qemu/s390x-protvirt-KVM-intercept-changes.patch

From: Janosch Frank <frankja@linux.ibm.com>
Date: Mon, 13 May 2019 10:35:27 +0200
Subject: s390x: protvirt: KVM intercept changes

Git-commit: fd70eb764f176c200d6723c2ad88362f23536bfa
References: bsc#1167075

Protected VMs no longer intercept with code 4 for an instruction
interception. Instead they have codes 104 and 108 for protected
instruction interception and protected instruction notification
respectively.

The 104 mirrors the 4 interception.

The 108 is a notification interception to let KVM and QEMU know that
something changed and we need to update tracking information or
perform specific tasks. It's currently taken for the following
instructions:

* spx (To inform about the changed prefix location)
* sclp (On incorrect SCCB values, so we can inject a IRQ)
* sigp (All but "stop and store status")
* diag308 (Subcodes 0/1)

Of these exits only sclp errors, state changing sigps and diag308 will
reach QEMU. QEMU will do its parts of the job, while the ultravisor
has done the instruction part of the job.

Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
 target/s390x/kvm.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/target/s390x/kvm.c b/target/s390x/kvm.c
index b2b14bde2b251986230153adca9a..1988809ec2e7b1b6db33ba85eaef 100644
--- a/target/s390x/kvm.c
+++ b/target/s390x/kvm.c
@@ -115,6 +115,8 @@
 #define ICPT_CPU_STOP                   0x28
 #define ICPT_OPEREXC                    0x2c
 #define ICPT_IO                         0x40
+#define ICPT_PV_INSTR                   0x68
+#define ICPT_PV_INSTR_NOTIFICATION      0x6c
 
 #define NR_LOCAL_IRQS 32
 /*
@@ -1698,6 +1700,8 @@ static int handle_intercept(S390CPU *cpu)
             (long)cs->kvm_run->psw_addr);
     switch (icpt_code) {
         case ICPT_INSTRUCTION:
+        case ICPT_PV_INSTR:
+        case ICPT_PV_INSTR_NOTIFICATION:
             r = handle_instruction(cpu, run);
             break;
         case ICPT_PROGRAM:
Accepting request 787000 from home:bfrogers:branches:Virtualization - Include upstream patches targeted for the next stable release (bug fixes only) block-io-fix-bdrv_co_do_copy_on_readv.patch compat-disable-edid-on-correct-virtio-gp.patch target-ppc-Fix-rlwinm-on-ppc64.patch vhost-correctly-turn-on-VIRTIO_F_IOMMU_P.patch - s390x Protected Virtualization support - start and control guest in secure mode. (note: binary patch from patch series dropped since for s390x we rebuild the patched binary anyways) (bsc#1167075 jsc#SLE-7407) s390-sclp-improve-special-wait-psw-logic.patch s390x-Add-missing-vcpu-reset-functions.patch s390x-Add-SIDA-memory-ops.patch s390x-Add-unpack-facility-feature-to-GA1.patch s390x-Beautify-diag308-handling.patch s390x-Don-t-do-a-normal-reset-on-the-ini.patch s390x-ipl-Consolidate-iplb-validity-chec.patch s390x-kvm-Make-kvm_sclp_service_call-voi.patch s390x-Move-clear-reset.patch s390x-Move-diagnose-308-subcodes-and-rcs.patch s390x-Move-initial-reset.patch s390x-Move-reset-normal-to-shared-reset-.patch s390x-protvirt-Add-migration-blocker.patch s390x-protvirt-Disable-address-checks-fo.patch s390x-protvirt-Handle-SIGP-store-status-.patch s390x-protvirt-Inhibit-balloon-when-swit.patch s390x-protvirt-KVM-intercept-changes.patch s390x-protvirt-Move-diag-308-data-over-S.patch s390x-protvirt-Move-IO-control-structure.patch s390x-protvirt-Move-STSI-data-over-SIDAD.patch s390x-protvirt-SCLP-interpretation.patch s390x-protvirt-Set-guest-IPL-PSW.patch s390x-protvirt-Support-unpack-facility.patch Sync-pv.patch OBS-URL: https://build.opensuse.org/request/show/787000 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=538 2020-03-20 23:41:29 +01:00			`From: Janosch Frank <frankja@linux.ibm.com>`
			`Date: Mon, 13 May 2019 10:35:27 +0200`
			`Subject: s390x: protvirt: KVM intercept changes`

