On Fri, 7 Feb 2020 06:39:58 -0500 Christian Borntraeger <borntraeger@xxxxxxxxxx> wrote: > From: Janosch Frank <frankja@xxxxxxxxxxxxx> > > Add documentation about protected KVM guests and description of changes > that are necessary to move a KVM VM into Protected Virtualization mode. > > Signed-off-by: Janosch Frank <frankja@xxxxxxxxxxxxx> > [borntraeger@xxxxxxxxxx: fixing and conversion to rst] > Signed-off-by: Christian Borntraeger <borntraeger@xxxxxxxxxx> > --- > Documentation/virt/kvm/index.rst | 2 + > Documentation/virt/kvm/s390-pv-boot.rst | 79 ++++++++++++++++ > Documentation/virt/kvm/s390-pv.rst | 116 ++++++++++++++++++++++++ > MAINTAINERS | 1 + > 4 files changed, 198 insertions(+) > create mode 100644 Documentation/virt/kvm/s390-pv-boot.rst > create mode 100644 Documentation/virt/kvm/s390-pv.rst > (...) > diff --git a/Documentation/virt/kvm/s390-pv-boot.rst b/Documentation/virt/kvm/s390-pv-boot.rst > new file mode 100644 > index 000000000000..47814e53369a > --- /dev/null > +++ b/Documentation/virt/kvm/s390-pv-boot.rst > @@ -0,0 +1,79 @@ > +.. SPDX-License-Identifier: GPL-2.0 > + > +====================================== > +s390 (IBM Z) Boot/IPL of Protected VMs > +====================================== > + > +Summary > +------- > +Protected Virtual Machines (PVM) are not accessible by I/O or the > +hypervisor. When the hypervisor wants to access the memory of PVMs > +the memory needs to be made accessible. When doing so, the memory will > +be encrypted. See :doc:`s390-pv` for details. Maybe "The memory of Protected Virtual Machines (PVMs) is not accessible to I/O or the hypervisor. In those cases where the hypervisor needs to access the memory of a PVM, that memory must be made accessible. Memory made accessible to the hypervisor will be encrypted. See :doc:`s390-pv` for details." ? > + > +On IPL a small plaintext bootloader is started which provides "On IPL (boot), a small plaintext bootloader is started, which..." ? > +information about the encrypted components and necessary metadata to > +KVM to decrypt the protected virtual machine. (...) > +Diag308 > +------- > +This diagnose instruction is the basis for VM IPL. The VM can set and "This diagnose instruction is the basic mechanism to handle IPL and related operations for virtual machines." ? > +retrieve IPL information blocks, that specify the IPL method/devices > +and request VM memory and subsystem resets, as well as IPLs. > + > +For PVs this concept has been extended with new subcodes: s/For PVs/For PVMs,/ (...) > +When running in protected mode some subcodes will result in exceptions s/When running in protected mode/When running in protected virtualization mode,/ ? > +or return error codes. > + > +Subcodes 4 and 7 will result in specification exceptions as they would > +not clear out the guest memory. > +When removing a secure VM, the UV will clear all memory, so we can't > +have non-clearing IPL subcodes. "Subcodes 4 and 7, which specify operations that do not clear the guest memory, will result in specification exceptions. This is because the UV will clear all memory when a secure VM is removed, and therefore non-clearing IPL subcodes are not allowed." ? (...) > diff --git a/Documentation/virt/kvm/s390-pv.rst b/Documentation/virt/kvm/s390-pv.rst > new file mode 100644 > index 000000000000..dbe9110dfd1e > --- /dev/null > +++ b/Documentation/virt/kvm/s390-pv.rst > @@ -0,0 +1,116 @@ > +.. SPDX-License-Identifier: GPL-2.0 > + > +========================================= > +s390 (IBM Z) Ultravisor and Protected VMs > +========================================= > + > +Summary > +------- > +Protected virtual machines (PVM) are KVM VMs, where KVM can't access > +the VM's state like guest memory and guest registers anymore. Instead, "...are KVM VMs that do not allow KVM to access VM state like guest memory or guest registers." ? (...) > +The Interception Parameters state description field still contains the > +the bytes of the instruction text, but with pre-set register values > +instead of the actual ones. I.e. each instruction always uses the same > +instruction text, in order not to leak guest instruction text. > +This also implies that the register content that a guest had in r<n> > +may be in r<m> from the hypervisors point of view. s/hypervisors/hypervisor's/ > + > +The Secure Instruction Data Area contains instruction storage > +data. Instruction data, i.e. data being referenced by an instruction > +like the SCCB for sclp, is moved over the SIDA. When an instruction is s/over/via/ ? > +intercepted, the SIE will only allow data and program interrupts for > +this instruction to be moved to the guest via the two data areas > +discussed before. Other data is either ignored or results in validity > +interceptions. (...)
