Introduce an interface over which we can get information about UV data.
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
---
hw/s390x/pv.c | 61 ++++++++++++++++++++++++++++++++++++++
hw/s390x/s390-virtio-ccw.c | 5 ++++
include/hw/s390x/pv.h | 10 +++++++
3 files changed, 76 insertions(+)
diff --git a/hw/s390x/pv.c b/hw/s390x/pv.c
index 401b63d6cb..a5af4ddf46 100644
--- a/hw/s390x/pv.c
+++ b/hw/s390x/pv.c
@@ -20,6 +20,11 @@
#include "exec/confidential-guest-support.h"
#include "hw/s390x/ipl.h"
#include "hw/s390x/pv.h"
+#include "target/s390x/kvm/kvm_s390x.h"
+
+static bool info_valid;
+static struct kvm_s390_pv_info_vm info_vm;
+static struct kvm_s390_pv_info_dump info_dump;
static int __s390_pv_cmd(uint32_t cmd, const char *cmdname, void *data)
{
@@ -56,6 +61,42 @@ static int __s390_pv_cmd(uint32_t cmd, const char *cmdname, void *data)
} \
}
+int s390_pv_query_info(void)
+{
+ struct kvm_s390_pv_info info = {
+ .header.id = KVM_PV_INFO_VM,
+ .header.len_max = sizeof(info.header) + sizeof(info.vm),
+ };
+ int rc;
+
+ /* Info API's first user is dump so they are bundled */
+ if (!kvm_s390_get_protected_dump()) {
+ return 0;
+ }
+
+ rc = s390_pv_cmd(KVM_PV_INFO, &info);
+ if (rc) {
+ error_report("KVM PV INFO cmd %x failed: %s",
+ info.header.id, strerror(rc));
+ return rc;
+ }
+ memcpy(&info_vm, &info.vm, sizeof(info.vm));
+
+ info.header.id = KVM_PV_INFO_DUMP;
+ info.header.len_max = sizeof(info.header) + sizeof(info.dump);
+ rc = s390_pv_cmd(KVM_PV_INFO, &info);
+ if (rc) {
+ error_report("KVM PV INFO cmd %x failed: %s",
+ info.header.id, strerror(rc));
+ return rc;
+ }
+
+ memcpy(&info_dump, &info.dump, sizeof(info.dump));
+ info_valid = true;
+
+ return rc;
+}
+
int s390_pv_vm_enable(void)
{
return s390_pv_cmd(KVM_PV_ENABLE, NULL);
@@ -114,6 +155,26 @@ void s390_pv_inject_reset_error(CPUState *cs)
env->regs[r1 + 1] = DIAG_308_RC_INVAL_FOR_PV;
}
+uint64_t kvm_s390_pv_dmp_get_size_cpu(void)
+{
+ return info_dump.dump_cpu_buffer_len;
+}
+
+uint64_t kvm_s390_pv_dmp_get_size_complete(void)
+{
+ return info_dump.dump_config_finalize_len;
+}
+
+uint64_t kvm_s390_pv_dmp_get_size_mem(void)
+{
+ return info_dump.dump_config_mem_buffer_per_1m;
+}
+
+bool kvm_s390_pv_info_basic_valid(void)
+{
+ return info_valid;
+}
+
#define TYPE_S390_PV_GUEST "s390-pv-guest"
OBJECT_DECLARE_SIMPLE_TYPE(S390PVGuest, S390_PV_GUEST)
diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
index cc3097bfee..f9401e392b 100644
--- a/hw/s390x/s390-virtio-ccw.c
+++ b/hw/s390x/s390-virtio-ccw.c
@@ -366,6 +366,11 @@ static int s390_machine_protect(S390CcwMachineState *ms)
ms->pv = true;
+ rc = s390_pv_query_info();
+ if (rc) {
+ goto out_err;
+ }
+
/* Set SE header and unpack */
rc = s390_ipl_prepare_pv_header();
if (rc) {
diff --git a/include/hw/s390x/pv.h b/include/hw/s390x/pv.h
index 1f1f545bfc..6fa55bf70e 100644
--- a/include/hw/s390x/pv.h
+++ b/include/hw/s390x/pv.h
@@ -38,6 +38,7 @@ static inline bool s390_is_pv(void)
