FEAT_INIT("kmctr-dea", S390_FEAT_TYPE_KMCTR, 1, "KMCTR DEA"),
>>>      FEAT_INIT("kmctr-tdea-128", S390_FEAT_TYPE_KMCTR, 2, "KMCTR TDEA-128"),
>>> @@ -298,6 +304,13 @@ static const S390FeatDef s390_features[] = {
>>>      FEAT_INIT("pcc-xts-aes-256", S390_FEAT_TYPE_PCC, 52, "PCC Compute-XTS-Parameter-Using-AES-256"),
>>>      FEAT_INIT("pcc-xts-eaes-128", S390_FEAT_TYPE_PCC, 58, "PCC Compute-XTS-Parameter-Using-Encrypted-AES-128"),
>>>      FEAT_INIT("pcc-xts-eaes-256", S390_FEAT_TYPE_PCC, 60, "PCC Compute-XTS-Parameter-Using-Encrypted-AES-256"),
>>> +    FEAT_INIT("pcc-scalar-mult-p256", S390_FEAT_TYPE_PCC, 64, "PCC Scalar-Multiply-P256"),
>>> +    FEAT_INIT("pcc-scalar-mult-p384", S390_FEAT_TYPE_PCC, 65, "PCC Scalar-Multiply-P384"),
>>> +    FEAT_INIT("pcc-scalar-mult-p521", S390_FEAT_TYPE_PCC, 66, "PCC Scalar-Multiply-P521"),
>>> +    FEAT_INIT("pcc-scalar-mult-ed25519", S390_FEAT_TYPE_PCC, 72, "PCC Scalar-Multiply-Ed25519"),
>>> +    FEAT_INIT("pcc-scalar-mult-ed448", S390_FEAT_TYPE_PCC, 73, "PCC Scalar-Multiply-Ed448"),
>>> +    FEAT_INIT("pcc-scalar-mult-x25519", S390_FEAT_TYPE_PCC, 80, "PCC Scalar-Multiply-X25519"),
>>> +    FEAT_INIT("pcc-scalar-mult-x448", S390_FEAT_TYPE_PCC, 81, "PCC Scalar-Multiply-X448"),
>>>  
>>>      FEAT_INIT("ppno-sha-512-drng", S390_FEAT_TYPE_PPNO, 3, "PPNO SHA-512-DRNG"),
>>>      FEAT_INIT("prno-trng-qrtcr", S390_FEAT_TYPE_PPNO, 112, "PRNO TRNG-Query-Raw-to-Conditioned-Ratio"),
>>> @@ -309,6 +322,22 @@ static const S390FeatDef s390_features[] = {
>>>      FEAT_INIT("kma-gcm-eaes-128", S390_FEAT_TYPE_KMA, 26, "KMA GCM-Encrypted-AES-128"),
>>>      FEAT_INIT("kma-gcm-eaes-192", S390_FEAT_TYPE_KMA, 27, "KMA GCM-Encrypted-AES-192"),
>>>      FEAT_INIT("kma-gcm-eaes-256", S390_FEAT_TYPE_KMA, 28, "KMA GCM-Encrypted-AES-256"),
>>> +
>>> +    FEAT_INIT("kdsa-ecdsa-verify-p256", S390_FEAT_TYPE_KDSA, 1, "KDSA ECDSA-Verify-P256"),
>>> +    FEAT_INIT("kdsa-ecdsa-verify-p384", S390_FEAT_TYPE_KDSA, 2, "KDSA ECDSA-Verify-P384"),
>>> +    FEAT_INIT("kdsa-ecdsa-verify-p521", S390_FEAT_TYPE_KDSA, 3, "KDSA ECDSA-Verify-P521"),
>>> +    FEAT_INIT("kdsa-ecdsa-sign-p256", S390_FEAT_TYPE_KDSA, 9, "KDSA ECDSA-Sign-P256"),
>>> +    FEAT_INIT("kdsa-ecdsa-sign-p384", S390_FEAT_TYPE_KDSA, 10, "KDSA ECDSA-Sign-P384"),
>>> +    FEAT_INIT("kdsa-ecdsa-sign-p521", S390_FEAT_TYPE_KDSA, 11, "KDSA ECDSA-Sign-P521"),
>>> +    FEAT_INIT("kdsa-eecdsa-sign-p256", S390_FEAT_TYPE_KDSA, 17, "KDSA Encrypted-ECDSA-Sign-P256"),
>>> +    FEAT_INIT("kdsa-eecdsa-sign-p384", S390_FEAT_TYPE_KDSA, 18, "KDSA Encrypted-ECDSA-Sign-P384"),
>>> +    FEAT_INIT("kdsa-eecdsa-sign-p521", S390_FEAT_TYPE_KDSA, 19, "KDSA Encrypted-ECDSA-Sign-P521"),
>>> +    FEAT_INIT("kdsa-eddsa-verify-ed25519", S390_FEAT_TYPE_KDSA, 32, "KDSA EdDSA-Verify-Ed25519"),
>>> +    FEAT_INIT("kdsa-eddsa-verify-ed448", S390_FEAT_TYPE_KDSA, 36, "KDSA EdDSA-Verify-Ed448"),
>>> +    FEAT_INIT("kdsa-eddsa-sign-ed25519", S390_FEAT_TYPE_KDSA, 40, "KDSA EdDSA-Sign-Ed25519"),
>>> +    FEAT_INIT("kdsa-eddsa-sign-ed448", S390_FEAT_TYPE_KDSA, 44, "KDSA EdDSA-Sign-Ed448"),
>>> +    FEAT_INIT("kdsa-eeddsa-sign-ed25519", S390_FEAT_TYPE_KDSA, 48, "KDSA Encrypted-EdDSA-Sign-Ed25519"),
>>> +    FEAT_INIT("kdsa-eeddsa-sign-ed448", S390_FEAT_TYPE_KDSA, 52, "KDSA Encrypted-EdDSA-Sign-Ed448"),
>>>  };
>>>  
>>>  const S390FeatDef *s390_feat_def(S390Feat feat)
>>> @@ -371,6 +400,7 @@ void s390_fill_feat_block(const S390FeatBitmap features, S390FeatType type,
>>>      case S390_FEAT_TYPE_PCC:
>>>      case S390_FEAT_TYPE_PPNO:
>>>      case S390_FEAT_TYPE_KMA:
>>> +    case S390_FEAT_TYPE_KDSA:
>>>          set_be_bit(0, data); /* query is always available */
>>>          break;
>>>      default:
>>> @@ -466,6 +496,8 @@ static S390FeatGroupDef s390_feature_groups[] = {
>>>      FEAT_GROUP_INIT("msa6", MSA_EXT_6, "Message-security-assist-extension 6 facility"),
>>>      FEAT_GROUP_INIT("msa7", MSA_EXT_7, "Message-security-assist-extension 7 facility"),
>>>      FEAT_GROUP_INIT("msa8", MSA_EXT_8, "Message-security-assist-extension 8 facility"),
>>> +    FEAT_GROUP_INIT("msa9", MSA_EXT_9, "Message-security-assist-extension 9 facility"),
>>> +    FEAT_GROUP_INIT("msa9_pckmo", MSA_EXT_9_PCKMO, "Message-security-assist-extension 9 PCKMO subfunctions"),
>>>      FEAT_GROUP_INIT("mepochptff", MULTIPLE_EPOCH_PTFF, "PTFF enhancements introduced with Multiple-epoch facility"),
>>>  };
>>>  
>>> diff --git a/target/s390x/cpu_features.h b/target/s390x/cpu_features.h
>>> index effe790271..5ffd3db083 100644
>>> --- a/target/s390x/cpu_features.h
>>> +++ b/target/s390x/cpu_features.h
>>> @@ -39,6 +39,7 @@ typedef enum {
>>>      S390_FEAT_TYPE_PCC,
>>>      S390_FEAT_TYPE_PPNO,
>>>      S390_FEAT_TYPE_KMA,
>>> +    S390_FEAT_TYPE_KDSA,
>>>  } S390FeatType;
>>>  
>>>  /* Definition of a CPU feature */
>>> diff --git a/target/s390x/cpu_features_def.h b/target/s390x/cpu_features_def.h
>>> index 31dd678301..030784811b 100644
>>> --- a/target/s390x/cpu_features_def.h
>>> +++ b/target/s390x/cpu_features_def.h
>>> @@ -96,6 +96,7 @@ typedef enum {
>>>      S390_FEAT_INSERT_REFERENCE_BITS_MULT,
>>>      S390_FEAT_MSA_EXT_8,
>>>      S390_FEAT_CMM_NT,
>>> +    S390_FEAT_MSA_EXT_9,
>>>      S390_FEAT_ETOKEN,
>>>  
>>>      /* Sclp Conf Char */
>>> @@ -240,6 +241,11 @@ typedef enum {
>>>      S390_FEAT_PCKMO_AES_128,
>>>      S390_FEAT_PCKMO_AES_192,
>>>      S390_FEAT_PCKMO_AES_256,
>>> +    S390_FEAT_PCKMO_ECC_P256,
>>> +    S390_FEAT_PCKMO_ECC_P384,
>>> +    S390_FEAT_PCKMO_ECC_P521,
>>> +    S390_FEAT_PCKMO_ECC_ED25519,
>>> +    S390_FEAT_PCKMO_ECC_ED448,
>>>  
>>>      /* KMCTR */
>>>      S390_FEAT_KMCTR_DEA,
>>> @@ -300,6 +306,13 @@ typedef enum {
>>>      S390_FEAT_PCC_XTS_AES_256,
>>>      S390_FEAT_PCC_XTS_EAES_128,
>>>      S390_FEAT_PCC_XTS_EAES_256,
>>> +    S390_FEAT_PCC_SCALAR_MULT_P256,
>>> +    S390_FEAT_PCC_SCALAR_MULT_P384,
>>> +    S390_FEAT_PCC_SCALAR_MULT_P512,
>>> +    S390_FEAT_PCC_SCALAR_MULT_ED25519,
>>> +    S390_FEAT_PCC_SCALAR_MULT_ED448,
>>> +    S390_FEAT_PCC_SCALAR_MULT_X25519,
>>> +    S390_FEAT_PCC_SCALAR_MULT_X448,
>>>  
>>>      /* PPNO/PRNO */
>>>      S390_FEAT_PPNO_SHA_512_DRNG,
>>> @@ -313,6 +326,24 @@ typedef enum {
>>>      S390_FEAT_KMA_GCM_EAES_128,
>>>      S390_FEAT_KMA_GCM_EAES_192,
>>>      S390_FEAT_KMA_GCM_EAES_256,
>>> +
>>> +    /* KDSA */
>>> +    S390_FEAT_ECDSA_VERIFY_P256,
