Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp1252321imm; Fri, 29 Jun 2018 14:25:09 -0700 (PDT) X-Google-Smtp-Source: AAOMgpfXEBn/wwvpganzGPVGK5Qa/9dgaNGeeOkRN6OnfXMZ2gR85A12SUDSvZPM7Hug54rLcFxH X-Received: by 2002:a62:506:: with SMTP id 6-v6mr15927142pff.47.1530307509801; Fri, 29 Jun 2018 14:25:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1530307509; cv=none; d=google.com; s=arc-20160816; b=tBVOOCaN1ykxvIugbaCmCUc1+9e1Bb65+u4KvX/UTZj3ntT6RJeHdC1s5MKCldV11T 7en4rMU9ln7DblyUg/rYEdiZuIMiiX/QugAQCPLHf6qEytn8rYVj8jGP51YKj2TQW/Q5 YL/1YycwxqSt6FPLVwbpolUumM4lK1ptf3Es6hrmQOLhfFtt7wqyyLMMBkJKloS4RPuT 8dwu7UqrFVeCUrcrsJoNkWNpv0li+cl91HiYz3k+lnrJ7dil2xjddHYRygg5WhsZCi35 wL0+iOh8ISD8FLQMsIcG211K52cqXvdu0dybJlg3YqyB+e8h8OybXU6IMvt3SjU46cdq WCag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:references:in-reply-to:date :subject:cc:to:from:arc-authentication-results; bh=juZjewAgattB+e9ik9p/4tU2KmtRSxatVeJCW6mZ9Ko=; b=YcMRjTE5CUxSS0bqpDaNIurnKMCvFYJVWiupv3fFJNJRJLGclen7DCtvHEt01RWcf2 D57jzJkMYGS+fXdGGnb7dH5Tfe5MJmUxw384NlvjCyza6XqrVWqMtHwucUpf3pUvrJHr 7NCxmIOJQLG5mW1wi3QoUfAtIHyswnqQL5BkKZ0FBf6gr6ylXA37CRYOUDyjY5qkuuBV aBOaXadJh3sQlp9ctj/EdDSUWR0u48Qypx3+dL4VqCqVv+1gWAQQHWshBDHPxR5ukQ1Y 3GrgFUORNpgI3fOBcWL4bW5GxpbyLS4SuDTrGZQ/GDNGZWcOVYHUinzj7Mq1hgwk4Dnx 9rvQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f4-v6si8813224pgc.522.2018.06.29.14.24.55; Fri, 29 Jun 2018 14:25:09 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S936870AbeF2VRK (ORCPT + 99 others); Fri, 29 Jun 2018 17:17:10 -0400 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:50098 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1030402AbeF2VLs (ORCPT ); Fri, 29 Jun 2018 17:11:48 -0400 Received: from pps.filterd (m0098420.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w5TL9dP4072818 for ; Fri, 29 Jun 2018 17:11:48 -0400 Received: from e17.ny.us.ibm.com (e17.ny.us.ibm.com [129.33.205.207]) by mx0b-001b2d01.pphosted.com with ESMTP id 2jws6170sb-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Fri, 29 Jun 2018 17:11:48 -0400 Received: from localhost by e17.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 29 Jun 2018 17:11:47 -0400 Received: from b01cxnp23033.gho.pok.ibm.com (9.57.198.28) by e17.ny.us.ibm.com (146.89.104.204) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Fri, 29 Jun 2018 17:11:42 -0400 Received: from b01ledav002.gho.pok.ibm.com (b01ledav002.gho.pok.ibm.com [9.57.199.107]) by b01cxnp23033.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id w5TLBena16777528 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Fri, 29 Jun 2018 21:11:40 GMT Received: from b01ledav002.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id F35CA124054; Fri, 29 Jun 2018 18:13:09 -0400 (EDT) Received: from b01ledav002.gho.pok.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id F355E124052; Fri, 29 Jun 2018 18:13:08 -0400 (EDT) Received: from localhost.localdomain (unknown [9.85.157.42]) by b01ledav002.gho.pok.ibm.com (Postfix) with ESMTPS; Fri, 29 Jun 2018 18:13:08 -0400 (EDT) From: Tony Krowiak To: linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: freude@de.ibm.com, schwidefsky@de.ibm.com, heiko.carstens@de.ibm.com, borntraeger@de.ibm.com, cohuck@redhat.com, kwankhede@nvidia.com, bjsdjshi@linux.vnet.ibm.com, pbonzini@redhat.com, alex.williamson@redhat.com, pmorel@linux.vnet.ibm.com, alifm@linux.vnet.ibm.com, mjrosato@linux.vnet.ibm.com, jjherne@linux.vnet.ibm.com, thuth@redhat.com, pasic@linux.vnet.ibm.com, berrange@redhat.com, fiuczy@linux.vnet.ibm.com, buendgen@de.ibm.com, akrowiak@linux.vnet.ibm.com, Tony Krowiak Subject: [PATCH v6 06/21] KVM: s390: refactor crypto initialization Date: Fri, 29 Jun 2018 17:11:08 -0400 X-Mailer: git-send-email 1.7.1 In-Reply-To: <1530306683-7270-1-git-send-email-akrowiak@linux.vnet.ibm.com> References: <1530306683-7270-1-git-send-email-akrowiak@linux.vnet.ibm.com> X-TM-AS-GCONF: 00 x-cbid: 18062921-0040-0000-0000-000004474D4A X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00009278; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000266; SDB=6.01054189; UDB=6.00540581; IPR=6.00832111; MB=3.00021933; MTD=3.00000008; XFM=3.00000015; UTC=2018-06-29 21:11:45 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 18062921-0041-0000-0000-0000084D66CE Message-Id: <1530306683-7270-7-git-send-email-akrowiak@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2018-06-29_10:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1806210000 definitions=main-1806290224 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Tony Krowiak This patch refactors the code that initializes and sets up the crypto configuration for a guest. The following changes are implemented via this patch: 1. Prior to the introduction of AP device virtualization, it was not necessary to provide guest access to the CRYCB unless the MSA extension 3 (MSAX3) facility was installed on the host system. With the introduction of AP device virtualization, the CRYCB must be made accessible to the guest as long as the AP instructions are installed on the host. 2. Introduces a flag indicating AP instructions executed on the guest shall be interpreted by the firmware. It is initialized to indicate AP instructions are to be to be interpreted and is used to set the SIE bit for each vcpu during vcpu setup. Signed-off-by: Tony Krowiak --- arch/s390/include/asm/kvm_host.h | 3 + arch/s390/kvm/kvm-s390.c | 85 +++++++++++++++++++------------------ 2 files changed, 47 insertions(+), 41 deletions(-) diff --git a/arch/s390/include/asm/kvm_host.h b/arch/s390/include/asm/kvm_host.h index a2188e3..d44e0d5 100644 --- a/arch/s390/include/asm/kvm_host.h +++ b/arch/s390/include/asm/kvm_host.h @@ -186,6 +186,7 @@ struct kvm_s390_sie_block { #define ECA_AIV 0x00200000 #define ECA_VX 0x00020000 #define ECA_PROTEXCI 0x00002000 +#define ECA_APIE 0x00000008 #define ECA_SII 0x00000001 __u32 eca; /* 0x004c */ #define ICPT_INST 0x04 @@ -255,6 +256,7 @@ struct kvm_s390_sie_block { __u8 reservede4[4]; /* 0x00e4 */ __u64 tecmc; /* 0x00e8 */ __u8 reservedf0[12]; /* 0x00f0 */ +#define CRYCB_FORMAT_MASK 0x00000003 #define CRYCB_FORMAT1 0x00000001 #define CRYCB_FORMAT2 0x00000003 __u32 crycbd; /* 0x00fc */ @@ -713,6 +715,7 @@ struct kvm_s390_crypto { __u32 crycbd; __u8 aes_kw; __u8 dea_kw; + __u8 apie; }; #define APCB0_MASK_SIZE 1 diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c index d2208d4..3aa16df 100644 --- a/arch/s390/kvm/kvm-s390.c +++ b/arch/s390/kvm/kvm-s390.c @@ -1886,49 +1886,37 @@ long kvm_arch_vm_ioctl(struct file *filp, return r; } -static int kvm_s390_query_ap_config(u8 *config) -{ - u32 fcn_code = 0x04000000UL; - u32 cc = 0; - - memset(config, 