From ae4a2bd759d647dd6146d45e4a59a01cf34d6a4d Mon Sep 17 00:00:00 2001 From: Markus Armbruster Date: Thu, 5 Feb 2015 10:34:49 +0100 Subject: [PATCH 01/10] s390x: Replace unchecked qdev_init() by qdev_init_nofail() s390_flic_init() is a helper to create and realize either "s390-flic-kvm" or "s390-flic-qemu". When qdev_init() fails, it complains to stderr and succeeds. Except it can't actually fail, because the "s390-flic-qemu" is a dummy without a realize method, and "s390-flic-kvm"'s realize can't fail, even when the kernel device is really unavailable. Odd. Replace qdev_init() by qdev_init_nofail() to make "can't fail" locally obvious, and get rid of the unreachable error reporting. Cc: Christian Borntraeger Cc: Cornelia Huck Cc: Alexander Graf Signed-off-by: Markus Armbruster Acked-by: Cornelia Huck Message-Id: <1423128889-18260-4-git-send-email-armbru@redhat.com> Signed-off-by: Cornelia Huck --- hw/intc/s390_flic.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/hw/intc/s390_flic.c b/hw/intc/s390_flic.c index 03c5e89f4e..02e10b750d 100644 --- a/hw/intc/s390_flic.c +++ b/hw/intc/s390_flic.c @@ -30,7 +30,6 @@ S390FLICState *s390_get_flic(void) void s390_flic_init(void) { DeviceState *dev; - int r; dev = s390_flic_kvm_create(); if (!dev) { @@ -38,10 +37,7 @@ void s390_flic_init(void) object_property_add_child(qdev_get_machine(), TYPE_QEMU_S390_FLIC, OBJECT(dev), NULL); } - r = qdev_init(dev); - if (r) { - error_report("flic: couldn't create qdev"); - } + qdev_init_nofail(dev); } static int qemu_s390_register_io_adapter(S390FLICState *fs, uint32_t id, From 3f9e59bb5358cd020c5be919129281d202a24058 Mon Sep 17 00:00:00 2001 From: "Jason J. Herne" Date: Mon, 9 Mar 2015 15:56:08 +0100 Subject: [PATCH 02/10] s390x/kvm: Guest Migration TOD clock synchronization Synchronizes the guest TOD clock across a migration by sending the guest TOD clock value to the destination system. If the guest TOD clock is not preserved across a migration then the guest's view of time will snap backwards if the destination host clock is behind the source host clock. This will cause the guest to hang immediately upon resuming on the destination system. Reviewed-by: David Hildenbrand Signed-off-by: Jason J. Herne Signed-off-by: Jens Freimann Message-Id: <1425912968-54387-1-git-send-email-jfrei@linux.vnet.ibm.com> Signed-off-by: Cornelia Huck --- hw/s390x/s390-virtio-ccw.c | 4 +++ hw/s390x/s390-virtio.c | 52 ++++++++++++++++++++++++++++++++++++++ target-s390x/cpu.h | 34 +++++++++++++++++++++++++ target-s390x/kvm.c | 39 ++++++++++++++++++++++++++++ 4 files changed, 129 insertions(+) diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c index dac00cec7c..eea0742b64 100644 --- a/hw/s390x/s390-virtio-ccw.c +++ b/hw/s390x/s390-virtio-ccw.c @@ -181,6 +181,10 @@ static void ccw_init(MachineState *machine) /* Create VirtIO network adapters */ s390_create_virtio_net(BUS(css_bus), "virtio-net-ccw"); + + /* Register savevm handler for guest TOD clock */ + register_savevm(NULL, "todclock", 0, 1, + gtod_save, gtod_load, kvm_state); } static void ccw_machine_class_init(ObjectClass *oc, void *data) diff --git a/hw/s390x/s390-virtio.c b/hw/s390x/s390-virtio.c index 412e49ba33..bdb538859f 100644 --- a/hw/s390x/s390-virtio.c +++ b/hw/s390x/s390-virtio.c @@ -38,6 +38,7 @@ #include "hw/s390x/sclp.h" #include "hw/s390x/s390_flic.h" #include "hw/s390x/s390-virtio.h" +#include "cpu.h" //#define DEBUG_S390 @@ -53,6 +54,9 @@ #define ZIPL_FILENAME "s390-zipl.rom" #define TYPE_S390_MACHINE "s390-machine" +#define S390_TOD_CLOCK_VALUE_MISSING 0x00 +#define S390_TOD_CLOCK_VALUE_PRESENT 0x01 + static VirtIOS390Bus *s390_bus; static S390CPU **ipi_states; @@ -196,6 +200,51 @@ void s390_create_virtio_net(BusState *bus, const char *name) } } +void gtod_save(QEMUFile *f, void *opaque) +{ + uint64_t tod_low; + uint8_t tod_high; + int r; + + r = s390_get_clock(&tod_high, &tod_low); + if (r) { + fprintf(stderr, "WARNING: Unable to get guest clock for migration. " + "Error code %d. Guest clock will not be migrated " + "which could cause the guest to hang.