>>> +    S390_FEAT_ECDSA_VERIFY_P384,
>>> +    S390_FEAT_ECDSA_VERIFY_P512,
>>> +    S390_FEAT_ECDSA_SIGN_P256,
>>> +    S390_FEAT_ECDSA_SIGN_P384,
>>> +    S390_FEAT_ECDSA_SIGN_P512,
>>> +    S390_FEAT_EECDSA_SIGN_P256,
>>> +    S390_FEAT_EECDSA_SIGN_P384,
>>> +    S390_FEAT_EECDSA_SIGN_P512,
>>> +    S390_FEAT_EDDSA_VERIFY_ED25519,
>>> +    S390_FEAT_EDDSA_VERIFY_ED448,
>>> +    S390_FEAT_EDDSA_SIGN_ED25519,
>>> +    S390_FEAT_EDDSA_SIGN_ED448,
>>> +    S390_FEAT_EEDDSA_SIGN_ED25519,
>>> +    S390_FEAT_EEDDSA_SIGN_ED448,
>>> +
>>>      S390_FEAT_MAX,
>>>  } S390Feat;
>>>  
>>> diff --git a/target/s390x/cpu_models.c b/target/s390x/cpu_models.c
>>> index b4bb5de635..d683635eb5 100644
>>> --- a/target/s390x/cpu_models.c
>>> +++ b/target/s390x/cpu_models.c
>>> @@ -782,6 +782,8 @@ static void check_consistency(const S390CPUModel *model)
>>>          { S390_FEAT_SIE_CMMA, S390_FEAT_SIE_GSLS },
>>>          { S390_FEAT_SIE_PFMFI, S390_FEAT_EDAT },
>>>          { S390_FEAT_MSA_EXT_8, S390_FEAT_MSA_EXT_3 },
>>> +        { S390_FEAT_MSA_EXT_9, S390_FEAT_MSA_EXT_3 },
>>> +        { S390_FEAT_MSA_EXT_9, S390_FEAT_MSA_EXT_4 },
>>>          { S390_FEAT_MULTIPLE_EPOCH, S390_FEAT_TOD_CLOCK_STEERING },
>>>          { S390_FEAT_VECTOR_PACKED_DECIMAL, S390_FEAT_VECTOR },
>>>          { S390_FEAT_VECTOR_ENH, S390_FEAT_VECTOR },
>>> diff --git a/target/s390x/gen-features.c b/target/s390x/gen-features.c
>>> index e4739a6b9f..a2f9e2b43f 100644
>>> --- a/target/s390x/gen-features.c
>>> +++ b/target/s390x/gen-features.c
>>> @@ -213,6 +213,38 @@
>>>      S390_FEAT_KMA_GCM_EAES_192, \
>>>      S390_FEAT_KMA_GCM_EAES_256
>>>  
>>> +#define S390_FEAT_GROUP_MSA_EXT_9 \
>>> +    S390_FEAT_MSA_EXT_9, \
>>> +    S390_FEAT_ECDSA_VERIFY_P256, \
>>> +    S390_FEAT_ECDSA_VERIFY_P384, \
>>> +    S390_FEAT_ECDSA_VERIFY_P512, \
>>> +    S390_FEAT_ECDSA_SIGN_P256, \
>>> +    S390_FEAT_ECDSA_SIGN_P384, \
>>> +    S390_FEAT_ECDSA_SIGN_P512, \
>>> +    S390_FEAT_EECDSA_SIGN_P256, \
>>> +    S390_FEAT_EECDSA_SIGN_P384, \
>>> +    S390_FEAT_EECDSA_SIGN_P512, \
>>> +    S390_FEAT_EDDSA_VERIFY_ED25519, \
>>> +    S390_FEAT_EDDSA_VERIFY_ED448, \
>>> +    S390_FEAT_EDDSA_SIGN_ED25519, \
>>> +    S390_FEAT_EDDSA_SIGN_ED448, \
>>> +    S390_FEAT_EEDDSA_SIGN_ED25519, \
>>> +    S390_FEAT_EEDDSA_SIGN_ED448, \
>>> +    S390_FEAT_PCC_SCALAR_MULT_P256, \
>>> +    S390_FEAT_PCC_SCALAR_MULT_P384, \
>>> +    S390_FEAT_PCC_SCALAR_MULT_P512, \
>>> +    S390_FEAT_PCC_SCALAR_MULT_ED25519, \
>>> +    S390_FEAT_PCC_SCALAR_MULT_ED448, \
>>> +    S390_FEAT_PCC_SCALAR_MULT_X25519, \
>>> +    S390_FEAT_PCC_SCALAR_MULT_X448
>>> +
>>> +#define S390_FEAT_GROUP_MSA_EXT_9_PCKMO \
>>> +    S390_FEAT_PCKMO_ECC_P256, \
>>> +    S390_FEAT_PCKMO_ECC_P384, \
>>> +    S390_FEAT_PCKMO_ECC_P521, \
>>> +    S390_FEAT_PCKMO_ECC_ED25519, \
>>> +    S390_FEAT_PCKMO_ECC_ED448
>>> +
>>
>> Just wondering, why keep the PCKMO ones separate, but not e.g. PCC ?
> 
> Because those can be disabled at the HMC. It is painful to disable 5 elements
> for LPARs that are configured that way. So I created a group for those. That
> will allow to disable the full group.
> (we have the same issue with the  exisiting AES and DEA pckmo functions).

Rings a bell, maybe that information would be good to have in the cover
letter. I guess Conny might want to change the description when picking up:

"Provide the MSA9 facility (stfle.155). This also contains pckmo
subfunctions for key wrapping. Keep them in a separate group to disable
those as a block if necessary. This is for example needed when disabling
key wrapping via the HMC."

Thanks
Cornelia Huck April 30, 2019, 7:13 a.m. UTC | #4
On Tue, 30 Apr 2019 09:00:56 +0200
David Hildenbrand <david@redhat.com> wrote:

> On 30.04.19 07:41, Christian Borntraeger wrote:
> > 
> > 
> > On 29.04.19 21:24, David Hildenbrand wrote:  

> >> Just wondering, why keep the PCKMO ones separate, but not e.g. PCC ?  
> > 
> > Because those can be disabled at the HMC. It is painful to disable 5 elements
> > for LPARs that are configured that way. So I created a group for those. That
> > will allow to disable the full group.
> > (we have the same issue with the  exisiting AES and DEA pckmo functions).  
> 
> Rings a bell, maybe that information would be good to have in the cover
> letter. I guess Conny might want to change the description when picking up:
> 
> "Provide the MSA9 facility (stfle.155). This also contains pckmo
> subfunctions for key wrapping. Keep them in a separate group to disable
> those as a block if necessary. This is for example needed when disabling
> key wrapping via the HMC."

Sure, makes sense to fold that in.
diff mbox series

Patch

diff --git a/target/s390x/cpu_features.c b/target/s390x/cpu_features.c
index bbd8902087..154e2bb354 100644
--- a/target/s390x/cpu_features.c
+++ b/target/s390x/cpu_features.c
@@ -108,6 +108,7 @@  static const S390FeatDef s390_features[] = {
     FEAT_INIT("irbm", S390_FEAT_TYPE_STFL, 145, "Insert-reference-bits-multiple facility"),
     FEAT_INIT("msa8-base", S390_FEAT_TYPE_STFL, 146, "Message-security-assist-extension-8 facility (excluding subfunctions)"),
     FEAT_INIT("cmmnt", S390_FEAT_TYPE_STFL, 147, "CMM: ESSA-enhancement (no translate) facility"),
+    FEAT_INIT("msa9-base", S390_FEAT_TYPE_STFL, 155, "Message-security-assist-extension-9 facility (excluding subfunctions)"),
     FEAT_INIT("etoken", S390_FEAT_TYPE_STFL, 156, "Etoken facility"),
 
