tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge tag 'kvm-s390-next-5.2-1' of git://git.kernel.org/pub/scm/linux/kernel/git/kvms390/linux into HEAD
KVM: s390: Features and fixes for 5.2
- VSIE crypto fixes
- new guest features for gen15
- disable halt polling for nested virtualization with overcommit
+163
-11
+2
-1
Documentation/virtual/kvm/devices/vm.txt
+2
-1
Documentation/virtual/kvm/devices/vm.txt
···
141
141
u8 pcc[16]; # valid with Message-Security-Assist-Extension 4
142
142
u8 ppno[16]; # valid with Message-Security-Assist-Extension 5
143
143
u8 kma[16]; # valid with Message-Security-Assist-Extension 8
144
-
u8 reserved[1808]; # reserved for future instructions
144
+
u8 kdsa[16]; # valid with Message-Security-Assist-Extension 9
145
+
u8 reserved[1792]; # reserved for future instructions
145
146
};
146
147
147
148
Parameters: address of a buffer to load the subfunction blocks from.
+1
arch/s390/include/asm/cpacf.h
+1
arch/s390/include/asm/cpacf.h
+2
arch/s390/include/asm/kvm_host.h
+2
arch/s390/include/asm/kvm_host.h
···
278
278
#define ECD_HOSTREGMGMT 0x20000000
279
279
#define ECD_MEF 0x08000000
280
280
#define ECD_ETOKENF 0x02000000
281
+
#define ECD_ECC 0x00200000
281
282
__u32 ecd; /* 0x01c8 */
282
283
__u8 reserved1cc[18]; /* 0x01cc */
283
284
__u64 pp; /* 0x01de */
···
313
312
u64 halt_successful_poll;
314
313
u64 halt_attempted_poll;
315
314
u64 halt_poll_invalid;
315
+
u64 halt_no_poll_steal;
316
316
u64 halt_wakeup;
317
317
u64 instruction_lctl;
318
318
u64 instruction_lctlg;
+4
-1
arch/s390/include/uapi/asm/kvm.h
+4
-1
arch/s390/include/uapi/asm/kvm.h
···
152
152
__u8 pcc[16]; /* with MSA4 */
153
153
__u8 ppno[16]; /* with MSA5 */
154
154
__u8 kma[16]; /* with MSA8 */
155
-
__u8 reserved[1808];
155
+
__u8 kdsa[16]; /* with MSA9 */
156
+
__u8 sortl[32]; /* with STFLE.150 */
157
+
__u8 dfltcc[32]; /* with STFLE.151 */
158
+
__u8 reserved[1728];
156
159
};
157
160
158
161
/* kvm attributes for crypto */
+1
arch/s390/kvm/Kconfig
+1
arch/s390/kvm/Kconfig
+9
-2
arch/s390/kvm/interrupt.c
+9
-2
arch/s390/kvm/interrupt.c
···
14
14
#include <linux/kvm_host.h>
15
15
#include <linux/hrtimer.h>
16
16
#include <linux/mmu_context.h>
17
+
#include <linux/nospec.h>
17
18
#include <linux/signal.h>
18
19
#include <linux/slab.h>
19
20
#include <linux/bitmap.h>
···
2308
2307
{
2309
2308
if (id >= MAX_S390_IO_ADAPTERS)
2310
2309
return NULL;
2310
+
id = array_index_nospec(id, MAX_S390_IO_ADAPTERS);
2311
2311
return kvm->arch.adapters[id];
2312
2312
}
2313
2313
···
2322
2320
(void __user *)attr->addr, sizeof(adapter_info)))
2323
2321
return -EFAULT;
2324
2322
2325
-
if ((adapter_info.id >= MAX_S390_IO_ADAPTERS) ||
2326
-
(dev->kvm->arch.adapters[adapter_info.id] != NULL))
2323
+
if (adapter_info.id >= MAX_S390_IO_ADAPTERS)
2324
+
return -EINVAL;
2325
+