Accepting request 822154 from home:bfrogers:branches:Virtualization - Updating to Sphinx v3.1.2 in Factory is exposing an issue in qemu doc sources. Fix it docs-fix-trace-docs-build-with-sphinx-3..patch - Fix DoS possibility in ati-vga emulation (CVE-2020-13800 bsc#1172495) ati-vga-check-mm_index-before-recursive-.patch - Fix DoS possibility in Network Block Device (nbd) support infrastructure (CVE-2020-10761 bsc#1172710) nbd-server-Avoid-long-error-message-asse.patch - Fix null pointer dereference possibility (DoS) in MegaRAID SAS 8708EM2 emulation (CVE-2020-13659 bsc#1172386) exec-set-map-length-to-zero-when-returni.patch - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362 bsc#1172383) megasas-use-unsigned-type-for-reply_queu.patch - Fix legacy IGD passthrough hw-vfio-pci-quirks-Fix-broken-legacy-IGD.patch - The latest gcc10 available in Factory has the fix for the issue this patch was created to avoid, so drop it build-Work-around-gcc10-bug-by-not-using.patch - Switch to upstream versions of some patches we carry add-enum-cast-to-avoid-gcc10-warning.patch -> golan-Add-explicit-type-casts-for-nodnic.patch Be-explicit-about-fcommon-compiler-direc.patch -> build-Be-explicit-about-fcommon-compiler.patch Do-not-apply-WORKAROUND_CFLAGS-for-host-.patch -> build-Do-not-apply-WORKAROUND_CFLAGS-for.patch Fix-s-directive-argument-is-null-error.patch -> build-Fix-s-directive-argument-is-null-e.patch Workaround-compilation-error-with-gcc-9..patch -> build-Workaround-compilation-error-with-.patch work-around-gcc10-problem-with-zero-leng.patch -> intel-Avoid-spurious-compiler-warning-on.patch - Fix vgabios issue for cirrus graphics emulation, which effectively downgraded it to standard VGA behavior vga-fix-cirrus-bios.patch - Fix OOB access possibility in ES1370 audio device emulation (CVE-2020-13361 bsc#1172384) es1370-check-total-frame-count-against-c.patch OBS-URL: https://build.opensuse.org/request/show/822154 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=553 2020-07-22 06:19:22 +02:00			`Git-commit: fd70eb764f176c200d6723c2ad88362f23536bfa`
Accepting request 787000 from home:bfrogers:branches:Virtualization - Include upstream patches targeted for the next stable release (bug fixes only) block-io-fix-bdrv_co_do_copy_on_readv.patch compat-disable-edid-on-correct-virtio-gp.patch target-ppc-Fix-rlwinm-on-ppc64.patch vhost-correctly-turn-on-VIRTIO_F_IOMMU_P.patch - s390x Protected Virtualization support - start and control guest in secure mode. (note: binary patch from patch series dropped since for s390x we rebuild the patched binary anyways) (bsc#1167075 jsc#SLE-7407) s390-sclp-improve-special-wait-psw-logic.patch s390x-Add-missing-vcpu-reset-functions.patch s390x-Add-SIDA-memory-ops.patch s390x-Add-unpack-facility-feature-to-GA1.patch s390x-Beautify-diag308-handling.patch s390x-Don-t-do-a-normal-reset-on-the-ini.patch s390x-ipl-Consolidate-iplb-validity-chec.patch s390x-kvm-Make-kvm_sclp_service_call-voi.patch s390x-Move-clear-reset.patch s390x-Move-diagnose-308-subcodes-and-rcs.patch s390x-Move-initial-reset.patch s390x-Move-reset-normal-to-shared-reset-.patch s390x-protvirt-Add-migration-blocker.patch s390x-protvirt-Disable-address-checks-fo.patch s390x-protvirt-Handle-SIGP-store-status-.patch s390x-protvirt-Inhibit-balloon-when-swit.patch s390x-protvirt-KVM-intercept-changes.patch s390x-protvirt-Move-diag-308-data-over-S.patch s390x-protvirt-Move-IO-control-structure.patch s390x-protvirt-Move-STSI-data-over-SIDAD.patch s390x-protvirt-SCLP-interpretation.patch s390x-protvirt-Set-guest-IPL-PSW.patch s390x-protvirt-Support-unpack-facility.patch Sync-pv.patch OBS-URL: https://build.opensuse.org/request/show/787000 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=538 2020-03-20 23:41:29 +01:00			`References: bsc#1167075`