\n", r); + qemu_put_byte(f, S390_TOD_CLOCK_VALUE_MISSING); + return; + } + + qemu_put_byte(f, S390_TOD_CLOCK_VALUE_PRESENT); + qemu_put_byte(f, tod_high); + qemu_put_be64(f, tod_low); +} + +int gtod_load(QEMUFile *f, void *opaque, int version_id) +{ + uint64_t tod_low; + uint8_t tod_high; + int r; + + if (qemu_get_byte(f) == S390_TOD_CLOCK_VALUE_MISSING) { + fprintf(stderr, "WARNING: Guest clock was not migrated. This could " + "cause the guest to hang.\n"); + return 0; + } + + tod_high = qemu_get_byte(f); + tod_low = qemu_get_be64(f); + + r = s390_set_clock(&tod_high, &tod_low); + if (r) { + fprintf(stderr, "WARNING: Unable to set guest clock value. " + "s390_get_clock returned error %d. This could cause " + "the guest to hang.\n", r); + } + + return 0; +} + /* PC hardware initialisation */ static void s390_init(MachineState *machine) { @@ -253,6 +302,9 @@ static void s390_init(MachineState *machine) /* Create VirtIO network adapters */ s390_create_virtio_net((BusState *)s390_bus, "virtio-net-s390"); + + /* Register savevm handler for guest TOD clock */ + register_savevm(NULL, "todclock", 0, 1, gtod_save, gtod_load, NULL); } void s390_nmi(NMIState *n, int cpu_index, Error **errp) diff --git a/target-s390x/cpu.h b/target-s390x/cpu.h index 0171de0179..8135dda318 100644 --- a/target-s390x/cpu.h +++ b/target-s390x/cpu.h @@ -401,6 +401,8 @@ void kvm_s390_vcpu_interrupt(S390CPU *cpu, struct kvm_s390_irq *irq); void kvm_s390_floating_interrupt(struct kvm_s390_irq *irq); int kvm_s390_inject_flic(struct kvm_s390_irq *irq); void kvm_s390_access_exception(S390CPU *cpu, uint16_t code, uint64_t te_code); +int kvm_s390_get_clock(uint8_t *tod_high, uint64_t *tod_clock); +int kvm_s390_set_clock(uint8_t *tod_high, uint64_t *tod_clock); #else static inline void kvm_s390_virtio_irq(int config_change, uint64_t token) { @@ -408,11 +410,40 @@ static inline void kvm_s390_virtio_irq(int config_change, uint64_t token) static inline void kvm_s390_service_interrupt(uint32_t parm) { } +static inline int kvm_s390_get_clock(uint8_t *tod_high, uint64_t *tod_low) +{ + return -ENOSYS; +} +static inline int kvm_s390_set_clock(uint8_t *tod_high, uint64_t *tod_low) +{ + return -ENOSYS; +} static inline void kvm_s390_access_exception(S390CPU *cpu, uint16_t code, uint64_t te_code) { } #endif + +static inline int s390_get_clock(uint8_t *tod_high, uint64_t *tod_low) +{ + if (kvm_enabled()) { + return kvm_s390_get_clock(tod_high, tod_low); + } + /* Fixme TCG */ + *tod_high = 0; + *tod_low = 0; + return 0; +} + +static inline int s390_set_clock(uint8_t *tod_high, uint64_t *tod_low) +{ + if (kvm_enabled()) { + return kvm_s390_set_clock(tod_high, tod_low); + } + /* Fixme TCG */ + return 0; +} + S390CPU *s390_cpu_addr2state(uint16_t cpu_addr); unsigned int s390_cpu_halt(S390CPU *cpu); void s390_cpu_unhalt(S390CPU *cpu); @@ -422,6 +453,9 @@ static inline uint8_t s390_cpu_get_state(S390CPU *cpu) return cpu->env.cpu_state; } +void gtod_save(QEMUFile *f, void *opaque); +int gtod_load(QEMUFile *f, void *opaque, int version_id); + /* service interrupts are floating therefore we must not pass an cpustate */ void s390_sclp_extint(uint32_t parm); diff --git a/target-s390x/kvm.c b/target-s390x/kvm.c index 896534bf95..b21a348805 100644 --- a/target-s390x/kvm.c +++ b/target-s390x/kvm.c @@ -486,6 +486,45 @@ int kvm_arch_get_registers(CPUState *cs) return 0; } +int kvm_s390_get_clock(uint8_t *tod_high, uint64_t *tod_low) +{ + int r; + struct kvm_device_attr attr = { + .group = KVM_S390_VM_TOD, + .attr = KVM_S390_VM_TOD_LOW, + .addr = (uint64_t)tod_low, + }; + + r = kvm_vm_ioctl(kvm_state, KVM_GET_DEVICE_ATTR, &attr); + if (r) { + return r; + } + + attr.attr = KVM_S390_VM_TOD_HIGH; + attr.addr = (uint64_t)tod_high; + return kvm_vm_ioctl(kvm_state, KVM_GET_DEVICE_ATTR, &attr); +} + +int kvm_s390_set_clock(uint8_t *tod_high, uint64_t *tod_low) +{ + int r; + + struct kvm_device_attr attr = { + .group = KVM_S390_VM_TOD, + .attr = KVM_S390_VM_TOD_LOW, + .addr = (uint64_t)tod_low, + }; + + r = kvm_vm_ioctl(kvm_state, KVM_SET_DEVICE_ATTR, &attr); + if (r) { + return r; + } + + attr.attr = KVM_S390_VM_TOD_HIGH; + attr.addr = (uint64_t)tod_high; + return kvm_vm_ioctl(kvm_state, KVM_SET_DEVICE_ATTR, &attr); +} + /* * Legacy layout for s390: * Older S390 KVM requires the topmost vma of the RAM to be From 7d45285fc9f75e0a85533ada8fd3aeda48d5d71a Mon Sep 17 00:00:00 2001 From: Cornelia Huck Date: Wed, 11 Mar 2015 10:57:50 +0100 Subject: [PATCH 03/10] virtio-ccw: assure BE accesses All fields in structures transmitted by ccws are big endian; assure we handle them as such. Reviewed-by: Thomas Huth Reviewed-by: David Hildenbrand Signed-off-by: Cornelia Huck Message-Id: <1426067871-17693-2-git-send-email-cornelia.huck@de.ibm.com> --- hw/s390x/virtio-ccw.c | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/hw/s390x/virtio-ccw.c b/hw/s390x/virtio-ccw.c index fce52a929c..130535cdc3 100644 --- a/hw/s390x/virtio-ccw.c +++ b/hw/s390x/virtio-ccw.c @@ -508,7 +508,7 @@ static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw) if (!ccw.cda) { ret = -EFAULT; } else { - indicators = ldq_phys(&address_space_memory, ccw.cda); + indicators = ldq_be_phys(&address_space_memory, ccw.cda); dev->indicators = get_indicator(indicators, sizeof(uint64_t)); sch->curr_status.scsw.count = ccw.count - sizeof(indicators); ret = 0; @@ -528,7 +528,7 @@ static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw) if (!ccw.cda) { ret = -EFAULT; } else { - indicators = ldq_phys(&address_space_memory, ccw.cda); + indicators = ldq_be_phys(&address_space_memory, ccw.cda); dev->indicators2 = get_indicator(indicators, sizeof(uint64_t)); sch->curr_status.scsw.count = ccw.count - sizeof(indicators); ret = 0; @@ -548,11 +548,11 @@ static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw) if (!ccw.cda) { ret = -EFAULT; } else { - vq_config.index = lduw_phys(&address_space_memory, ccw.cda); + vq_config.index = lduw_be_phys(&address_space_memory, ccw.cda); vq_config.num_max = virtio_queue_get_num(vdev, vq_config.index); - stw_phys(&address_space_memory, - ccw.cda + sizeof(vq_config.index), vq_config.num_max); + stw_be_phys(&address_space_memory, + ccw.cda + sizeof(vq_config.index), vq_config.num_max); sch->curr_status.scsw.count = ccw.count - sizeof(vq_config); ret = 0; } @@ -580,13 +580,17 @@ static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw) if (!thinint) { ret = -EFAULT; } else { + uint64_t ind_bit = ldq_be_p(&thinint->ind_bit); + len = hw_len; dev->summary_indicator = - get_indicator(thinint->summary_indicator, sizeof(uint8_t)); - dev->indicators = get_indicator(thinint->device_indicator, - thinint->ind_bit / 8 + 1); + get_indicator(ldq_be_p(&thinint->summary_indicator), + sizeof(uint8_t)); + dev->indicators = + get_indicator(ldq_be_p(&thinint->device_indicator), + ind_bit / 8 + 1); dev->thinint_isc = thinint->isc; - dev->routes.adapter.ind_offset = thinint->ind_bit; + dev->routes.adapter.ind_offset = ind_bit; dev->routes.adapter.summary_offset = 7; cpu_physical_memory_unmap(thinint, hw_len, 0, hw_len); ret = css_register_io_adapter(CSS_IO_ADAPTER_VIRTIO, From d0a073a186e4a81ae81435bd5b7286b657a69bfd Mon Sep 17 00:00:00 2001 From: Dominik Dingel Date: Thu, 12 Mar 2015 13:53:49 +0100 Subject: [PATCH 04/10] kvm: encapsulate HAS_DEVICE for vm attrs More and more virtual machine specifics between kvm and qemu will be transferred with vm attributes. So we encapsulate the common logic in a generic function. Additionally we need only to check during initialization if kvm supports virtual machine attributes. Cc: Paolo Bonzini Suggested-by: Thomas Huth Reviewed-by: Thomas Huth Signed-off-by: Dominik Dingel Signed-off-by: Jens Freimann Message-Id: <1426164834-38648-2-git-send-email-jfrei@linux.vnet.ibm.com> Acked-by: Paolo Bonzini Signed-off-by: Cornelia Huck --- include/sysemu/kvm.h | 12 ++++++++++++ kvm-all.c | 21 +++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/include/sysemu/kvm.h b/include/sysemu/kvm.h index 3792463080..197e6c0214 100644 --- a/include/sysemu/kvm.h +++ b/include/sysemu/kvm.h @@ -224,6 +224,18 @@ int kvm_vcpu_ioctl(CPUState *cpu, int type, ...); */ int kvm_device_ioctl(int fd, int type, ...); +/** + * kvm_vm_check_attr - check for existence of a specific vm attribute + * @s: The KVMState pointer + * @group: the group + * @attr: the attribute of that group to query for + * + * Returns: 1 if the attribute exists + * 0 if the attribute either does not exist or if the vm device + * interface is unavailable + */ +int kvm_vm_check_attr(KVMState *s, uint32_t group, uint64_t attr); + /** * kvm_create_device - create a KVM device for the device control API * @KVMState: The KVMState pointer diff --git a/kvm-all.c b/kvm-all.c index cbedc2564e..55025cc366 100644 --- a/kvm-all.c +++ b/kvm-all.c @@ -126,6 +126,7 @@ bool kvm_gsi_routing_allowed; bool kvm_gsi_direct_mapping; bool kvm_allowed; bool kvm_readonly_mem_allowed; +bool kvm_vm_attributes_allowed; static const KVMCapabilityInfo kvm_required_capabilites[] = { KVM_CAP_INFO(USER_MEMORY), @@ -1598,6 +1599,9 @@ static int kvm_init(MachineState *ms) kvm_resamplefds_allowed = (kvm_check_extension(s, KVM_CAP_IRQFD_RESAMPLE) > 0); + kvm_vm_attributes_allowed = + (kvm_check_extension(s, KVM_CAP_VM_ATTRIBUTES) > 0); + ret = kvm_arch_init(ms, s); if (ret < 0) { goto err; @@ -1936,6 +1940,23 @@ int kvm_device_ioctl(int fd, int type, ...) return ret; } +int kvm_vm_check_attr(KVMState *s, uint32_t group, uint64_t attr) +{ + int ret; + struct kvm_device_attr attribute = { + .group = group, + .attr = attr, + }; + + if (!kvm_vm_attributes_allowed) { + return 0; + } + + ret = kvm_vm_ioctl(s, KVM_HAS_DEVICE_ATTR, &attribute); + /* kvm returns 0 on success for HAS_DEVICE_ATTR */ + return ret ? 