On Mon, 7 Sep 2020 10:33:52 -0400
Janosch Frank <frankja@xxxxxxxxxxxxx> wrote:
> The storage key removal facility makes skey related instructions
> result in special operation program exceptions. It is based on the
> Keyless Subset Facility.
>
> The usual suspects are iske, sske, rrbe and their respective
> variants. lpsw(e), pfmf and tprot can also specify a key and essa with
> an ORC of 4 will consult the change bit, hence they all result in
> exceptions.
>
> Unfortunately storage keys were so essential to the architecture, that
> there is no facility bit that we could deactivate. That's why the
> removal facility (bit 169) was introduced which makes it necessary,
> that, if active, the skey related facilities 10, 14, 66, 145 and 149
> are zero. Managing this requirement and migratability has to be done
> in userspace, as KVM does not check the facilities it receives to be
> able to easily implement userspace emulation.
>
> Removing storage key support allows us to circumvent complicated
> emulation code and makes huge page support tremendously easier.
>
> Signed-off-by: Janosch Frank <frankja@xxxxxxxxxxxxx>
> ---
>
> v2:
> * Removed the likely
> * Updated and re-shuffeled the comments which had the wrong information
>
> ---
> arch/s390/kvm/intercept.c | 40 ++++++++++++++++++++++++++++++++++++++-
> arch/s390/kvm/kvm-s390.c | 5 +++++
> arch/s390/kvm/priv.c | 26 ++++++++++++++++++++++---
> 3 files changed, 67 insertions(+), 4 deletions(-)
>
> diff --git a/arch/s390/kvm/intercept.c b/arch/s390/kvm/intercept.c
> index e7a7c499a73f..983647ea2abe 100644
> --- a/arch/s390/kvm/intercept.c
> +++ b/arch/s390/kvm/intercept.c
> @@ -33,6 +33,7 @@ u8 kvm_s390_get_ilen(struct kvm_vcpu *vcpu)
> case ICPT_OPEREXC:
> case ICPT_PARTEXEC:
> case ICPT_IOINST:
> + case ICPT_KSS:
> /* instruction only stored for these icptcodes */
> ilen = insn_length(vcpu->arch.sie_block->ipa >> 8);
> /* Use the length of the EXECUTE instruction if necessary */
> @@ -565,7 +566,44 @@ int kvm_handle_sie_intercept(struct kvm_vcpu *vcpu)
> rc = handle_partial_execution(vcpu);
> break;
> case ICPT_KSS:
> - rc = kvm_s390_skey_check_enable(vcpu);
> + if (!test_kvm_facility(vcpu->kvm, 169)) {
> + rc = kvm_s390_skey_check_enable(vcpu);
> + } else {
<bikeshed>Introduce a helper function? This is getting a bit hard to
read.</bikeshed>
> + /*
> + * Storage key removal facility emulation.
> + *
> + * KSS is the same priority as an instruction
> + * interception. Hence we need handling here
> + * and in the instruction emulation code.
> + *
> + * KSS is nullifying (no psw forward), SKRF
> + * issues suppressing SPECIAL OPS, so we need
> + * to forward by hand.
> + */
> + switch (vcpu->arch.sie_block->ipa) {
> + case 0xb2b2:
> + kvm_s390_forward_psw(vcpu, kvm_s390_get_ilen(vcpu));
> + rc = kvm_s390_handle_b2(vcpu);
> + break;
> + case 0x8200:
Can we have speaking names? I can only guess that this is an lpsw...
> + kvm_s390_forward_psw(vcpu, kvm_s390_get_ilen(vcpu));
> + rc = kvm_s390_handle_lpsw(vcpu);
> + break;
> + case 0:
> + /*
> + * Interception caused by a key in a
> + * exception new PSW mask. The guest
> + * PSW has already been updated to the
> + * non-valid PSW so we only need to
> + * inject a PGM.
> + */
> + rc = kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);
> + break;
> + default:
> + kvm_s390_forward_psw(vcpu, kvm_s390_get_ilen(vcpu));
> + rc = kvm_s390_inject_program_int(vcpu, PGM_SPECIAL_OPERATION);
> + }
> + }
> break;
> case ICPT_MCHKREQ:
> case ICPT_INT_ENABLE:
