[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v10 03/16] s390x: protvirt: Support unpack facility
|
From: |
Cornelia Huck |
|
Subject: |
Re: [PATCH v10 03/16] s390x: protvirt: Support unpack facility |
|
Date: |
Thu, 19 Mar 2020 12:08:48 +0100 |
On Wed, 18 Mar 2020 10:30:34 -0400
Janosch Frank <address@hidden> wrote:
> The unpack facility provides the means to setup a protected guest. A
> protected guest cannot be introspected by the hypervisor or any
> user/administrator of the machine it is running on.
>
> Protected guests are encrypted at rest and need a special boot
> mechanism via diag308 subcode 8 and 10.
>
> Code 8 sets the PV specific IPLB which is retained separately from
> those set via code 5.
>
> Code 10 is used to unpack the VM into protected memory, verify its
> integrity and start it.
>
> Signed-off-by: Janosch Frank <address@hidden>
> Co-developed-by: Christian Borntraeger <address@hidden> [Changes
> to machine]
> Reviewed-by: David Hildenbrand <address@hidden>
> Reviewed-by: Claudio Imbrenda <address@hidden>
> ---
> hw/s390x/Makefile.objs | 1 +
> hw/s390x/ipl.c | 59 +++++++++++++-
> hw/s390x/ipl.h | 91 ++++++++++++++++++++-
> hw/s390x/pv.c | 98 +++++++++++++++++++++++
More of an aside: In MAINTAINERS, this new file will be covered by the
general s390x section, the tcg section, and the s390-ccw-virtio machine
section, but not by the kvm section. Do we want to tweak that?
> hw/s390x/s390-virtio-ccw.c | 119 +++++++++++++++++++++++++++-
> include/hw/s390x/pv.h | 55 +++++++++++++
> include/hw/s390x/s390-virtio-ccw.h | 1 +
> target/s390x/cpu.c | 2 +
> target/s390x/cpu_features_def.inc.h | 1 +
> target/s390x/diag.c | 39 ++++++++-
> target/s390x/kvm-stub.c | 5 ++
> target/s390x/kvm.c | 5 ++
> target/s390x/kvm_s390x.h | 1 +
> 13 files changed, 467 insertions(+), 10 deletions(-)
> create mode 100644 hw/s390x/pv.c
> create mode 100644 include/hw/s390x/pv.h
(...)
> diff --git a/target/s390x/cpu.c b/target/s390x/cpu.c
> index 3dd396e870357944..84029f14814b4980 100644
> --- a/target/s390x/cpu.c
> +++ b/target/s390x/cpu.c
> @@ -37,6 +37,8 @@
> #include "sysemu/hw_accel.h"
> #include "hw/qdev-properties.h"
> #ifndef CONFIG_USER_ONLY
> +#include "hw/s390x/s390-virtio-ccw.h"
> +#include "hw/s390x/pv.h"
These are probably needed because of some inline stuff dragging
definitions in?
> #include "hw/boards.h"
> #include "sysemu/arch_init.h"
> #include "sysemu/sysemu.h"
Reviewed-by: Cornelia Huck <address@hidden>
- [PATCH v10 01/16] s390x: Move diagnose 308 subcodes and rcs into ipl.h, (continued)
- [PATCH v10 01/16] s390x: Move diagnose 308 subcodes and rcs into ipl.h, Janosch Frank, 2020/03/18
- [PATCH v10 04/16] s390x: protvirt: Add migration blocker, Janosch Frank, 2020/03/18
- [PATCH v10 06/16] s390x: protvirt: KVM intercept changes, Janosch Frank, 2020/03/18
- [PATCH v10 02/16] Sync pv, Janosch Frank, 2020/03/18
- [PATCH v10 08/16] s390x: protvirt: Move STSI data over SIDAD, Janosch Frank, 2020/03/18
- [PATCH v10 03/16] s390x: protvirt: Support unpack facility, Janosch Frank, 2020/03/18
- Re: [PATCH v10 03/16] s390x: protvirt: Support unpack facility,
Cornelia Huck <=
[PATCH v10 07/16] s390x: Add SIDA memory ops, Janosch Frank, 2020/03/18
[PATCH v10 05/16] s390x: protvirt: Inhibit balloon when switching to protected mode, Janosch Frank, 2020/03/18
[PATCH v10 10/16] s390x: protvirt: Set guest IPL PSW, Janosch Frank, 2020/03/18
[PATCH v10 12/16] s390x: protvirt: Disable address checks for PV guest IO emulation, Janosch Frank, 2020/03/18