     /* SCLP SCCB Byte 80 - 98  (bit numbers relative to byte-80) */
@@ -242,6 +243,11 @@  static const S390FeatDef s390_features[] = {
     FEAT_INIT("pckmo-aes-128", S390_FEAT_TYPE_PCKMO, 18, "PCKMO Encrypted-AES-128-Key"),
     FEAT_INIT("pckmo-aes-192", S390_FEAT_TYPE_PCKMO, 19, "PCKMO Encrypted-AES-192-Key"),
     FEAT_INIT("pckmo-aes-256", S390_FEAT_TYPE_PCKMO, 20, "PCKMO Encrypted-AES-256-Key"),
+    FEAT_INIT("pckmo-ecc-p256", S390_FEAT_TYPE_PCKMO, 32, "PCKMO Encrypt-ECC-P256-Key"),
+    FEAT_INIT("pckmo-ecc-p384", S390_FEAT_TYPE_PCKMO, 33, "PCKMO Encrypt-ECC-P384-Key"),
+    FEAT_INIT("pckmo-ecc-p521", S390_FEAT_TYPE_PCKMO, 34, "PCKMO Encrypt-ECC-P521-Key"),
+    FEAT_INIT("pckmo-ecc-ed25519", S390_FEAT_TYPE_PCKMO, 40 , "PCKMO Encrypt-ECC-Ed25519-Key"),
+    FEAT_INIT("pckmo-ecc-ed448", S390_FEAT_TYPE_PCKMO, 41 , "PCKMO Encrypt-ECC-Ed448-Key"),
 
     FEAT_INIT("kmctr-dea", S390_FEAT_TYPE_KMCTR, 1, "KMCTR DEA"),
     FEAT_INIT("kmctr-tdea-128", S390_FEAT_TYPE_KMCTR, 2, "KMCTR TDEA-128"),
@@ -298,6 +304,13 @@  static const S390FeatDef s390_features[] = {
     FEAT_INIT("pcc-xts-aes-256", S390_FEAT_TYPE_PCC, 52, "PCC Compute-XTS-Parameter-Using-AES-256"),
     FEAT_INIT("pcc-xts-eaes-128", S390_FEAT_TYPE_PCC, 58, "PCC Compute-XTS-Parameter-Using-Encrypted-AES-128"),
     FEAT_INIT("pcc-xts-eaes-256", S390_FEAT_TYPE_PCC, 60, "PCC Compute-XTS-Parameter-Using-Encrypted-AES-256"),
+    FEAT_INIT("pcc-scalar-mult-p256", S390_FEAT_TYPE_PCC, 64, "PCC Scalar-Multiply-P256"),
+    FEAT_INIT("pcc-scalar-mult-p384", S390_FEAT_TYPE_PCC, 65, "PCC Scalar-Multiply-P384"),
+    FEAT_INIT("pcc-scalar-mult-p521", S390_FEAT_TYPE_PCC, 66, "PCC Scalar-Multiply-P521"),
+    FEAT_INIT("pcc-scalar-mult-ed25519", S390_FEAT_TYPE_PCC, 72, "PCC Scalar-Multiply-Ed25519"),
+    FEAT_INIT("pcc-scalar-mult-ed448", S390_FEAT_TYPE_PCC, 73, "PCC Scalar-Multiply-Ed448"),
+    FEAT_INIT("pcc-scalar-mult-x25519", S390_FEAT_TYPE_PCC, 80, "PCC Scalar-Multiply-X25519"),
+    FEAT_INIT("pcc-scalar-mult-x448", S390_FEAT_TYPE_PCC, 81, "PCC Scalar-Multiply-X448"),
 
