priv.c 36.5 KB
Newer Older
1
/*
2
 * handling privileged instructions
3
 *
4
 * Copyright IBM Corp. 2008, 2013
5 6 7 8 9 10 11 12 13 14
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License (version 2 only)
 * as published by the Free Software Foundation.
 *
 *    Author(s): Carsten Otte <cotte@de.ibm.com>
 *               Christian Borntraeger <borntraeger@de.ibm.com>
 */

#include <linux/kvm.h>
15
#include <linux/gfp.h>
16
#include <linux/errno.h>
17
#include <linux/compat.h>
18 19
#include <linux/mm_types.h>

20
#include <asm/asm-offsets.h>
21
#include <asm/facility.h>
22 23 24 25
#include <asm/current.h>
#include <asm/debug.h>
#include <asm/ebcdic.h>
#include <asm/sysinfo.h>
26
#include <asm/pgtable.h>
27
#include <asm/page-states.h>
28
#include <asm/pgalloc.h>
29
#include <asm/gmap.h>
30
#include <asm/io.h>
31 32
#include <asm/ptrace.h>
#include <asm/compat.h>
33
#include <asm/sclp.h>
34 35
#include "gaccess.h"
#include "kvm-s390.h"
36
#include "trace.h"
37

F
Fan Zhang 已提交
38 39 40
static int handle_ri(struct kvm_vcpu *vcpu)
{
	if (test_kvm_facility(vcpu->kvm, 64)) {
41
		VCPU_EVENT(vcpu, 3, "%s", "ENABLE: RI (lazy)");
42
		vcpu->arch.sie_block->ecb3 |= ECB3_RI;
F
Fan Zhang 已提交
43 44 45 46 47 48 49 50 51 52 53 54 55 56
		kvm_s390_retry_instr(vcpu);
		return 0;
	} else
		return kvm_s390_inject_program_int(vcpu, PGM_OPERATION);
}

int kvm_s390_handle_aa(struct kvm_vcpu *vcpu)
{
	if ((vcpu->arch.sie_block->ipa & 0xf) <= 4)
		return handle_ri(vcpu);
	else
		return -EOPNOTSUPP;
}

F
Fan Zhang 已提交
57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83
static int handle_gs(struct kvm_vcpu *vcpu)
{
	if (test_kvm_facility(vcpu->kvm, 133)) {
		VCPU_EVENT(vcpu, 3, "%s", "ENABLE: GS (lazy)");
		preempt_disable();
		__ctl_set_bit(2, 4);
		current->thread.gs_cb = (struct gs_cb *)&vcpu->run->s.regs.gscb;
		restore_gs_cb(current->thread.gs_cb);
		preempt_enable();
		vcpu->arch.sie_block->ecb |= ECB_GS;
		vcpu->arch.sie_block->ecd |= ECD_HOSTREGMGMT;
		vcpu->arch.gs_enabled = 1;
		kvm_s390_retry_instr(vcpu);
		return 0;
	} else
		return kvm_s390_inject_program_int(vcpu, PGM_OPERATION);
}

int kvm_s390_handle_e3(struct kvm_vcpu *vcpu)
{
	int code = vcpu->arch.sie_block->ipb & 0xff;

	if (code == 0x49 || code == 0x4d)
		return handle_gs(vcpu);
	else
		return -EOPNOTSUPP;
}
84 85 86
/* Handle SCK (SET CLOCK) interception */
static int handle_set_clock(struct kvm_vcpu *vcpu)
{
87
	int rc;
88
	u8 ar;
89
	u64 op2, val;
90 91 92 93

	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);

94
	op2 = kvm_s390_get_base_disp_s(vcpu, &ar);
95 96
	if (op2 & 7)	/* Operand must be on a doubleword boundary */
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);
97
	rc = read_guest(vcpu, op2, ar, &val, sizeof(val));
98 99
	if (rc)
		return kvm_s390_inject_prog_cond(vcpu, rc);
100