			`Protected VMs no longer intercept with code 4 for an instruction`
			`interception. Instead they have codes 104 and 108 for protected`
			`instruction interception and protected instruction notification`
			`respectively.`

			`The 104 mirrors the 4 interception.`

			`The 108 is a notification interception to let KVM and QEMU know that`
			`something changed and we need to update tracking information or`
			`perform specific tasks. It's currently taken for the following`
			`instructions:`

			`* spx (To inform about the changed prefix location)`
			`* sclp (On incorrect SCCB values, so we can inject a IRQ)`
			`* sigp (All but "stop and store status")`
			`* diag308 (Subcodes 0/1)`

			`Of these exits only sclp errors, state changing sigps and diag308 will`
			`reach QEMU. QEMU will do its parts of the job, while the ultravisor`
			`has done the instruction part of the job.`

			`Signed-off-by: Janosch Frank <frankja@linux.ibm.com>`
			`Reviewed-by: David Hildenbrand <david@redhat.com>`
			`Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>`
			`Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>`
			`Reviewed-by: Cornelia Huck <cohuck@redhat.com>`
			`Signed-off-by: Bruce Rogers <brogers@suse.com>`
			`---`
			`target/s390x/kvm.c \| 4 ++++`
			`1 file changed, 4 insertions(+)`

			`diff --git a/target/s390x/kvm.c b/target/s390x/kvm.c`
Accepting request 798748 from Virtualization:Staging Update to v5.0.0 OBS-URL: https://build.opensuse.org/request/show/798748 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=547 2020-04-29 02:12:31 +02:00			`index b2b14bde2b251986230153adca9a..1988809ec2e7b1b6db33ba85eaef 100644`
Accepting request 787000 from home:bfrogers:branches:Virtualization - Include upstream patches targeted for the next stable release (bug fixes only) block-io-fix-bdrv_co_do_copy_on_readv.patch compat-disable-edid-on-correct-virtio-gp.patch target-ppc-Fix-rlwinm-on-ppc64.patch vhost-correctly-turn-on-VIRTIO_F_IOMMU_P.patch - s390x Protected Virtualization support - start and control guest in secure mode. (note: binary patch from patch series dropped since for s390x we rebuild the patched binary anyways) (bsc#1167075 jsc#SLE-7407) s390-sclp-improve-special-wait-psw-logic.patch s390x-Add-missing-vcpu-reset-functions.patch s390x-Add-SIDA-memory-ops.patch s390x-Add-unpack-facility-feature-to-GA1.patch s390x-Beautify-diag308-handling.patch s390x-Don-t-do-a-normal-reset-on-the-ini.patch s390x-ipl-Consolidate-iplb-validity-chec.patch s390x-kvm-Make-kvm_sclp_service_call-voi.patch s390x-Move-clear-reset.patch s390x-Move-diagnose-308-subcodes-and-rcs.patch s390x-Move-initial-reset.patch s390x-Move-reset-normal-to-shared-reset-.patch s390x-protvirt-Add-migration-blocker.patch s390x-protvirt-Disable-address-checks-fo.patch s390x-protvirt-Handle-SIGP-store-status-.patch s390x-protvirt-Inhibit-balloon-when-swit.patch s390x-protvirt-KVM-intercept-changes.patch s390x-protvirt-Move-diag-308-data-over-S.patch s390x-protvirt-Move-IO-control-structure.patch s390x-protvirt-Move-STSI-data-over-SIDAD.patch s390x-protvirt-SCLP-interpretation.patch s390x-protvirt-Set-guest-IPL-PSW.patch s390x-protvirt-Support-unpack-facility.patch Sync-pv.patch OBS-URL: https://build.opensuse.org/request/show/787000 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=538 2020-03-20 23:41:29 +01:00			`--- a/target/s390x/kvm.c`
			`+++ b/target/s390x/kvm.c`
			`@@ -115,6 +115,8 @@`
			`#define ICPT_CPU_STOP 0x28`
			`#define ICPT_OPEREXC 0x2c`
			`#define ICPT_IO 0x40`
			`+#define ICPT_PV_INSTR 0x68`
			`+#define ICPT_PV_INSTR_NOTIFICATION 0x6c`