     FEAT_INIT("ppno-sha-512-drng", S390_FEAT_TYPE_PPNO, 3, "PPNO SHA-512-DRNG"),
     FEAT_INIT("prno-trng-qrtcr", S390_FEAT_TYPE_PPNO, 112, "PRNO TRNG-Query-Raw-to-Conditioned-Ratio"),
@@ -309,6 +322,22 @@  static const S390FeatDef s390_features[] = {
     FEAT_INIT("kma-gcm-eaes-128", S390_FEAT_TYPE_KMA, 26, "KMA GCM-Encrypted-AES-128"),
     FEAT_INIT("kma-gcm-eaes-192", S390_FEAT_TYPE_KMA, 27, "KMA GCM-Encrypted-AES-192"),
     FEAT_INIT("kma-gcm-eaes-256", S390_FEAT_TYPE_KMA, 28, "KMA GCM-Encrypted-AES-256"),
+
+    FEAT_INIT("kdsa-ecdsa-verify-p256", S390_FEAT_TYPE_KDSA, 1, "KDSA ECDSA-Verify-P256"),
+    FEAT_INIT("kdsa-ecdsa-verify-p384", S390_FEAT_TYPE_KDSA, 2, "KDSA ECDSA-Verify-P384"),
+    FEAT_INIT("kdsa-ecdsa-verify-p521", S390_FEAT_TYPE_KDSA, 3, "KDSA ECDSA-Verify-P521"),
+    FEAT_INIT("kdsa-ecdsa-sign-p256", S390_FEAT_TYPE_KDSA, 9, "KDSA ECDSA-Sign-P256"),
+    FEAT_INIT("kdsa-ecdsa-sign-p384", S390_FEAT_TYPE_KDSA, 10, "KDSA ECDSA-Sign-P384"),
+    FEAT_INIT("kdsa-ecdsa-sign-p521", S390_FEAT_TYPE_KDSA, 11, "KDSA ECDSA-Sign-P521"),
+    FEAT_INIT("kdsa-eecdsa-sign-p256", S390_FEAT_TYPE_KDSA, 17, "KDSA Encrypted-ECDSA-Sign-P256"),
+    FEAT_INIT("kdsa-eecdsa-sign-p384", S390_FEAT_TYPE_KDSA, 18, "KDSA Encrypted-ECDSA-Sign-P384"),
+    FEAT_INIT("kdsa-eecdsa-sign-p521", S390_FEAT_TYPE_KDSA, 19, "KDSA Encrypted-ECDSA-Sign-P521"),
+    FEAT_INIT("kdsa-eddsa-verify-ed25519", S390_FEAT_TYPE_KDSA, 32, "KDSA EdDSA-Verify-Ed25519"),
+    FEAT_INIT("kdsa-eddsa-verify-ed448", S390_FEAT_TYPE_KDSA, 36, "KDSA EdDSA-Verify-Ed448"),
+    FEAT_INIT("kdsa-eddsa-sign-ed25519", S390_FEAT_TYPE_KDSA, 40, "KDSA EdDSA-Sign-Ed25519"),
+    FEAT_INIT("kdsa-eddsa-sign-ed448", S390_FEAT_TYPE_KDSA, 44, "KDSA EdDSA-Sign-Ed448"),
+    FEAT_INIT("kdsa-eeddsa-sign-ed25519", S390_FEAT_TYPE_KDSA, 48, "KDSA Encrypted-EdDSA-Sign-Ed25519"),
+    FEAT_INIT("kdsa-eeddsa-sign-ed448", S390_FEAT_TYPE_KDSA, 52, "KDSA Encrypted-EdDSA-Sign-Ed448"),
 };
 
 const S390FeatDef *s390_feat_def(S390Feat feat)
@@ -371,6 +400,7 @@  void s390_fill_feat_block(const S390FeatBitmap features, S390FeatType type,
     case S390_FEAT_TYPE_PCC:
     case S390_FEAT_TYPE_PPNO:
     case S390_FEAT_TYPE_KMA:
+    case S390_FEAT_TYPE_KDSA:
         set_be_bit(0, data); /* query is always available */
         break;
     default:
@@ -466,6 +496,8 @@  static S390FeatGroupDef s390_feature_groups[] = {
     FEAT_GROUP_INIT("msa6", MSA_EXT_6, "Message-security-assist-extension 6 facility"),
     FEAT_GROUP_INIT("msa7", MSA_EXT_7, "Message-security-assist-extension 7 facility"),
     FEAT_GROUP_INIT("msa8", MSA_EXT_8, "Message-security-assist-extension 8 facility"),
+    FEAT_GROUP_INIT("msa9", MSA_EXT_9, "Message-security-assist-extension 9 facility"),
+    FEAT_GROUP_INIT("msa9_pckmo", MSA_EXT_9_PCKMO, "Message-security-assist-extension 9 PCKMO subfunctions"),
     FEAT_GROUP_INIT("mepochptff", MULTIPLE_EPOCH_PTFF, "PTFF enhancements introduced with Multiple-epoch facility"),
 };
 
diff --git a/target/s390x/cpu_features.h b/target/s390x/cpu_features.h
index effe790271..5ffd3db083 100644
--- a/target/s390x/cpu_features.h
+++ b/target/s390x/cpu_features.h
@@ -39,6 +39,7 @@  typedef enum {
     S390_FEAT_TYPE_PCC,
     S390_FEAT_TYPE_PPNO,
     S390_FEAT_TYPE_KMA,
+    S390_FEAT_TYPE_KDSA,
 } S390FeatType;
 