return ccw->pv;
}
+int s390_pv_query_info(void);
int s390_pv_vm_enable(void);
void s390_pv_vm_disable(void);
int s390_pv_set_sec_parms(uint64_t origin, uint64_t length);
@@ -46,8 +47,13 @@ void s390_pv_prep_reset(void);
int s390_pv_verify(void);
void s390_pv_unshare(void);
void s390_pv_inject_reset_error(CPUState *cs);
+uint64_t kvm_s390_pv_dmp_get_size_cpu(void);
+uint64_t kvm_s390_pv_dmp_get_size_mem(void);
+uint64_t kvm_s390_pv_dmp_get_size_complete(void);
+bool kvm_s390_pv_info_basic_valid(void);
#else /* CONFIG_KVM */
static inline bool s390_is_pv(void) { return false; }
+static inline int s390_pv_query_info(void) { return 0; }
static inline int s390_pv_vm_enable(void) { return 0; }
static inline void s390_pv_vm_disable(void) {}
static inline int s390_pv_set_sec_parms(uint64_t origin, uint64_t length) { return 0; }
@@ -56,6 +62,10 @@ static inline void s390_pv_prep_reset(void) {}
static inline int s390_pv_verify(void) { return 0; }
static inline void s390_pv_unshare(void) {}
static inline void s390_pv_inject_reset_error(CPUState *cs) {};
+static inline uint64_t kvm_s390_pv_dmp_get_size_cpu(void) { return 0; }
+static inline uint64_t kvm_s390_pv_dmp_get_size_mem(void) { return 0; }
+static inline uint64_t kvm_s390_pv_dmp_get_size_complete(void) { return 0; }
+static inline bool kvm_s390_pv_info_basic_valid(void) { return false; }
#endif /* CONFIG_KVM */
int s390_pv_kvm_init(ConfidentialGuestSupport *cgs, Error **errp);
--
2.34.1Hi
On Wed, Jul 13, 2022 at 5:18 PM Janosch Frank <frankja@linux.ibm.com> wrote:
> Introduce an interface over which we can get information about UV data.
>
> Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
> ---
> hw/s390x/pv.c | 61 ++++++++++++++++++++++++++++++++++++++
> hw/s390x/s390-virtio-ccw.c | 5 ++++
> include/hw/s390x/pv.h | 10 +++++++
> 3 files changed, 76 insertions(+)
>
> diff --git a/hw/s390x/pv.c b/hw/s390x/pv.c
> index 401b63d6cb..a5af4ddf46 100644
> --- a/hw/s390x/pv.c
> +++ b/hw/s390x/pv.c
> @@ -20,6 +20,11 @@
> #include "exec/confidential-guest-support.h"
> #include "hw/s390x/ipl.h"
> #include "hw/s390x/pv.h"
> +#include "target/s390x/kvm/kvm_s390x.h"
> +
> +static bool info_valid;
> +static struct kvm_s390_pv_info_vm info_vm;
> +static struct kvm_s390_pv_info_dump info_dump;
>
> static int __s390_pv_cmd(uint32_t cmd, const char *cmdname, void *data)
> {
> @@ -56,6 +61,42 @@ static int __s390_pv_cmd(uint32_t cmd, const char
> *cmdname, void *data)
> } \
> }
>
> +int s390_pv_query_info(void)
> +{
> + struct kvm_s390_pv_info info = {
> + .header.id = KVM_PV_INFO_VM,
> + .header.len_max = sizeof(info.header) + sizeof(info.vm),
> + };
> + int rc;
> +
> + /* Info API's first user is dump so they are bundled */
> + if (!kvm_s390_get_protected_dump()) {
> + return 0;
> + }
> +
> + rc = s390_pv_cmd(KVM_PV_INFO, &info);
> + if (rc) {
> + error_report("KVM PV INFO cmd %x failed: %s",
> + info.header.id, strerror(rc));