101
	VCPU_EVENT(vcpu, 3, "SCK: setting guest TOD to 0x%llx", val);
102
	kvm_s390_set_tod_clock(vcpu->kvm, val);
103 104 105 106 107

	kvm_s390_set_psw_cc(vcpu, 0);
	return 0;
}

108 109 110
static int handle_set_prefix(struct kvm_vcpu *vcpu)
{
	u64 operand2;
111 112
	u32 address;
	int rc;
113
	u8 ar;
114 115 116

	vcpu->stat.instruction_spx++;

117 118 119
	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);

120
	operand2 = kvm_s390_get_base_disp_s(vcpu, &ar);
121 122

	/* must be word boundary */
123 124
	if (operand2 & 3)
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);
125 126

	/* get the value */
127
	rc = read_guest(vcpu, operand2, ar, &address, sizeof(address));
128 129 130 131 132 133 134 135 136 137 138
	if (rc)
		return kvm_s390_inject_prog_cond(vcpu, rc);

	address &= 0x7fffe000u;

	/*
	 * Make sure the new value is valid memory. We only need to check the
	 * first page, since address is 8k aligned and memory pieces are always
	 * at least 1MB aligned and have at least a size of 1MB.
	 */
	if (kvm_is_error_gpa(vcpu->kvm, address))
139
		return kvm_s390_inject_program_int(vcpu, PGM_ADDRESSING);
140

141
	kvm_s390_set_prefix(vcpu, address);
142
	trace_kvm_s390_handle_prefix(vcpu, 1, address);
143 144 145 146 147 148 149
	return 0;
}

static int handle_store_prefix(struct kvm_vcpu *vcpu)
{
	u64 operand2;
	u32 address;
150
	int rc;
151
	u8 ar;
152 153

	vcpu->stat.instruction_stpx++;
154

155 156 157
	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);

158
	operand2 = kvm_s390_get_base_disp_s(vcpu, &ar);
159 160

	/* must be word boundary */
161 162
	if (operand2 & 3)
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);
163

164
	address = kvm_s390_get_prefix(vcpu);
165 166

	/* get the value */
167
	rc = write_guest(vcpu, operand2, ar, &address, sizeof(address));
168 169
	if (rc)
		return kvm_s390_inject_prog_cond(vcpu, rc);
170

171
	VCPU_EVENT(vcpu, 3, "STPX: storing prefix 0x%x into 0x%llx", address, operand2);
172
	trace_kvm_s390_handle_prefix(vcpu, 0, address);
173 174 175 176 177
	return 0;
}

static int handle_store_cpu_address(struct kvm_vcpu *vcpu)
{
178 179 180
	u16 vcpu_id = vcpu->vcpu_id;
	u64 ga;
	int rc;
181
	u8 ar;
182 183

	vcpu->stat.instruction_stap++;
184

185 186 187
	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);

188
	ga = kvm_s390_get_base_disp_s(vcpu, &ar);
189

190
	if (ga & 1)
191
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);
192

193
	rc = write_guest(vcpu, ga, ar, &vcpu_id, sizeof(vcpu_id));
194 195
	if (rc)
		return kvm_s390_inject_prog_cond(vcpu, rc);
196

197
	VCPU_EVENT(vcpu, 3, "STAP: storing cpu address (%u) to 0x%llx", vcpu_id, ga);
198
	trace_kvm_s390_handle_stap(vcpu, ga);
199 200 201
	return 0;
}

202
int kvm_s390_skey_check_enable(struct kvm_vcpu *vcpu)
203
{
204
	int rc = 0;
205
	struct kvm_s390_sie_block *sie_block = vcpu->arch.sie_block;
206 207

	trace_kvm_s390_skey_related_inst(vcpu);
208 209
	if (!(sie_block->ictl & (ICTL_ISKE | ICTL_SSKE | ICTL_RRBE)) &&
	    !(atomic_read(&sie_block->cpuflags) & CPUSTAT_KSS))
210
		return rc;
211

212
	rc = s390_enable_skey();
213
	VCPU_EVENT(vcpu, 3, "enabling storage keys for guest: %d", rc);
214 215 216 217 218 219 220
	if (!rc) {
		if (atomic_read(&sie_block->cpuflags) & CPUSTAT_KSS)
			atomic_andnot(CPUSTAT_KSS, &sie_block->cpuflags);
		else
			sie_block->ictl &= ~(ICTL_ISKE | ICTL_SSKE |
					     ICTL_RRBE);
	}
221
	return rc;
222 223
}