0, 128); - asm volatile( - "lgr 0,%1\n" - "lgr 2,%2\n" - ".long 0xb2af0000\n" /* PQAP(QCI) */ - "0: ipm %0\n" - "srl %0,28\n" - "1:\n" - EX_TABLE(0b, 1b) - : "+r" (cc) - : "r" (fcn_code), "r" (config) - : "cc", "0", "2", "memory" - ); - - return cc; -} - static int kvm_s390_apxa_installed(void) { - u8 config[128]; - int cc; + struct ap_config_info info; - if (test_facility(12)) { - cc = kvm_s390_query_ap_config(config); - - if (cc) - pr_err("PQAP(QCI) failed with cc=%d", cc); - else - return config[0] & 0x40; + if (ap_instructions_available() == 0) { + if (ap_qci(&info) == 0) + return info.apxa; } return 0; } +/* + * The format of the crypto control block (CRYCB) is specified in the 3 low + * order bits of the CRYCB designation (CRYCBD) field as follows: + * Format 0: Neither the message security assist extension 3 (MSAX3) nor the + * AP extended addressing (APXA) facility are installed. + * Format 1: The APXA facility is not installed but the MSAX3 facility is. + * Format 2: Both the APXA and MSAX3 facilities are installed + */ static void kvm_s390_set_crycb_format(struct kvm *kvm) { kvm->arch.crypto.crycbd = (__u32)(unsigned long) kvm->arch.crypto.crycb; + /* Clear the CRYCB format bits - i.e., set format 0 by default */ + kvm->arch.crypto.crycbd &= ~(CRYCB_FORMAT_MASK); + + /* Check whether MSAX3 is installed */ + if (!test_kvm_facility(kvm, 76)) + return; + if (kvm_s390_apxa_installed()) kvm->arch.crypto.crycbd |= CRYCB_FORMAT2; else @@ -1946,11 +1934,13 @@ static u64 kvm_s390_get_initial_cpuid(void) static void kvm_s390_crypto_init(struct kvm *kvm) { - if (!test_kvm_facility(kvm, 76)) - return; - kvm->arch.crypto.crycb = &kvm->arch.sie_page2->crycb; kvm_s390_set_crycb_format(kvm); + /* Default setting indicating SIE shall interpret AP instructions */ + kvm->arch.crypto.apie = 1; + + if (!test_kvm_facility(kvm, 76)) + return; /* Enable AES/DEA protected key functions by default */ kvm->arch.crypto.aes_kw = 1; @@ -2479,17 +2469,30 @@ void kvm_arch_vcpu_postcreate(struct kvm_vcpu *vcpu) static void kvm_s390_vcpu_crypto_setup(struct kvm_vcpu *vcpu) { - if (!test_kvm_facility(vcpu->kvm, 76)) + /* + * If neither the AP instructions nor the MSAX3 facility are installed + * on the host, then there is no need for a CRYCB in SIE because the + * they will not be installed on the guest either. + */ + if (ap_instructions_available() && !test_facility(76)) return; - vcpu->arch.sie_block->ecb3 &= ~(ECB3_AES | ECB3_DEA); + vcpu->arch.sie_block->crycbd = vcpu->kvm->arch.crypto.crycbd; + + vcpu->arch.sie_block->eca &= ~ECA_APIE; + if (vcpu->kvm->arch.crypto.apie && + test_kvm_cpu_feat(vcpu->kvm, KVM_S390_VM_CPU_FEAT_AP)) + vcpu->arch.sie_block->eca |= ECA_APIE; - if (vcpu->kvm->arch.crypto.aes_kw) - vcpu->arch.sie_block->ecb3 |= ECB3_AES; - if (vcpu->kvm->arch.crypto.dea_kw) - vcpu->arch.sie_block->ecb3 |= ECB3_DEA; + /* If MSAX3 is installed on the guest, set up protected key support */ + if (test_kvm_facility(vcpu->kvm, 76)) { + vcpu->arch.sie_block->ecb3 &= ~(ECB3_AES | ECB3_DEA); - vcpu->arch.sie_block->crycbd = vcpu->kvm->arch.crypto.crycbd; + if (vcpu->kvm->arch.crypto.aes_kw) + vcpu->arch.sie_block->ecb3 |= ECB3_AES; + if (vcpu->kvm->arch.crypto.dea_kw) + vcpu->arch.sie_block->ecb3 |= ECB3_DEA; + } } void kvm_s390_vcpu_unsetup_cmma(struct kvm_vcpu *vcpu) -- 1.7.1