> + return rc;
> + }
> + memcpy(&info_vm, &info.vm, sizeof(info.vm));
> +
> + info.header.id = KVM_PV_INFO_DUMP;
> + info.header.len_max = sizeof(info.header) + sizeof(info.dump);
> + rc = s390_pv_cmd(KVM_PV_INFO, &info);
> + if (rc) {
> + error_report("KVM PV INFO cmd %x failed: %s",
> + info.header.id, strerror(rc));
> + return rc;
> + }
> +
> + memcpy(&info_dump, &info.dump, sizeof(info.dump));
> + info_valid = true;
> +
> + return rc;
> +}
> +
> int s390_pv_vm_enable(void)
> {
> return s390_pv_cmd(KVM_PV_ENABLE, NULL);
> @@ -114,6 +155,26 @@ void s390_pv_inject_reset_error(CPUState *cs)
> env->regs[r1 + 1] = DIAG_308_RC_INVAL_FOR_PV;
> }
>
> +uint64_t kvm_s390_pv_dmp_get_size_cpu(void)
> +{
> + return info_dump.dump_cpu_buffer_len;
> +}
> +
> +uint64_t kvm_s390_pv_dmp_get_size_complete(void)
> +{
> + return info_dump.dump_config_finalize_len;
> +}
> +
> +uint64_t kvm_s390_pv_dmp_get_size_mem(void)
> +{
> + return info_dump.dump_config_mem_buffer_per_1m;
> +}
> +
> +bool kvm_s390_pv_info_basic_valid(void)
> +{
> + return info_valid;
> +}
> +
> #define TYPE_S390_PV_GUEST "s390-pv-guest"
> OBJECT_DECLARE_SIMPLE_TYPE(S390PVGuest, S390_PV_GUEST)
>
> diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
> index cc3097bfee..f9401e392b 100644
> --- a/hw/s390x/s390-virtio-ccw.c
> +++ b/hw/s390x/s390-virtio-ccw.c
> @@ -366,6 +366,11 @@ static int s390_machine_protect(S390CcwMachineState
> *ms)
>
> ms->pv = true;
>
> + rc = s390_pv_query_info();
> + if (rc) {
> + goto out_err;
>
Maybe it's not necessary to make it fatal on error?
lgtm otherwise
> + }
> +
> /* Set SE header and unpack */
> rc = s390_ipl_prepare_pv_header();
> if (rc) {
> diff --git a/include/hw/s390x/pv.h b/include/hw/s390x/pv.h
> index 1f1f545bfc..6fa55bf70e 100644
> --- a/include/hw/s390x/pv.h
> +++ b/include/hw/s390x/pv.h
> @@ -38,6 +38,7 @@ static inline bool s390_is_pv(void)
> return ccw->pv;
> }
>
> +int s390_pv_query_info(void);
> int s390_pv_vm_enable(void);
> void s390_pv_vm_disable(void);
> int s390_pv_set_sec_parms(uint64_t origin, uint64_t length);
> @@ -46,8 +47,13 @@ void s390_pv_prep_reset(void);
> int s390_pv_verify(void);
> void s390_pv_unshare(void);
> void s390_pv_inject_reset_error(CPUState *cs);
> +uint64_t kvm_s390_pv_dmp_get_size_cpu(void);
> +uint64_t kvm_s390_pv_dmp_get_size_mem(void);
> +uint64_t kvm_s390_pv_dmp_get_size_complete(void);
> +bool kvm_s390_pv_info_basic_valid(void);
> #else /* CONFIG_KVM */
> static inline bool s390_is_pv(void) { return false; }
> +static inline int s390_pv_query_info(void) { return 0; }
> static inline int s390_pv_vm_enable(void) { return 0; }
> static inline void s390_pv_vm_disable(void) {}
> static inline int s390_pv_set_sec_parms(uint64_t origin, uint64_t length)
> { return 0; }
> @@ -56,6 +62,10 @@ static inline void s390_pv_prep_reset(void) {}
> static inline int s390_pv_verify(void) { return 0; }
> static inline void s390_pv_unshare(void) {}