224
static int try_handle_skey(struct kvm_vcpu *vcpu)
225
{
226
	int rc;
227

228
	vcpu->stat.instruction_storage_key++;
229
	rc = kvm_s390_skey_check_enable(vcpu);
230 231
	if (rc)
		return rc;
232 233 234 235 236 237
	if (sclp.has_skey) {
		/* with storage-key facility, SIE interprets it for us */
		kvm_s390_retry_instr(vcpu);
		VCPU_EVENT(vcpu, 4, "%s", "retrying storage key operation");
		return -EAGAIN;
	}
238 239
	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);
240 241
	return 0;
}
242

243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351
static int handle_iske(struct kvm_vcpu *vcpu)
{
	unsigned long addr;
	unsigned char key;
	int reg1, reg2;
	int rc;

	rc = try_handle_skey(vcpu);
	if (rc)
		return rc != -EAGAIN ? rc : 0;

	kvm_s390_get_regs_rre(vcpu, &reg1, &reg2);

	addr = vcpu->run->s.regs.gprs[reg2] & PAGE_MASK;
	addr = kvm_s390_logical_to_effective(vcpu, addr);
	addr = kvm_s390_real_to_abs(vcpu, addr);
	addr = gfn_to_hva(vcpu->kvm, gpa_to_gfn(addr));
	if (kvm_is_error_hva(addr))
		return kvm_s390_inject_program_int(vcpu, PGM_ADDRESSING);

	down_read(&current->mm->mmap_sem);
	rc = get_guest_storage_key(current->mm, addr, &key);
	up_read(&current->mm->mmap_sem);
	if (rc)
		return kvm_s390_inject_program_int(vcpu, PGM_ADDRESSING);
	vcpu->run->s.regs.gprs[reg1] &= ~0xff;
	vcpu->run->s.regs.gprs[reg1] |= key;
	return 0;
}

static int handle_rrbe(struct kvm_vcpu *vcpu)
{
	unsigned long addr;
	int reg1, reg2;
	int rc;

	rc = try_handle_skey(vcpu);
	if (rc)
		return rc != -EAGAIN ? rc : 0;

	kvm_s390_get_regs_rre(vcpu, &reg1, &reg2);

	addr = vcpu->run->s.regs.gprs[reg2] & PAGE_MASK;
	addr = kvm_s390_logical_to_effective(vcpu, addr);
	addr = kvm_s390_real_to_abs(vcpu, addr);
	addr = gfn_to_hva(vcpu->kvm, gpa_to_gfn(addr));
	if (kvm_is_error_hva(addr))
		return kvm_s390_inject_program_int(vcpu, PGM_ADDRESSING);

	down_read(&current->mm->mmap_sem);
	rc = reset_guest_reference_bit(current->mm, addr);
	up_read(&current->mm->mmap_sem);
	if (rc < 0)
		return kvm_s390_inject_program_int(vcpu, PGM_ADDRESSING);

	kvm_s390_set_psw_cc(vcpu, rc);
	return 0;
}

#define SSKE_NQ 0x8
#define SSKE_MR 0x4
#define SSKE_MC 0x2
#define SSKE_MB 0x1
static int handle_sske(struct kvm_vcpu *vcpu)
{
	unsigned char m3 = vcpu->arch.sie_block->ipb >> 28;
	unsigned long start, end;
	unsigned char key, oldkey;
	int reg1, reg2;
	int rc;

	rc = try_handle_skey(vcpu);
	if (rc)
		return rc != -EAGAIN ? rc : 0;

	if (!test_kvm_facility(vcpu->kvm, 8))
		m3 &= ~SSKE_MB;
	if (!test_kvm_facility(vcpu->kvm, 10))
		m3 &= ~(SSKE_MC | SSKE_MR);
	if (!test_kvm_facility(vcpu->kvm, 14))
		m3 &= ~SSKE_NQ;

	kvm_s390_get_regs_rre(vcpu, &reg1, &reg2);