2326
+
adapter_info.id = array_index_nospec(adapter_info.id,
2327
+
MAX_S390_IO_ADAPTERS);
2328
+
2329
+
if (dev->kvm->arch.adapters[adapter_info.id] != NULL)
2327
2330
return -EINVAL;
2328
2331
2329
2332
adapter = kzalloc(sizeof(*adapter), GFP_KERNEL);
+116
-1
arch/s390/kvm/kvm-s390.c
+116
-1
arch/s390/kvm/kvm-s390.c
···
75
75
{ "halt_successful_poll", VCPU_STAT(halt_successful_poll) },
76
76
{ "halt_attempted_poll", VCPU_STAT(halt_attempted_poll) },
77
77
{ "halt_poll_invalid", VCPU_STAT(halt_poll_invalid) },
78
+
{ "halt_no_poll_steal", VCPU_STAT(halt_no_poll_steal) },
78
79
{ "halt_wakeup", VCPU_STAT(halt_wakeup) },
79
80
{ "instruction_lctlg", VCPU_STAT(instruction_lctlg) },
80
81
{ "instruction_lctl", VCPU_STAT(instruction_lctl) },
···
177
176
static int hpage;
178
177
module_param(hpage, int, 0444);
179
178
MODULE_PARM_DESC(hpage, "1m huge page backing support");
179
+
180
+
/* maximum percentage of steal time for polling. >100 is treated like 100 */
181
+
static u8 halt_poll_max_steal = 10;
182
+
module_param(halt_poll_max_steal, byte, 0644);
183
+
MODULE_PARM_DESC(hpage, "Maximum percentage of steal time to allow polling");
180
184
181
185
/*
182
186
* For now we handle at most 16 double words as this is what the s390 base
···
327
321
return cc == 0;
328
322
}
329
323
324
+
static inline void __insn32_query(unsigned int opcode, u8 query[32])
325
+
{
326
+
register unsigned long r0 asm("0") = 0; /* query function */
327
+
register unsigned long r1 asm("1") = (unsigned long) query;
328
+
329
+
asm volatile(
330
+
/* Parameter regs are ignored */
331
+
" .insn rrf,%[opc] << 16,2,4,6,0\n"
332
+
: "=m" (*query)
333
+
: "d" (r0), "a" (r1), [opc] "i" (opcode)
334
+
: "cc");
335
+
}
336
+
337
+
#define INSN_SORTL 0xb938
338
+
#define INSN_DFLTCC 0xb939
339
+
330
340
static void kvm_s390_cpu_feat_init(void)
331
341
{
332
342
int i;
···
389
367
if (test_facility(146)) /* MSA8 */
390
368
__cpacf_query(CPACF_KMA, (cpacf_mask_t *)
391
369
kvm_s390_available_subfunc.kma);
370
+
371
+
if (test_facility(155)) /* MSA9 */
372
+
__cpacf_query(CPACF_KDSA, (cpacf_mask_t *)
373
+
kvm_s390_available_subfunc.kdsa);
374
+
375
+
if (test_facility(150)) /* SORTL */
376
+
__insn32_query(INSN_SORTL, kvm_s390_available_subfunc.sortl);
377
+
378
+
if (test_facility(151)) /* DFLTCC */
379
+
__insn32_query(INSN_DFLTCC, kvm_s390_available_subfunc.dfltcc);
392
380
393
381
if (MACHINE_HAS_ESOP)
394
382
allow_cpu_feat(KVM_S390_VM_CPU_FEAT_ESOP);
···
685
653
if (test_facility(135)) {
686
654
set_kvm_facility(kvm->arch.model.fac_mask, 135);
687
655
set_kvm_facility(kvm->arch.model.fac_list, 135);
656
+
}
657
+
if (test_facility(148)) {
658
+
set_kvm_facility(kvm->arch.model.fac_mask, 148);
659
+
set_kvm_facility(kvm->arch.model.fac_list, 148);
660
+
}
661
+
if (test_facility(152)) {
662
