From patchwork Thu Feb 14 13:51:02 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pierre Morel X-Patchwork-Id: 10812727 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4D6CD6C2 for ; Thu, 14 Feb 2019 13:52:27 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3BAC72E5B6 for ; Thu, 14 Feb 2019 13:52:27 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 39B9A2E624; Thu, 14 Feb 2019 13:52:27 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 47CF92E5B6 for ; Thu, 14 Feb 2019 13:52:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2405591AbfBNNvW (ORCPT ); Thu, 14 Feb 2019 08:51:22 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:46428 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2404050AbfBNNvV (ORCPT ); Thu, 14 Feb 2019 08:51:21 -0500 Received: from pps.filterd (m0098404.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x1EDiQAB112888 for ; Thu, 14 Feb 2019 08:51:20 -0500 Received: from e06smtp02.uk.ibm.com (e06smtp02.uk.ibm.com [195.75.94.98]) by mx0a-001b2d01.pphosted.com with ESMTP id 2qn94b1wmh-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Thu, 14 Feb 2019 08:51:19 -0500 Received: from localhost by e06smtp02.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 14 Feb 2019 13:51:17 -0000 Received: from b06cxnps4075.portsmouth.uk.ibm.com (9.149.109.197) by e06smtp02.uk.ibm.com (192.168.101.132) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Thu, 14 Feb 2019 13:51:14 -0000 Received: from d06av24.portsmouth.uk.ibm.com (mk.ibm.com [9.149.105.60]) by b06cxnps4075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id x1EDpD7u4981200 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Thu, 14 Feb 2019 13:51:13 GMT Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 285D942042; Thu, 14 Feb 2019 13:51:13 +0000 (GMT) Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id A181142045; Thu, 14 Feb 2019 13:51:12 +0000 (GMT) Received: from morel-ThinkPad-W530.boeblingen.de.ibm.com (unknown [9.152.224.140]) by d06av24.portsmouth.uk.ibm.com (Postfix) with ESMTP; Thu, 14 Feb 2019 13:51:12 +0000 (GMT) From: Pierre Morel To: borntraeger@de.ibm.com Cc: alex.williamson@redhat.com, cohuck@redhat.com, linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org, kvm@vger.kernel.org, frankja@linux.ibm.com, akrowiak@linux.ibm.com, pasic@linux.ibm.com, david@redhat.com, schwidefsky@de.ibm.com, heiko.carstens@de.ibm.com, freude@linux.ibm.com, mimu@linux.ibm.com Subject: [PATCH v3 2/9] s390: ap: kvm: setting a hook for PQAP instructions Date: Thu, 14 Feb 2019 14:51:02 +0100 X-Mailer: git-send-email 2.7.4 In-Reply-To: <1550152269-6317-1-git-send-email-pmorel@linux.ibm.com> References: <1550152269-6317-1-git-send-email-pmorel@linux.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 19021413-0008-0000-0000-000002C072A6 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 19021413-0009-0000-0000-0000222C9546 Message-Id: <1550152269-6317-3-git-send-email-pmorel@linux.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2019-02-14_07:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=1 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=570 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1902140098 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP This patch adds interception code for the PQAP instructions, and a callback inside the KVM arch structure for s390. If a VFIO-AP drivers needs to intercept PQAP/AQIC or PQAP/TAPQ instructions, the driver will initialize the callback inside the kvm_arch structure to be called when the interception of a PQAP instruction occurs. If the callback is not initialized, the code still returns -EOPNOTSUPP to let userland handle the instruction as it used to. Signed-off-by: Pierre Morel Reviewed-by: Tony Krowiak --- arch/s390/include/asm/kvm_host.h | 1 + arch/s390/kvm/priv.c | 50 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 51 insertions(+) diff --git a/arch/s390/include/asm/kvm_host.h b/arch/s390/include/asm/kvm_host.h index c5f5156..49cc8b0 100644 --- a/arch/s390/include/asm/kvm_host.h +++ b/arch/s390/include/asm/kvm_host.h @@ -719,6 +719,7 @@ struct kvm_s390_cpu_model { struct kvm_s390_crypto { struct kvm_s390_crypto_cb *crycb; + int (*pqap_hook)(struct kvm_vcpu *vcpu); __u32 crycbd; __u8 aes_kw; __u8 dea_kw; diff --git a/arch/s390/kvm/priv.c b/arch/s390/kvm/priv.c index 8679bd7..72fdc21 100644 --- a/arch/s390/kvm/priv.c +++ b/arch/s390/kvm/priv.c @@ -27,6 +27,7 @@ #include #include #include +#include #include "gaccess.h" #include "kvm-s390.h" #include "trace.h" @@ -592,6 +593,53 @@ static int handle_io_inst(struct kvm_vcpu *vcpu) } } +/* + * handle_pqap: Handling pqap interception + * @vcpu: the vcpu having issue the pqap instruction + * + * This callback only handles PQAP/AQIC instruction and + * calls a dedicated callback for this instruction if + * a driver did register one in the CRYPTO satellite of the + * SIE block. + * + * Do not change the behavior if, return -EOPNOTSUPP if: + * - the hook is not used do not change the behavior. + * - AP instructions are not available or not available to the guest + * - the instruction is not PQAP with function code indicating + * AQIC do not change the previous behavior. + * + * For PQAP/AQIC instruction, verify privilege and specifications + * + * return the value returned by the callback. + */ +static int handle_pqap(struct kvm_vcpu *vcpu) +{ + uint8_t fc; + + /* Verify that the hook callback is registered */ + if (!vcpu->kvm->arch.crypto.pqap_hook) + return -EOPNOTSUPP; + /* Verify that the AP instruction are available */ + if (!ap_instructions_available()) + return -EOPNOTSUPP; + /* Verify that the guest is allowed to use AP instructions */ + if (!(vcpu->arch.sie_block->eca & ECA_APIE)) + return -EOPNOTSUPP; + /* Verify that the function code is AQIC */ + fc = vcpu->run->s.regs.gprs[0] >> 24; + if (fc != 0x03) + return -EOPNOTSUPP; + + /* PQAP instructions are allowed for guest kernel only */ + if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE) + return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP); + /* AQIC instruction is allowed only if facility 65 is available */ + if (!test_kvm_facility(vcpu->kvm, 65)) + return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION); + /* All right, call the callback */ + return vcpu->kvm->arch.crypto.pqap_hook(vcpu); +} + static int handle_stfl(struct kvm_vcpu *vcpu) { int rc; @@ -878,6 +926,8 @@ int kvm_s390_handle_b2(struct kvm_vcpu *vcpu) return handle_sthyi(vcpu); case 0x7d: return handle_stsi(vcpu); + case 0xaf: + return handle_pqap(vcpu); case 0xb1: return handle_stfl(vcpu); case 0xb2: