pv.c - cachepc-qemu - Fork of AMDESE/qemu with changes for cachepc side-channel attack

	cachepc-qemu Fork of AMDESE/qemu with changes for cachepc side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-qemu
	Log \| Files \| Refs \| Submodules \| LICENSE \| sfeed.txt
pv.c (4160B)
      1/*
      2 * Protected Virtualization functions
      3 *
      4 * Copyright IBM Corp. 2020
      5 * Author(s):
      6 *  Janosch Frank <frankja@linux.ibm.com>
      7 *
      8 * This work is licensed under the terms of the GNU GPL, version 2 or (at
      9 * your option) any later version. See the COPYING file in the top-level
     10 * directory.
     11 */
     12#include "qemu/osdep.h"
     13
     14#include <linux/kvm.h>
     15
     16#include "qapi/error.h"
     17#include "qemu/error-report.h"
     18#include "sysemu/kvm.h"
     19#include "qom/object_interfaces.h"
     20#include "exec/confidential-guest-support.h"
     21#include "hw/s390x/ipl.h"
     22#include "hw/s390x/pv.h"
     23
     24static int __s390_pv_cmd(uint32_t cmd, const char *cmdname, void *data)
     25{
     26    struct kvm_pv_cmd pv_cmd = {
     27        .cmd = cmd,
     28        .data = (uint64_t)data,
     29    };
     30    int rc;
     31
     32    do {
     33        rc = kvm_vm_ioctl(kvm_state, KVM_S390_PV_COMMAND, &pv_cmd);
     34    } while (rc == -EINTR);
     35
     36    if (rc) {
     37        error_report("KVM PV command %d (%s) failed: header rc %x rrc %x "
     38                     "IOCTL rc: %d", cmd, cmdname, pv_cmd.rc, pv_cmd.rrc,
     39                     rc);
     40    }
     41    return rc;
     42}
     43
     44/*
     45 * This macro lets us pass the command as a string to the function so
     46 * we can print it on an error.
     47 */
     48#define s390_pv_cmd(cmd, data) __s390_pv_cmd(cmd, #cmd, data);
     49#define s390_pv_cmd_exit(cmd, data)    \
     50{                                      \
     51    int rc;                            \
     52                                       \
     53    rc = __s390_pv_cmd(cmd, #cmd, data);\
     54    if (rc) {                          \
     55        exit(1);                       \
     56    }                                  \
     57}
     58
     59int s390_pv_vm_enable(void)
     60{
     61    return s390_pv_cmd(KVM_PV_ENABLE, NULL);
     62}
     63
     64void s390_pv_vm_disable(void)
     65{
     66     s390_pv_cmd_exit(KVM_PV_DISABLE, NULL);
     67}
     68
     69int s390_pv_set_sec_parms(uint64_t origin, uint64_t length)
     70{
     71    struct kvm_s390_pv_sec_parm args = {
     72        .origin = origin,
     73        .length = length,
     74    };
     75
     76    return s390_pv_cmd(KVM_PV_SET_SEC_PARMS, &args);
     77}
     78
     79/*
     80 * Called for each component in the SE type IPL parameter block 0.
     81 */
     82int s390_pv_unpack(uint64_t addr, uint64_t size, uint64_t tweak)
     83{
     84    struct kvm_s390_pv_unp args = {
     85        .addr = addr,
     86        .size = size,
     87        .tweak = tweak,
     88    };
     89
     90    return s390_pv_cmd(KVM_PV_UNPACK, &args);
     91}
     92
     93void s390_pv_prep_reset(void)
     94{
     95    s390_pv_cmd_exit(KVM_PV_PREP_RESET, NULL);
     96}
     97
     98int s390_pv_verify(void)
     99{
    100    return s390_pv_cmd(KVM_PV_VERIFY, NULL);
    101}
    102
    103void s390_pv_unshare(void)
    104{
    105    s390_pv_cmd_exit(KVM_PV_UNSHARE_ALL, NULL);
    106}
    107
    108void s390_pv_inject_reset_error(CPUState *cs)
    109{
    110    int r1 = (cs->kvm_run->s390_sieic.ipa & 0x00f0) >> 4;
    111    CPUS390XState *env = &S390_CPU(cs)->env;
    112
    113    /* Report that we are unable to enter protected mode */
    114    env->regs[r1 + 1] = DIAG_308_RC_INVAL_FOR_PV;
    115}
    116
    117#define TYPE_S390_PV_GUEST "s390-pv-guest"
    118OBJECT_DECLARE_SIMPLE_TYPE(S390PVGuest, S390_PV_GUEST)
    119
    120/**
    121 * S390PVGuest:
    122 *
    123 * The S390PVGuest object is basically a dummy used to tell the
    124 * confidential guest support system to use s390's PV mechanism.
    125 *
    126 * # $QEMU \
    127 *         -object s390-pv-guest,id=pv0 \
    128 *         -machine ...,confidential-guest-support=pv0
    129 */
    130struct S390PVGuest {
    131    ConfidentialGuestSupport parent_obj;
    132};
    133
    134typedef struct S390PVGuestClass S390PVGuestClass;
    135
    136struct S390PVGuestClass {
    137    ConfidentialGuestSupportClass parent_class;
    138};
    139
    140int s390_pv_kvm_init(ConfidentialGuestSupport *cgs, Error **errp)
    141{
    142    if (!object_dynamic_cast(OBJECT(cgs), TYPE_S390_PV_GUEST)) {
    143        return 0;
    144    }
    145
    146    if (!s390_has_feat(S390_FEAT_UNPACK)) {
    147        error_setg(errp,
    148                   "CPU model does not support Protected Virtualization");
    149        return -1;
    150    }
    151
    152    cgs->ready = true;
    153
    154    return 0;
    155}
    156
    157OBJECT_DEFINE_TYPE_WITH_INTERFACES(S390PVGuest,
    158                                   s390_pv_guest,
    159                                   S390_PV_GUEST,
    160                                   CONFIDENTIAL_GUEST_SUPPORT,
    161                                   { TYPE_USER_CREATABLE },
    162                                   { NULL })
    163
    164static void s390_pv_guest_class_init(ObjectClass *oc, void *data)
    165{
    166}
    167
    168static void s390_pv_guest_init(Object *obj)
    169{
    170}
    171
    172static void s390_pv_guest_finalize(Object *obj)
    173{
    174}