> static inline void s390_pv_inject_reset_error(CPUState *cs) {};
> +static inline uint64_t kvm_s390_pv_dmp_get_size_cpu(void) { return 0; }
> +static inline uint64_t kvm_s390_pv_dmp_get_size_mem(void) { return 0; }
> +static inline uint64_t kvm_s390_pv_dmp_get_size_complete(void) { return
> 0; }
> +static inline bool kvm_s390_pv_info_basic_valid(void) { return false; }
> #endif /* CONFIG_KVM */
>
> int s390_pv_kvm_init(ConfidentialGuestSupport *cgs, Error **errp);
> --
> 2.34.1
>
>
>
--
Marc-André Lureau
On 7/15/22 10:10, Marc-André Lureau wrote:
[...]
>> ms->pv = true;
>>
>> + rc = s390_pv_query_info();
>> + if (rc) {
>> + goto out_err;
>>
>
> Maybe it's not necessary to make it fatal on error?
>
> lgtm otherwise
Hmm, yes and no.
The info API is fenced by the dump CAP so I don't ever expect an error
here but on the other hand an optional info API fail might not warrant
an error.
>
>
>> + }
>> +
>> /* Set SE header and unpack */
>> rc = s390_ipl_prepare_pv_header();
>> if (rc) {
>> diff --git a/include/hw/s390x/pv.h b/include/hw/s390x/pv.h
>> index 1f1f545bfc..6fa55bf70e 100644
>> --- a/include/hw/s390x/pv.h
>> +++ b/include/hw/s390x/pv.h
>> @@ -38,6 +38,7 @@ static inline bool s390_is_pv(void)
>> return ccw->pv;
>> }
>>
>> +int s390_pv_query_info(void);
>> int s390_pv_vm_enable(void);
>> void s390_pv_vm_disable(void);
>> int s390_pv_set_sec_parms(uint64_t origin, uint64_t length);
>> @@ -46,8 +47,13 @@ void s390_pv_prep_reset(void);
>> int s390_pv_verify(void);
>> void s390_pv_unshare(void);
>> void s390_pv_inject_reset_error(CPUState *cs);
>> +uint64_t kvm_s390_pv_dmp_get_size_cpu(void);
>> +uint64_t kvm_s390_pv_dmp_get_size_mem(void);
>> +uint64_t kvm_s390_pv_dmp_get_size_complete(void);
>> +bool kvm_s390_pv_info_basic_valid(void);
>> #else /* CONFIG_KVM */
>> static inline bool s390_is_pv(void) { return false; }
>> +static inline int s390_pv_query_info(void) { return 0; }
>> static inline int s390_pv_vm_enable(void) { return 0; }
>> static inline void s390_pv_vm_disable(void) {}
>> static inline int s390_pv_set_sec_parms(uint64_t origin, uint64_t length)
>> { return 0; }
>> @@ -56,6 +62,10 @@ static inline void s390_pv_prep_reset(void) {}
>> static inline int s390_pv_verify(void) { return 0; }
>> static inline void s390_pv_unshare(void) {}
>> static inline void s390_pv_inject_reset_error(CPUState *cs) {};
>> +static inline uint64_t kvm_s390_pv_dmp_get_size_cpu(void) { return 0; }
>> +static inline uint64_t kvm_s390_pv_dmp_get_size_mem(void) { return 0; }
>> +static inline uint64_t kvm_s390_pv_dmp_get_size_complete(void) { return
>> 0; }
>> +static inline bool kvm_s390_pv_info_basic_valid(void) { return false; }
>> #endif /* CONFIG_KVM */
>>
>> int s390_pv_kvm_init(ConfidentialGuestSupport *cgs, Error **errp);
>> --
>> 2.34.1
>>
>>
>>
>
On Fri, Jul 15, 2022 at 12:18 PM Janosch Frank <frankja@linux.ibm.com>
wrote:
> On 7/15/22 10:10, Marc-André Lureau wrote:
> [...]