0 : 1; +} + int kvm_has_sync_mmu(void) { return kvm_check_extension(kvm_state, KVM_CAP_SYNC_MMU); From 2b147555f78c3c20080b201fd1506467fa0ddf43 Mon Sep 17 00:00:00 2001 From: Dominik Dingel Date: Thu, 12 Mar 2015 13:53:50 +0100 Subject: [PATCH 05/10] s390x/kvm: make use of generic vm attribute check By using the new introduced generic interface we can remove redundancies and clean up. Reviewed-by: Thomas Huth Suggested-by: Thomas Huth Signed-off-by: Dominik Dingel Signed-off-by: Jens Freimann Message-Id: <1426164834-38648-3-git-send-email-jfrei@linux.vnet.ibm.com> Signed-off-by: Cornelia Huck --- target-s390x/kvm.c | 42 +++++++----------------------------------- 1 file changed, 7 insertions(+), 35 deletions(-) diff --git a/target-s390x/kvm.c b/target-s390x/kvm.c index b21a348805..38887aa171 100644 --- a/target-s390x/kvm.c +++ b/target-s390x/kvm.c @@ -55,6 +55,9 @@ do { } while (0) #endif +#define kvm_vm_check_mem_attr(s, attr) \ + kvm_vm_check_attr(s, KVM_S390_VM_MEM_CTRL, attr) + #define IPA0_DIAG 0x8300 #define IPA0_SIGP 0xae00 #define IPA0_B2 0xb200 @@ -122,16 +125,6 @@ static int cap_async_pf; static void *legacy_s390_alloc(size_t size, uint64_t *align); -static int kvm_s390_supports_mem_limit(KVMState *s) -{ - struct kvm_device_attr attr = { - .group = KVM_S390_VM_MEM_CTRL, - .attr = KVM_S390_VM_MEM_LIMIT_SIZE, - }; - - return (kvm_vm_ioctl(s, KVM_HAS_DEVICE_ATTR, &attr) == 0); -} - static int kvm_s390_query_mem_limit(KVMState *s, uint64_t *memory_limit) { struct kvm_device_attr attr = { @@ -153,7 +146,7 @@ int kvm_s390_set_mem_limit(KVMState *s, uint64_t new_limit, uint64_t *hw_limit) .addr = (uint64_t) &new_limit, }; - if (!kvm_s390_supports_mem_limit(s)) { + if (!kvm_vm_check_mem_attr(s, KVM_S390_VM_MEM_LIMIT_SIZE)) { return 0; } @@ -167,26 +160,6 @@ int kvm_s390_set_mem_limit(KVMState *s, uint64_t new_limit, uint64_t *hw_limit) return kvm_vm_ioctl(s, KVM_SET_DEVICE_ATTR, &attr); } -static int kvm_s390_check_clear_cmma(KVMState *s) -{ - struct kvm_device_attr attr = { - .group = KVM_S390_VM_MEM_CTRL, - .attr = KVM_S390_VM_MEM_CLR_CMMA, - }; - - return kvm_vm_ioctl(s, KVM_HAS_DEVICE_ATTR, &attr); -} - -static int kvm_s390_check_enable_cmma(KVMState *s) -{ - struct kvm_device_attr attr = { - .group = KVM_S390_VM_MEM_CTRL, - .attr = KVM_S390_VM_MEM_ENABLE_CMMA, - }; - - return kvm_vm_ioctl(s, KVM_HAS_DEVICE_ATTR, &attr); -} - void kvm_s390_clear_cmma_callback(void *opaque) { int rc; @@ -208,7 +181,8 @@ static void kvm_s390_enable_cmma(KVMState *s) .attr = KVM_S390_VM_MEM_ENABLE_CMMA, }; - if (kvm_s390_check_enable_cmma(s) || kvm_s390_check_clear_cmma(s)) { + if (!kvm_vm_check_mem_attr(s, KVM_S390_VM_MEM_ENABLE_CMMA) || + !kvm_vm_check_mem_attr(s, KVM_S390_VM_MEM_CLR_CMMA)) { return; } @@ -224,9 +198,7 @@ int kvm_arch_init(MachineState *ms, KVMState *s) cap_sync_regs = kvm_check_extension(s, KVM_CAP_SYNC_REGS); cap_async_pf = kvm_check_extension(s, KVM_CAP_ASYNC_PF); - if (kvm_check_extension(s, KVM_CAP_VM_ATTRIBUTES)) { - kvm_s390_enable_cmma(s); - } + kvm_s390_enable_cmma(s); if (!kvm_check_extension(s, KVM_CAP_S390_GMAP) || !kvm_check_extension(s, KVM_CAP_S390_COW)) { From 2eb1cd0768af18fb2398ee7b590e4b81e0e504f9 Mon Sep 17 00:00:00 2001 From: Tony Krowiak Date: Thu, 12 Mar 2015 13:53:51 +0100 Subject: [PATCH 06/10] s390x: CPACF: Handle key wrap machine options Check for the aes_key_wrap and dea_key_wrap machine options and set the appropriate KVM device attribute(s) to tell the kernel to enable or disable the AES/DEA protected key functions for the guest domain. This patch introduces two new machine options for indicating the state of AES/DEA key wrapping functions. This controls whether the guest will have access to the AES/DEA crypto functions. aes_key_wrap="on | off" is changed to aes-key-wrap="on | off" dea_key_wrap="on | off" is changed to dea-key-wrap="on | off" Check for the aes-key-wrap and dea-key-wrap machine options and set the appropriate KVM device attribute(s) to tell the kernel to enable or disable the AES/DEA protected key functions for the guest domain. Reviewed-by: David Hildenbrand Signed-off-by: Tony Krowiak Signed-off-by: Jens Freimann Message-Id: <1426164834-38648-4-git-send-email-jfrei@linux.vnet.ibm.com> Signed-off-by: Cornelia Huck --- hw/s390x/s390-virtio-ccw.c | 63 ++++++++++++++++++++++++++++++++++++++ qemu-options.hx | 12 +++++++- target-s390x/kvm.c | 51 ++++++++++++++++++++++++++++++ 3 files changed, 125 insertions(+), 1 deletion(-) diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c index eea0742b64..afb539adea 100644 --- a/hw/s390x/s390-virtio-ccw.c +++ b/hw/s390x/s390-virtio-ccw.c @@ -22,6 +22,18 @@ #define TYPE_S390_CCW_MACHINE "s390-ccw-machine" +#define S390_CCW_MACHINE(obj) \ + OBJECT_CHECK(S390CcwMachineState, (obj), TYPE_S390_CCW_MACHINE) + +typedef struct S390CcwMachineState { + /*< private >*/ + MachineState parent_obj; + + /*< public >*/ + bool aes_key_wrap; + bool dea_key_wrap; +} S390CcwMachineState; + void io_subsystem_reset(void) { DeviceState *css, *sclp, *flic; @@ -207,9 +219,60 @@ static void ccw_machine_class_init(ObjectClass *oc, void *data) nc->nmi_monitor_handler = s390_nmi; } +static inline bool machine_get_aes_key_wrap(Object *obj, Error **errp) +{ + S390CcwMachineState *ms = S390_CCW_MACHINE(obj); + + return ms->aes_key_wrap; +} + +static inline void machine_set_aes_key_wrap(Object *obj, bool value, + Error **errp) +{ + S390CcwMachineState *ms = S390_CCW_MACHINE(obj); + + ms->aes_key_wrap = value; +} + +static inline bool machine_get_dea_key_wrap(Object *obj, Error **errp) +{ + S390CcwMachineState *ms = S390_CCW_MACHINE(obj); + + return ms->dea_key_wrap; +} + +static inline void machine_set_dea_key_wrap(Object *obj, bool value, + Error **errp) +{ + S390CcwMachineState *ms = S390_CCW_MACHINE(obj); + + ms->dea_key_wrap = value; +} + +static inline void s390_machine_initfn(Object *obj) +{ + object_property_add_bool(obj, "aes-key-wrap", + machine_get_aes_key_wrap, + machine_set_aes_key_wrap, NULL); + object_property_set_description(obj, "aes-key-wrap", + "enable/disable AES key wrapping using the CPACF wrapping key", + NULL); + object_property_set_bool(obj, true, "aes-key-wrap", NULL); + + object_property_add_bool(obj, "dea-key-wrap", + machine_get_dea_key_wrap, + machine_set_dea_key_wrap, NULL); + object_property_set_description(obj, "dea-key-wrap", + "enable/disable DEA key wrapping using the CPACF wrapping key", + NULL); + object_property_set_bool(obj, true, "dea-key-wrap", NULL); +} + static const TypeInfo ccw_machine_info = { .name = TYPE_S390_CCW_MACHINE, .parent = TYPE_MACHINE, + .instance_size = sizeof(S390CcwMachineState), + .instance_init = s390_machine_initfn, .class_init = ccw_machine_class_init, .interfaces = (InterfaceInfo[]) { { TYPE_NMI }, diff --git a/qemu-options.hx b/qemu-options.hx index 837624db46..ad07ddecd0 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -37,7 +37,9 @@ DEF("machine", HAS_ARG, QEMU_OPTION_machine, \ " kvm_shadow_mem=size of KVM shadow MMU\n" " dump-guest-core=on|off include guest memory in a core dump (default=on)\n" " mem-merge=on|off controls memory merge support (default: on)\n" - " iommu=on|off controls emulated Intel IOMMU (VT-d) support (default=off)\n", + " iommu=on|off controls emulated Intel IOMMU (VT-d) support (default=off)\n" + " aes-key-wrap=on|off controls support for AES key wrapping (default=on)\n" + " dea-key-wrap=on|off controls support for DEA key wrapping (default=on)\n", QEMU_ARCH_ALL) STEXI @item -machine [type=]@var{name}[,prop=@var{value}[,...]] @@ -66,6 +68,14 @@ the host, de-duplicates identical memory pages among VMs instances (enabled by default). @item iommu=on|off Enables or disables emulated Intel IOMMU (VT-d) support. The default is off. +@item aes-key-wrap=on|off +Enables or disables AES key wrapping support on s390-ccw hosts. This feature +controls whether AES wrapping keys will be created to allow +execution of AES cryptographic functions. The default is on. +@item dea-key-wrap=on|off +Enables or disables DEA key wrapping support on s390-ccw hosts. This feature +controls whether DEA wrapping keys will be created to allow +execution of DEA cryptographic functions. The default is on. @end table ETEXI diff --git a/target-s390x/kvm.c b/target-s390x/kvm.c index 38887aa171..b48c643b36 100644 --- a/target-s390x/kvm.c +++ b/target-s390x/kvm.c @@ -193,6 +193,55 @@ static void kvm_s390_enable_cmma(KVMState *s) trace_kvm_enable_cmma(rc); } +static void kvm_s390_set_attr(uint64_t attr) +{ + struct kvm_device_attr attribute = { + .group = KVM_S390_VM_CRYPTO, + .attr = attr, + }; + + int ret = kvm_vm_ioctl(kvm_state, KVM_SET_DEVICE_ATTR, &attribute); + + if (ret) { + error_report("Failed to set crypto device attribute %lu: %s", + attr, strerror(-ret)); + } +} + +static void kvm_s390_init_aes_kw(void) +{ + uint64_t attr = KVM_S390_VM_CRYPTO_DISABLE_AES_KW; + + if (object_property_get_bool(OBJECT(qdev_get_machine()), "aes-key-wrap", + NULL)) { + attr = KVM_S390_VM_CRYPTO_ENABLE_AES_KW; + } + + if (kvm_vm_check_attr(kvm_state, KVM_S390_VM_CRYPTO, attr)) { + kvm_s390_set_attr(attr); + } +} + +static void kvm_s390_init_dea_kw(void) +{ + uint64_t attr = KVM_S390_VM_CRYPTO_DISABLE_DEA_KW; + + if (object_property_get_bool(OBJECT(qdev_get_machine()), "dea-key-wrap", + NULL)) { + attr = KVM_S390_VM_CRYPTO_ENABLE_DEA_KW; + } + + if (kvm_vm_check_attr(kvm_state, KVM_S390_VM_CRYPTO, attr)) { + kvm_s390_set_attr(attr); + } +} + +static void kvm_s390_init_crypto(void) +{ + kvm_s390_init_aes_kw(); + kvm_s390_init_dea_kw(); +} + int kvm_arch_init(MachineState *ms, KVMState *s) { cap_sync_regs = kvm_check_extension(s, KVM_CAP_SYNC_REGS); @@ -234,6 +283,8 @@ void kvm_s390_reset_vcpu(S390CPU *cpu) if (kvm_vcpu_ioctl(cs, KVM_S390_INITIAL_RESET, NULL)) { error_report("Initial CPU reset failed on CPU %i", cs->cpu_index); } + + kvm_s390_init_crypto(); } static int can_sync_regs(CPUState *cs, int regs) From eaec461ccc4b308b5718381739afbf9605e47b00 Mon Sep 17 00:00:00 2001 From: Thomas Huth Date: Thu, 12 Mar 2015 13:53:52 +0100 Subject: [PATCH 07/10] s390x/virtio-bus: Remove unused function s390_virtio_bus_console() The function s390_virtio_bus_console() is completely unused and thus can be removed safely. Signed-off-by: Thomas Huth Reviewed-by: Jens Freimann Signed-off-by: Jens Freimann Message-Id: <1426164834-38648-5-git-send-email-jfrei@linux.vnet.ibm.com> Signed-off-by: Cornelia Huck --- hw/s390x/s390-virtio-bus.c | 5 ----- hw/s390x/s390-virtio-bus.h | 1 - 2 files changed, 6 deletions(-) diff --git a/hw/s390x/s390-virtio-bus.c b/hw/s390x/s390-virtio-bus.c index 55a5581d1b..047c963698 100644 --- a/hw/s390x/s390-virtio-bus.c +++ b/hw/s390x/s390-virtio-bus.c @@ -435,11 +435,6 @@ void s390_virtio_device_update_status(VirtIOS390Device *dev) virtio_set_features(vdev, features); } -VirtIOS390Device *s390_virtio_bus_console(VirtIOS390Bus *bus) -{ - return bus->console; -} - /* Find a device by vring address */ VirtIOS390Device *s390_virtio_bus_find_vring(VirtIOS390Bus *bus, ram_addr_t mem, diff --git a/hw/s390x/s390-virtio-bus.h b/hw/s390x/s390-virtio-bus.h index 810a6ef1fc..96b1890b4c 100644 --- a/hw/s390x/s390-virtio-bus.h +++ b/hw/s390x/s390-virtio-bus.h @@ -108,7 +108,6 @@ typedef struct VirtIOS390Bus { void s390_virtio_device_update_status(VirtIOS390Device *dev); -VirtIOS390Device *s390_virtio_bus_console(VirtIOS390Bus *bus); VirtIOS390Bus *s390_virtio_bus_init(ram_addr_t *ram_size); VirtIOS390Device *s390_virtio_bus_find_vring(VirtIOS390Bus *bus, From 7b527b86eb3560d68f41218cec0cdf3d60a38323 Mon Sep 17 00:00:00 2001 From: Dominik Dingel Date: Thu, 12 Mar 2015 13:53:53 +0100 Subject: [PATCH 08/10] s390x/ipl: remove dead code load_image_targphys already checks the max size and will return an error code. So the follow-on check will never trigger. Signed-off-by: Dominik Dingel Reviewed-by: Cornelia Huck Reviewed-by: Thomas Huth Signed-off-by: Jens Freimann Message-Id: <1426164834-38648-6-git-send-email-jfrei@linux.vnet.ibm.com> Signed-off-by: Cornelia Huck --- hw/s390x/ipl.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/hw/s390x/ipl.c b/hw/s390x/ipl.c index d6c0a49071..54d0835f0a 100644 --- a/hw/s390x/ipl.c +++ b/hw/s390x/ipl.c @@ -142,9 +142,6 @@ static int s390_ipl_init(SysBusDevice *dev) bios_size = load_image_targphys(bios_filename, ZIPL_IMAGE_START, 4096); ipl->bios_start_addr = ZIPL_IMAGE_START; - if (bios_size > 4096) { - hw_error("stage1 bootloader is > 4k\n"); - } } g_free(bios_filename); From d3321fc7557cbd51fd0c9c0416c81dbe3f4dc32e Mon Sep 17 00:00:00 2001 From: Frank Blaschka Date: Thu, 12 Mar 2015 13:53:54 +0100 Subject: [PATCH 09/10] s390x/pci: fix length in sei_nt2 event The sei_nt2 event must contain the length of the event. Signed-off-by: Frank Blaschka Signed-off-by: Jens Freimann Message-Id: <1426164834-38648-7-git-send-email-jfrei@linux.vnet.ibm.com> Signed-off-by: Cornelia Huck --- hw/s390x/s390-pci-bus.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/s390x/s390-pci-bus.c b/hw/s390x/s390-pci-bus.c index dc455a2bb7..3c086f6155 100644 --- a/hw/s390x/s390-pci-bus.c +++ b/hw/s390x/s390-pci-bus.c @@ -44,6 +44,7 @@ int chsc_sei_nt2_get_event(void *res) QTAILQ_REMOVE(&s->pending_sei, sei_cont, link); nt2_res->nt = 2; nt2_res->cc = sei_cont->cc; + nt2_res->length = cpu_to_be16(sizeof(ChscSeiNt2Res)); switch (sei_cont->cc) { case 1: /* error event */ eccdf = (PciCcdfErr *)nt2_res->ccdf; From be0b608a5463a834df0e19911356ae93660d3677 Mon Sep 17 00:00:00 2001 From: Thomas Huth Date: Thu, 12 Mar 2015 15:19:14 +0100 Subject: [PATCH 10/10] s390x/config: Do not include full pci.mak pci.mak includes a lot of devices - and most of them do not make sense on s390x, like USB controllers or audio cards. These devices also show up when running "qemu-system-s390x -device help" and thus could raise the hope for the users that they could use these kind of devices with qemu-system-s390x. To avoid this confusion, we should not include pci.mak and rather include the bare minimum manually instead. Signed-off-by: Thomas Huth Acked-by: Frank Blaschka Message-Id: <1426169954-6062-1-git-send-email-thuth@linux.vnet.ibm.com> Signed-off-by: Cornelia Huck --- default-configs/s390x-softmmu.mak | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/default-configs/s390x-softmmu.mak b/default-configs/s390x-softmmu.mak index 6ee2ff89ff..f9e13f177e 100644 --- a/default-configs/s390x-softmmu.mak +++ b/default-configs/s390x-softmmu.mak @@ -1,4 +1,5 @@ -include pci.mak +CONFIG_PCI=y +CONFIG_VIRTIO_PCI=y CONFIG_VIRTIO=y CONFIG_SCLPCONSOLE=y CONFIG_S390_FLIC=y