 /* Definition of a CPU feature */
diff --git a/target/s390x/cpu_features_def.h b/target/s390x/cpu_features_def.h
index 31dd678301..030784811b 100644
--- a/target/s390x/cpu_features_def.h
+++ b/target/s390x/cpu_features_def.h
@@ -96,6 +96,7 @@  typedef enum {
     S390_FEAT_INSERT_REFERENCE_BITS_MULT,
     S390_FEAT_MSA_EXT_8,
     S390_FEAT_CMM_NT,
+    S390_FEAT_MSA_EXT_9,
     S390_FEAT_ETOKEN,
 
     /* Sclp Conf Char */
@@ -240,6 +241,11 @@  typedef enum {
     S390_FEAT_PCKMO_AES_128,
     S390_FEAT_PCKMO_AES_192,
     S390_FEAT_PCKMO_AES_256,
+    S390_FEAT_PCKMO_ECC_P256,
+    S390_FEAT_PCKMO_ECC_P384,
+    S390_FEAT_PCKMO_ECC_P521,
+    S390_FEAT_PCKMO_ECC_ED25519,
+    S390_FEAT_PCKMO_ECC_ED448,
 
     /* KMCTR */
     S390_FEAT_KMCTR_DEA,
@@ -300,6 +306,13 @@  typedef enum {
     S390_FEAT_PCC_XTS_AES_256,
     S390_FEAT_PCC_XTS_EAES_128,
     S390_FEAT_PCC_XTS_EAES_256,
+    S390_FEAT_PCC_SCALAR_MULT_P256,
+    S390_FEAT_PCC_SCALAR_MULT_P384,
+    S390_FEAT_PCC_SCALAR_MULT_P512,
+    S390_FEAT_PCC_SCALAR_MULT_ED25519,
+    S390_FEAT_PCC_SCALAR_MULT_ED448,
+    S390_FEAT_PCC_SCALAR_MULT_X25519,
+    S390_FEAT_PCC_SCALAR_MULT_X448,
 
     /* PPNO/PRNO */
     S390_FEAT_PPNO_SHA_512_DRNG,
@@ -313,6 +326,24 @@  typedef enum {
     S390_FEAT_KMA_GCM_EAES_128,
     S390_FEAT_KMA_GCM_EAES_192,
     S390_FEAT_KMA_GCM_EAES_256,
+
+    /* KDSA */
+    S390_FEAT_ECDSA_VERIFY_P256,
+    S390_FEAT_ECDSA_VERIFY_P384,
+    S390_FEAT_ECDSA_VERIFY_P512,
+    S390_FEAT_ECDSA_SIGN_P256,
+    S390_FEAT_ECDSA_SIGN_P384,
+    S390_FEAT_ECDSA_SIGN_P512,
+    S390_FEAT_EECDSA_SIGN_P256,
+    S390_FEAT_EECDSA_SIGN_P384,
+    S390_FEAT_EECDSA_SIGN_P512,
+    S390_FEAT_EDDSA_VERIFY_ED25519,
+    S390_FEAT_EDDSA_VERIFY_ED448,
+    S390_FEAT_EDDSA_SIGN_ED25519,
+    S390_FEAT_EDDSA_SIGN_ED448,
+    S390_FEAT_EEDDSA_SIGN_ED25519,
+    S390_FEAT_EEDDSA_SIGN_ED448,
+
     S390_FEAT_MAX,
 } S390Feat;
 
diff --git a/target/s390x/cpu_models.c b/target/s390x/cpu_models.c
index b4bb5de635..d683635eb5 100644
--- a/target/s390x/cpu_models.c
+++ b/target/s390x/cpu_models.c
@@ -782,6 +782,8 @@  static void check_consistency(const S390CPUModel *model)
         { S390_FEAT_SIE_CMMA, S390_FEAT_SIE_GSLS },
         { S390_FEAT_SIE_PFMFI, S390_FEAT_EDAT },
         { S390_FEAT_MSA_EXT_8, S390_FEAT_MSA_EXT_3 },
+        { S390_FEAT_MSA_EXT_9, S390_FEAT_MSA_EXT_3 },
+        { S390_FEAT_MSA_EXT_9, S390_FEAT_MSA_EXT_4 },
         { S390_FEAT_MULTIPLE_EPOCH, S390_FEAT_TOD_CLOCK_STEERING },
         { S390_FEAT_VECTOR_PACKED_DECIMAL, S390_FEAT_VECTOR },
         { S390_FEAT_VECTOR_ENH, S390_FEAT_VECTOR },
diff --git a/target/s390x/gen-features.c b/target/s390x/gen-features.c
index e4739a6b9f..a2f9e2b43f 100644
--- a/target/s390x/gen-features.c
+++ b/target/s390x/gen-features.c
@@ -213,6 +213,38 @@ 
     S390_FEAT_KMA_GCM_EAES_192, \
     S390_FEAT_KMA_GCM_EAES_256
 