			`#define NR_LOCAL_IRQS 32`
			`/*`
Accepting request 798748 from Virtualization:Staging Update to v5.0.0 OBS-URL: https://build.opensuse.org/request/show/798748 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=547 2020-04-29 02:12:31 +02:00			`@@ -1698,6 +1700,8 @@ static int handle_intercept(S390CPU *cpu)`
Accepting request 787000 from home:bfrogers:branches:Virtualization - Include upstream patches targeted for the next stable release (bug fixes only) block-io-fix-bdrv_co_do_copy_on_readv.patch compat-disable-edid-on-correct-virtio-gp.patch target-ppc-Fix-rlwinm-on-ppc64.patch vhost-correctly-turn-on-VIRTIO_F_IOMMU_P.patch - s390x Protected Virtualization support - start and control guest in secure mode. (note: binary patch from patch series dropped since for s390x we rebuild the patched binary anyways) (bsc#1167075 jsc#SLE-7407) s390-sclp-improve-special-wait-psw-logic.patch s390x-Add-missing-vcpu-reset-functions.patch s390x-Add-SIDA-memory-ops.patch s390x-Add-unpack-facility-feature-to-GA1.patch s390x-Beautify-diag308-handling.patch s390x-Don-t-do-a-normal-reset-on-the-ini.patch s390x-ipl-Consolidate-iplb-validity-chec.patch s390x-kvm-Make-kvm_sclp_service_call-voi.patch s390x-Move-clear-reset.patch s390x-Move-diagnose-308-subcodes-and-rcs.patch s390x-Move-initial-reset.patch s390x-Move-reset-normal-to-shared-reset-.patch s390x-protvirt-Add-migration-blocker.patch s390x-protvirt-Disable-address-checks-fo.patch s390x-protvirt-Handle-SIGP-store-status-.patch s390x-protvirt-Inhibit-balloon-when-swit.patch s390x-protvirt-KVM-intercept-changes.patch s390x-protvirt-Move-diag-308-data-over-S.patch s390x-protvirt-Move-IO-control-structure.patch s390x-protvirt-Move-STSI-data-over-SIDAD.patch s390x-protvirt-SCLP-interpretation.patch s390x-protvirt-Set-guest-IPL-PSW.patch s390x-protvirt-Support-unpack-facility.patch Sync-pv.patch OBS-URL: https://build.opensuse.org/request/show/787000 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=538 2020-03-20 23:41:29 +01:00			`(long)cs->kvm_run->psw_addr);`
			`switch (icpt_code) {`
			`case ICPT_INSTRUCTION:`
			`+ case ICPT_PV_INSTR:`
			`+ case ICPT_PV_INSTR_NOTIFICATION:`
			`r = handle_instruction(cpu, run);`
			`break;`
			`case ICPT_PROGRAM:`