	key = vcpu->run->s.regs.gprs[reg1] & 0xfe;
	start = vcpu->run->s.regs.gprs[reg2] & PAGE_MASK;
	start = kvm_s390_logical_to_effective(vcpu, start);
	if (m3 & SSKE_MB) {
		/* start already designates an absolute address */
		end = (start + (1UL << 20)) & ~((1UL << 20) - 1);
	} else {
		start = kvm_s390_real_to_abs(vcpu, start);
		end = start + PAGE_SIZE;
	}

	while (start != end) {
		unsigned long addr = gfn_to_hva(vcpu->kvm, gpa_to_gfn(start));

		if (kvm_is_error_hva(addr))
			return kvm_s390_inject_program_int(vcpu, PGM_ADDRESSING);

		down_read(&current->mm->mmap_sem);
		rc = cond_set_guest_storage_key(current->mm, addr, key, &oldkey,
						m3 & SSKE_NQ, m3 & SSKE_MR,
						m3 & SSKE_MC);
		up_read(&current->mm->mmap_sem);
		if (rc < 0)
			return kvm_s390_inject_program_int(vcpu, PGM_ADDRESSING);
		start += PAGE_SIZE;
352
	}
353 354 355 356 357 358 359 360 361 362 363 364

	if (m3 & (SSKE_MC | SSKE_MR)) {
		if (m3 & SSKE_MB) {
			/* skey in reg1 is unpredictable */
			kvm_s390_set_psw_cc(vcpu, 3);
		} else {
			kvm_s390_set_psw_cc(vcpu, rc);
			vcpu->run->s.regs.gprs[reg1] &= ~0xff00UL;
			vcpu->run->s.regs.gprs[reg1] |= (u64) oldkey << 8;
		}
	}
	if (m3 & SSKE_MB) {
H
Heiko Carstens 已提交
365
		if (psw_bits(vcpu->arch.sie_block->gpsw).eaba == PSW_BITS_AMODE_64BIT)
366 367 368 369 370 371
			vcpu->run->s.regs.gprs[reg2] &= ~PAGE_MASK;
		else
			vcpu->run->s.regs.gprs[reg2] &= ~0xfffff000UL;
		end = kvm_s390_logical_to_effective(vcpu, end);
		vcpu->run->s.regs.gprs[reg2] |= end;
	}
372 373 374
	return 0;
}

375 376 377
static int handle_ipte_interlock(struct kvm_vcpu *vcpu)
{
	vcpu->stat.instruction_ipte_interlock++;
378
	if (psw_bits(vcpu->arch.sie_block->gpsw).pstate)
379 380
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);
	wait_event(vcpu->kvm->arch.ipte_wq, !ipte_lock_held(vcpu));
381
	kvm_s390_retry_instr(vcpu);
382 383 384 385
	VCPU_EVENT(vcpu, 4, "%s", "retrying ipte interlock operation");
	return 0;
}

T
Thomas Huth 已提交
386 387 388 389 390 391 392 393 394 395
static int handle_test_block(struct kvm_vcpu *vcpu)
{
	gpa_t addr;
	int reg2;

	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);

	kvm_s390_get_regs_rre(vcpu, NULL, &reg2);
	addr = vcpu->run->s.regs.gprs[reg2] & PAGE_MASK;
396
	addr = kvm_s390_logical_to_effective(vcpu, addr);
397
	if (kvm_s390_check_low_addr_prot_real(vcpu, addr))
398
		return kvm_s390_inject_prog_irq(vcpu, &vcpu->arch.pgm);
T
Thomas Huth 已提交
399 400
	addr = kvm_s390_real_to_abs(vcpu, addr);

401
	if (kvm_is_error_gpa(vcpu->kvm, addr))
T
Thomas Huth 已提交
402 403 404 405 406
		return kvm_s390_inject_program_int(vcpu, PGM_ADDRESSING);
	/*
	 * We don't expect errors on modern systems, and do not care
	 * about storage keys (yet), so let's just clear the page.
	 */
407
	if (kvm_clear_guest(vcpu->kvm, addr, PAGE_SIZE))
T
Thomas Huth 已提交
408 409 410 411 412 413
		return -EFAULT;
	kvm_s390_set_psw_cc(vcpu, 0);
	vcpu->run->s.regs.gprs[0] = 0;
	return 0;
}