+#define S390_FEAT_GROUP_MSA_EXT_9 \
+    S390_FEAT_MSA_EXT_9, \
+    S390_FEAT_ECDSA_VERIFY_P256, \
+    S390_FEAT_ECDSA_VERIFY_P384, \
+    S390_FEAT_ECDSA_VERIFY_P512, \
+    S390_FEAT_ECDSA_SIGN_P256, \
+    S390_FEAT_ECDSA_SIGN_P384, \
+    S390_FEAT_ECDSA_SIGN_P512, \
+    S390_FEAT_EECDSA_SIGN_P256, \
+    S390_FEAT_EECDSA_SIGN_P384, \
+    S390_FEAT_EECDSA_SIGN_P512, \
+    S390_FEAT_EDDSA_VERIFY_ED25519, \
+    S390_FEAT_EDDSA_VERIFY_ED448, \
+    S390_FEAT_EDDSA_SIGN_ED25519, \
+    S390_FEAT_EDDSA_SIGN_ED448, \
+    S390_FEAT_EEDDSA_SIGN_ED25519, \
+    S390_FEAT_EEDDSA_SIGN_ED448, \
+    S390_FEAT_PCC_SCALAR_MULT_P256, \
+    S390_FEAT_PCC_SCALAR_MULT_P384, \
+    S390_FEAT_PCC_SCALAR_MULT_P512, \
+    S390_FEAT_PCC_SCALAR_MULT_ED25519, \
+    S390_FEAT_PCC_SCALAR_MULT_ED448, \
+    S390_FEAT_PCC_SCALAR_MULT_X25519, \
+    S390_FEAT_PCC_SCALAR_MULT_X448
+
+#define S390_FEAT_GROUP_MSA_EXT_9_PCKMO \
+    S390_FEAT_PCKMO_ECC_P256, \
+    S390_FEAT_PCKMO_ECC_P384, \
+    S390_FEAT_PCKMO_ECC_P521, \
+    S390_FEAT_PCKMO_ECC_ED25519, \
+    S390_FEAT_PCKMO_ECC_ED448
+
 /* cpu feature groups */
 static uint16_t group_PLO[] = {
     S390_FEAT_GROUP_PLO,
@@ -254,6 +286,14 @@  static uint16_t group_MSA_EXT_8[] = {
     S390_FEAT_GROUP_MSA_EXT_8,
 };
 
+static uint16_t group_MSA_EXT_9[] = {
+    S390_FEAT_GROUP_MSA_EXT_9,
+};
+
+static uint16_t group_MSA_EXT_9_PCKMO[] = {
+    S390_FEAT_GROUP_MSA_EXT_9_PCKMO,
+};
+
 /* Base features (in order of release)
  * Only non-hypervisor managed features belong here.
  * Base feature sets are static meaning they do not change in future QEMU
@@ -709,6 +749,8 @@  static FeatGroupDefSpec FeatGroupDef[] = {
     FEAT_GROUP_INITIALIZER(MSA_EXT_6),
     FEAT_GROUP_INITIALIZER(MSA_EXT_7),
     FEAT_GROUP_INITIALIZER(MSA_EXT_8),
+    FEAT_GROUP_INITIALIZER(MSA_EXT_9),
+    FEAT_GROUP_INITIALIZER(MSA_EXT_9_PCKMO),
     FEAT_GROUP_INITIALIZER(MULTIPLE_EPOCH_PTFF),
 };
 
diff --git a/target/s390x/kvm.c b/target/s390x/kvm.c
index 7df7be4a1b..de0b984b68 100644
--- a/target/s390x/kvm.c
+++ b/target/s390x/kvm.c
@@ -2073,6 +2073,9 @@  static int query_cpu_subfunc(S390FeatBitmap features)
     if (test_bit(S390_FEAT_MSA_EXT_8, features)) {
         s390_add_from_feat_block(features, S390_FEAT_TYPE_KMA, prop.kma);
     }
+    if (test_bit(S390_FEAT_MSA_EXT_9, features)) {
+        s390_add_from_feat_block(features, S390_FEAT_TYPE_KDSA, prop.kdsa);
+    }
     return 0;
 }
 
@@ -2117,6 +2120,9 @@  static int configure_cpu_subfunc(const S390FeatBitmap features)
     if (test_bit(S390_FEAT_MSA_EXT_8, features)) {
         s390_fill_feat_block(features, S390_FEAT_TYPE_KMA, prop.kma);
     }
+    if (test_bit(S390_FEAT_MSA_EXT_9, features)) {
+        s390_fill_feat_block(features, S390_FEAT_TYPE_KDSA, prop.kdsa);
+    }
     return kvm_vm_ioctl(kvm_state, KVM_SET_DEVICE_ATTR, &attr);
 }