> >> ms->pv = true;
> >>
> >> + rc = s390_pv_query_info();
> >> + if (rc) {
> >> + goto out_err;
> >>
> >
> > Maybe it's not necessary to make it fatal on error?
> >
> > lgtm otherwise
>
> Hmm, yes and no.
> The info API is fenced by the dump CAP so I don't ever expect an error
> here but on the other hand an optional info API fail might not warrant
> an error.
>
>
I see. You could explain more explicitly in the commit messages and/or
comments the kernel version/requirements.
> >
> >
> >> + }
> >> +
> >> /* Set SE header and unpack */
> >> rc = s390_ipl_prepare_pv_header();
> >> if (rc) {
> >> diff --git a/include/hw/s390x/pv.h b/include/hw/s390x/pv.h
> >> index 1f1f545bfc..6fa55bf70e 100644
> >> --- a/include/hw/s390x/pv.h
> >> +++ b/include/hw/s390x/pv.h
> >> @@ -38,6 +38,7 @@ static inline bool s390_is_pv(void)
> >> return ccw->pv;
> >> }
> >>
> >> +int s390_pv_query_info(void);
> >> int s390_pv_vm_enable(void);
> >> void s390_pv_vm_disable(void);
> >> int s390_pv_set_sec_parms(uint64_t origin, uint64_t length);
> >> @@ -46,8 +47,13 @@ void s390_pv_prep_reset(void);
> >> int s390_pv_verify(void);
> >> void s390_pv_unshare(void);
> >> void s390_pv_inject_reset_error(CPUState *cs);
> >> +uint64_t kvm_s390_pv_dmp_get_size_cpu(void);
> >> +uint64_t kvm_s390_pv_dmp_get_size_mem(void);
> >> +uint64_t kvm_s390_pv_dmp_get_size_complete(void);
> >> +bool kvm_s390_pv_info_basic_valid(void);
> >> #else /* CONFIG_KVM */
> >> static inline bool s390_is_pv(void) { return false; }
> >> +static inline int s390_pv_query_info(void) { return 0; }
> >> static inline int s390_pv_vm_enable(void) { return 0; }
> >> static inline void s390_pv_vm_disable(void) {}
> >> static inline int s390_pv_set_sec_parms(uint64_t origin, uint64_t
> length)
> >> { return 0; }
> >> @@ -56,6 +62,10 @@ static inline void s390_pv_prep_reset(void) {}
> >> static inline int s390_pv_verify(void) { return 0; }
> >> static inline void s390_pv_unshare(void) {}
> >> static inline void s390_pv_inject_reset_error(CPUState *cs) {};
> >> +static inline uint64_t kvm_s390_pv_dmp_get_size_cpu(void) { return 0; }
> >> +static inline uint64_t kvm_s390_pv_dmp_get_size_mem(void) { return 0; }
> >> +static inline uint64_t kvm_s390_pv_dmp_get_size_complete(void) { return
> >> 0; }
> >> +static inline bool kvm_s390_pv_info_basic_valid(void) { return false; }
> >> #endif /* CONFIG_KVM */
> >>
> >> int s390_pv_kvm_init(ConfidentialGuestSupport *cgs, Error **errp);
> >> --
> >> 2.34.1
> >>
> >>
> >>
> >
>
>
--
Marc-André Lureau
© 2016 - 2026 Red Hat, Inc.