+
set_kvm_facility(kvm->arch.model.fac_mask, 152);
663
+
set_kvm_facility(kvm->arch.model.fac_list, 152);
688
664
}
689
665
r = 0;
690
666
} else
···
1360
1320
VM_EVENT(kvm, 3, "SET: guest KMA subfunc 0x%16.16lx.%16.16lx",
1361
1321
((unsigned long *) &kvm->arch.model.subfuncs.kma)[0],
1362
1322
((unsigned long *) &kvm->arch.model.subfuncs.kma)[1]);
1323
+
VM_EVENT(kvm, 3, "SET: guest KDSA subfunc 0x%16.16lx.%16.16lx",
1324
+
((unsigned long *) &kvm->arch.model.subfuncs.kdsa)[0],
1325
+
((unsigned long *) &kvm->arch.model.subfuncs.kdsa)[1]);
1326
+
VM_EVENT(kvm, 3, "SET: guest SORTL subfunc 0x%16.16lx.%16.16lx.%16.16lx.%16.16lx",
1327
+
((unsigned long *) &kvm->arch.model.subfuncs.sortl)[0],
1328
+
((unsigned long *) &kvm->arch.model.subfuncs.sortl)[1],
1329
+
((unsigned long *) &kvm->arch.model.subfuncs.sortl)[2],
1330
+
((unsigned long *) &kvm->arch.model.subfuncs.sortl)[3]);
1331
+
VM_EVENT(kvm, 3, "SET: guest DFLTCC subfunc 0x%16.16lx.%16.16lx.%16.16lx.%16.16lx",
1332
+
((unsigned long *) &kvm->arch.model.subfuncs.dfltcc)[0],
1333
+
((unsigned long *) &kvm->arch.model.subfuncs.dfltcc)[1],
1334
+
((unsigned long *) &kvm->arch.model.subfuncs.dfltcc)[2],
1335
+
((unsigned long *) &kvm->arch.model.subfuncs.dfltcc)[3]);
1363
1336
1364
1337
return 0;
1365
1338
}
···
1541
1488
VM_EVENT(kvm, 3, "GET: guest KMA subfunc 0x%16.16lx.%16.16lx",
1542
1489
((unsigned long *) &kvm->arch.model.subfuncs.kma)[0],
1543
1490
((unsigned long *) &kvm->arch.model.subfuncs.kma)[1]);
1491
+
VM_EVENT(kvm, 3, "GET: guest KDSA subfunc 0x%16.16lx.%16.16lx",
1492
+
((unsigned long *) &kvm->arch.model.subfuncs.kdsa)[0],
1493
+
((unsigned long *) &kvm->arch.model.subfuncs.kdsa)[1]);
1494
+
VM_EVENT(kvm, 3, "GET: guest SORTL subfunc 0x%16.16lx.%16.16lx.%16.16lx.%16.16lx",
1495
+
((unsigned long *) &kvm->arch.model.subfuncs.sortl)[0],
1496
+
((unsigned long *) &kvm->arch.model.subfuncs.sortl)[1],
1497
+
((unsigned long *) &kvm->arch.model.subfuncs.sortl)[2],
1498
+
((unsigned long *) &kvm->arch.model.subfuncs.sortl)[3]);
1499
+
VM_EVENT(kvm, 3, "GET: guest DFLTCC subfunc 0x%16.16lx.%16.16lx.%16.16lx.%16.16lx",
1500
+
((unsigned long *) &kvm->arch.model.subfuncs.dfltcc)[0],
1501
+
((unsigned long *) &kvm->arch.model.subfuncs.dfltcc)[1],
1502
+
((unsigned long *) &kvm->arch.model.subfuncs.dfltcc)[2],
1503
+
((unsigned long *) &kvm->arch.model.subfuncs.dfltcc)[3]);
1544
1504
1545
1505
return 0;
1546
1506
}
···
1609
1543
VM_EVENT(kvm, 3, "GET: host KMA subfunc 0x%16.16lx.%16.16lx",
1610
1544
((unsigned long *) &kvm_s390_available_subfunc.kma)[0],
1611
1545
((unsigned long *) &kvm_s390_available_subfunc.kma)[1]);
1546
+
VM_EVENT(kvm, 3, "GET: host KDSA subfunc 0x%16.16lx.%16.16lx",
1547
+
((unsigned long *) &kvm_s390_available_subfunc.kdsa)[0],
1548
+
((unsigned long *) &kvm_s390_available_subfunc.kdsa)[1]);
1549
+
VM_EVENT(kvm, 3, "GET: host SORTL subfunc 0x%16.16lx.%16.16lx.%16.16lx.%16.16lx",
1550
+
((unsigned long *) &kvm_s390_available_subfunc.sortl)[0],
1551
+
((unsigned long *) &kvm_s390_available_subfunc.sortl)[1],
1552
+
((unsigned long *) &kvm_s390_available_subfunc.sortl)[2],
1553
+
((unsigned long *) &kvm_s390_available_subfunc.sortl)[3]);
1554
+
VM_EVENT(kvm, 3, "GET: host DFLTCC subfunc 0x%16.16lx.%16.16lx.%16.16lx.%16.16lx",
1555
+
((unsigned long *) &kvm_s390_available_subfunc.dfltcc)[0],
1556
+
((unsigned long *) &kvm_s390_available_subfunc.dfltcc)[1],
1557
+
((unsigned long *) &kvm_s390_available_subfunc.dfltcc)[2],
1558
+
((unsigned long *) &kvm_s390_available_subfunc.dfltcc)[3]);
1612
1559
1613
1560
return 0;
1614
1561
}
···
2893
2814
vcpu->arch.enabled_gmap = vcpu->arch.gmap;
2894
2815
}
2895
2816
2817
+
static bool kvm_has_pckmo_subfunc(struct kvm *kvm, unsigned long nr)
2818
+
{
2819
+
if (test_bit_inv(nr, (unsigned long *)&kvm->arch.model.subfuncs.pckmo) &&
2820
+
test_bit_inv(nr, (unsigned long *)&kvm_s390_available_subfunc.pckmo))
2821
+
return true;
2822
+
return false;
2823
+
}
2824
+
2825
+
static bool kvm_has_pckmo_ecc(struct kvm *kvm)
2826
+
{
2827
+
/* At least one ECC subfunction must be present */
2828
+
return kvm_has_pckmo_subfunc(kvm, 32) ||
2829
+
kvm_has_pckmo_subfunc(kvm, 33) ||
2830
+
kvm_has_pckmo_subfunc(kvm, 34) ||
2831
+
kvm_has_pckmo_subfunc(kvm, 40) ||
2832
+
kvm_has_pckmo_subfunc(kvm, 41);
2833
+
2834
+
}
2835
+
2896
2836
static void kvm_s390_vcpu_crypto_setup(struct kvm_vcpu *vcpu)
2897
2837
{
2898
2838
/*
···
2924
2826
vcpu->arch.sie_block->crycbd = vcpu->kvm->arch.crypto.crycbd;
2925
2827
vcpu->arch.sie_block->ecb3 &= ~(ECB3_AES | ECB3_DEA);
2926
2828
vcpu->arch.sie_block->eca &= ~ECA_APIE;
2829
+
vcpu->arch.sie_block->ecd &= ~ECD_ECC;
2927
2830
2928
2831
if (vcpu->kvm->arch.crypto.apie)
2929
2832
vcpu->arch.sie_block->eca |= ECA_APIE;
2930
2833
2931
2834
/* Set up protected key support */
2932
-
if (vcpu->kvm->arch.crypto.aes_kw)
2835
+
if (vcpu->kvm->arch.crypto.aes_kw) {
2933
2836
vcpu->arch.sie_block->ecb3 |= ECB3_AES;
2837
+
/* ecc is also wrapped with AES key */
2838
+
if (kvm_has_pckmo_ecc(vcpu->kvm))
2839
+
vcpu->arch.sie_block->ecd |= ECD_ECC;
2840
+
}
2841
+
2934
2842
if (vcpu->kvm->arch.crypto.dea_kw)
2935
2843
vcpu->arch.sie_block->ecb3 |= ECB3_DEA;
2936
2844
}
···
3167
3063
kvm_s390_sync_request(KVM_REQ_MMU_RELOAD, vcpu);
3168
3064
}
3169
3065
}
3066
+
}
3067
+
3068
+
bool kvm_arch_no_poll(struct kvm_vcpu *vcpu)
3069
+
{
3070
+
/* do not poll with more than halt_poll_max_steal percent of steal time */
3071
+
if (S390_lowcore.avg_steal_timer * 100 / (TICK_USEC << 12) >=
3072
+
halt_poll_max_steal) {
3073
+
vcpu->stat.halt_no_poll_steal++;
3074
+
return true;
3075
+
}
3076
+
return false;
3170
3077
}
3171
3078
3172
3079
int kvm_arch_vcpu_should_kick(struct kvm_vcpu *vcpu)
+9
-4
arch/s390/kvm/vsie.c
+9
-4
arch/s390/kvm/vsie.c
···
288
288
const u32 crycb_addr = crycbd_o & 0x7ffffff8U;
289
289
unsigned long *b1, *b2;
290
290
u8 ecb3_flags;
291
+
u32 ecd_flags;
291
292
int apie_h;
293
+
int apie_s;
292
294
int key_msk = test_kvm_facility(vcpu->kvm, 76);
293
295
int fmt_o = crycbd_o & CRYCB_FORMAT_MASK;
294
296
int fmt_h = vcpu->arch.sie_block->crycbd & CRYCB_FORMAT_MASK;
···
299
297
scb_s->crycbd = 0;
300
298
301
299
apie_h = vcpu->arch.sie_block->eca & ECA_APIE;
302
-
if (!apie_h && (!key_msk || fmt_o == CRYCB_FORMAT0))
300
+
apie_s = apie_h & scb_o->eca;
301
+
if (!apie_s && (!key_msk || (fmt_o == CRYCB_FORMAT0)))
303
302
return 0;
304
303
305
304
if (!crycb_addr)
···
311
308
((crycb_addr + 128) & PAGE_MASK))
312
309
return set_validity_icpt(scb_s, 0x003CU);
313
310
314
-
if (apie_h && (scb_o->eca & ECA_APIE)) {
311
+
if (apie_s) {
315
312
ret = setup_apcb(vcpu, &vsie_page->crycb, crycb_addr,
316
313
vcpu->kvm->arch.crypto.crycb,
317
314
fmt_o, fmt_h);
···
323
320
/* we may only allow it if enabled for guest 2 */
324
321
ecb3_flags = scb_o->ecb3 & vcpu->arch.sie_block->ecb3 &
325
322
(ECB3_AES | ECB3_DEA);
326
-
if (!ecb3_flags)
323
+
ecd_flags = scb_o->ecd & vcpu->arch.sie_block->ecd & ECD_ECC;
324
+
if (!ecb3_flags && !ecd_flags)
327
325
goto end;
328
326
329
327
/* copy only the wrapping keys */
···
333
329
return set_validity_icpt(scb_s, 0x0035U);
334
330
335
331
scb_s->ecb3 |= ecb3_flags;
332
+
scb_s->ecd |= ecd_flags;
336
333
337
334
/* xor both blocks in one run */
338
335
b1 = (unsigned long *) vsie_page->crycb.dea_wrapping_key_mask;
···
344
339
end:
345
340
switch (ret) {
346
341
case -EINVAL:
347
-
return set_validity_icpt(scb_s, 0x0020U);
342
+
return set_validity_icpt(scb_s, 0x0022U);
348
343
case -EFAULT:
349
344
return set_validity_icpt(scb_s, 0x0035U);
350
345
case -EACCES:
+3
arch/s390/tools/gen_facilities.c
+3
arch/s390/tools/gen_facilities.c
+10
include/linux/kvm_host.h
+10
include/linux/kvm_host.h
···
1307
1307
}
1308
1308
#endif /* CONFIG_HAVE_KVM_INVALID_WAKEUPS */
1309
1309
1310
+
#ifdef CONFIG_HAVE_KVM_NO_POLL
1311
+
/* Callback that tells if we must not poll */
1312
+
bool kvm_arch_no_poll(struct kvm_vcpu *vcpu);
1313
+
#else
1314
+
static inline bool kvm_arch_no_poll(struct kvm_vcpu *vcpu)
1315
+
{
1316
+
return false;
1317
+
}
1318
+
#endif /* CONFIG_HAVE_KVM_NO_POLL */
1319
+
1310
1320
#ifdef CONFIG_HAVE_KVM_VCPU_ASYNC_IOCTL
1311
1321
long kvm_arch_vcpu_async_ioctl(struct file *filp,
1312
1322
unsigned int ioctl, unsigned long arg);
+2
-1
tools/arch/s390/include/uapi/asm/kvm.h
+2
-1
tools/arch/s390/include/uapi/asm/kvm.h
+3
virt/kvm/Kconfig
+3
virt/kvm/Kconfig
+1
-1
virt/kvm/kvm_main.c
+1
-1
virt/kvm/kvm_main.c