Re: [PATCH v12] s390x: protvirt: Support unpack facility

[Cornelia Huck]

On Mon, 23 Mar 2020 04:36:06 -0400
Janosch Frank <address@hidden> wrote:

> The unpack facility provides the means to setup a protected guest. A
> protected guest cannot be introspected by the hypervisor or any
> user/administrator of the machine it is running on.
> 
> Protected guests are encrypted at rest and need a special boot
> mechanism via diag308 subcode 8 and 10.
> 
> Code 8 sets the PV specific IPLB which is retained separately from
> those set via code 5.
> 
> Code 10 is used to unpack the VM into protected memory, verify its
> integrity and start it.
> 
> Signed-off-by: Janosch Frank <address@hidden>
> Co-developed-by: Christian Borntraeger <address@hidden> [Changes
> to machine]
> Reviewed-by: David Hildenbrand <address@hidden>
> Reviewed-by: Claudio Imbrenda <address@hidden>
> Reviewed-by: Cornelia Huck <address@hidden>
> ---
>  MAINTAINERS                         |   2 +
>  hw/s390x/Makefile.objs              |   1 +
>  hw/s390x/ipl.c                      |  59 +++++++++++++-
>  hw/s390x/ipl.h                      |  91 ++++++++++++++++++++-
>  hw/s390x/pv.c                       |  98 +++++++++++++++++++++++
>  hw/s390x/s390-virtio-ccw.c          | 119 +++++++++++++++++++++++++++-
>  include/hw/s390x/pv.h               |  55 +++++++++++++
>  include/hw/s390x/s390-virtio-ccw.h  |   1 +
>  target/s390x/cpu.c                  |   1 +
>  target/s390x/cpu_features_def.inc.h |   1 +
>  target/s390x/diag.c                 |  39 ++++++++-
>  target/s390x/kvm-stub.c             |   5 ++
>  target/s390x/kvm.c                  |   5 ++
>  target/s390x/kvm_s390x.h            |   1 +
>  14 files changed, 468 insertions(+), 10 deletions(-)
>  create mode 100644 hw/s390x/pv.c
>  create mode 100644 include/hw/s390x/pv.h

(...)

> diff --git a/hw/s390x/pv.c b/hw/s390x/pv.c
> new file mode 100644
> index 0000000000000000..8cf5cd2c9bcd48b0
> --- /dev/null
> +++ b/hw/s390x/pv.c

(...)

> +int s390_pv_set_sec_parms(uint64_t origin, uint64_t length)
> +{
> +    struct kvm_s390_pv_sec_parm args = {
> +        .origin = origin,
> +        .length = length,
> +    };
> +
> +    return s390_pv_cmd(KVM_PV_VM_SET_SEC_PARMS, &args);
> +}
> +
> +/*
> + * Called for each component in the SE type IPL parameter block 0.
> + */
> +int s390_pv_unpack(uint64_t addr, uint64_t size, uint64_t tweak)
> +{
> +    struct kvm_s390_pv_unp args = {
> +        .addr = addr,
> +        .size = size,
> +        .tweak = tweak,
> +    };
> +
> +    return s390_pv_cmd(KVM_PV_VM_UNPACK, &args);
> +}
> +
> +void s390_pv_perf_clear_reset(void)
> +{
> +    s390_pv_cmd_exit(KVM_PV_VM_PREP_RESET, NULL);
> +}
> +
> +int s390_pv_verify(void)
> +{
> +    return s390_pv_cmd(KVM_PV_VM_VERIFY, NULL);
> +}
> +
> +void s390_pv_unshare(void)
> +{
> +    s390_pv_cmd_exit(KVM_PV_VM_UNSHARE_ALL, NULL);
> +}

Note that the dummy headers update in this series still had the
KVM_PV_VM_ defines, while the real headers update pulled in the KVM_PV_
defines that went upstream. I fixed this up in s390-next.

(...)