414
static int handle_tpi(struct kvm_vcpu *vcpu)
415
{
416
	struct kvm_s390_interrupt_info *inti;
H
Heiko Carstens 已提交
417 418
	unsigned long len;
	u32 tpi_data[3];
419
	int rc;
420
	u64 addr;
421
	u8 ar;
422

423
	addr = kvm_s390_get_base_disp_s(vcpu, &ar);
424 425
	if (addr & 3)
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);
426

427
	inti = kvm_s390_get_io_int(vcpu->kvm, vcpu->arch.sie_block->gcr[6], 0);
428 429 430 431 432
	if (!inti) {
		kvm_s390_set_psw_cc(vcpu, 0);
		return 0;
	}

H
Heiko Carstens 已提交
433 434 435
	tpi_data[0] = inti->io.subchannel_id << 16 | inti->io.subchannel_nr;
	tpi_data[1] = inti->io.io_int_parm;
	tpi_data[2] = inti->io.io_int_word;
436 437 438 439 440
	if (addr) {
		/*
		 * Store the two-word I/O interruption code into the
		 * provided area.
		 */
H
Heiko Carstens 已提交
441
		len = sizeof(tpi_data) - 4;
442
		rc = write_guest(vcpu, addr, ar, &tpi_data, len);
443 444 445 446
		if (rc) {
			rc = kvm_s390_inject_prog_cond(vcpu, rc);
			goto reinject_interrupt;
		}
447 448 449 450 451
	} else {
		/*
		 * Store the three-word I/O interruption code into
		 * the appropriate lowcore area.
		 */
H
Heiko Carstens 已提交
452
		len = sizeof(tpi_data);
453 454
		if (write_guest_lc(vcpu, __LC_SUBCHANNEL_ID, &tpi_data, len)) {
			/* failed writes to the low core are not recoverable */
H
Heiko Carstens 已提交
455
			rc = -EFAULT;
456 457
			goto reinject_interrupt;
		}
458
	}
459 460 461 462 463 464

	/* irq was successfully handed to the guest */
	kfree(inti);
	kvm_s390_set_psw_cc(vcpu, 1);
	return 0;
reinject_interrupt:
465 466 467 468 469
	/*
	 * If we encounter a problem storing the interruption code, the
	 * instruction is suppressed from the guest's view: reinject the
	 * interrupt.
	 */
470 471 472 473
	if (kvm_s390_reinject_io_int(vcpu->kvm, inti)) {
		kfree(inti);
		rc = -EFAULT;
	}
474
	/* don't set the cc, a pgm irq was injected or we drop to user space */
H
Heiko Carstens 已提交
475
	return rc ? -EFAULT : 0;
476 477
}

478 479
static int handle_tsch(struct kvm_vcpu *vcpu)
{
480 481
	struct kvm_s390_interrupt_info *inti = NULL;
	const u64 isc_mask = 0xffUL << 24; /* all iscs set */
482

483 484 485 486
	/* a valid schid has at least one bit set */
	if (vcpu->run->s.regs.gprs[1])
		inti = kvm_s390_get_io_int(vcpu->kvm, isc_mask,
					   vcpu->run->s.regs.gprs[1]);
487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512

	/*
	 * Prepare exit to userspace.
	 * We indicate whether we dequeued a pending I/O interrupt
	 * so that userspace can re-inject it if the instruction gets
	 * a program check. While this may re-order the pending I/O
	 * interrupts, this is no problem since the priority is kept
	 * intact.
	 */
	vcpu->run->exit_reason = KVM_EXIT_S390_TSCH;
	vcpu->run->s390_tsch.dequeued = !!inti;
	if (inti) {
		vcpu->run->s390_tsch.subchannel_id = inti->io.subchannel_id;
		vcpu->run->s390_tsch.subchannel_nr = inti->io.subchannel_nr;
		vcpu->run->s390_tsch.io_int_parm = inti->io.io_int_parm;
		vcpu->run->s390_tsch.io_int_word = inti->io.io_int_word;
	}
	vcpu->run->s390_tsch.ipb = vcpu->arch.sie_block->ipb;
	kfree(inti);
	return -EREMOTE;
}

static int handle_io_inst(struct kvm_vcpu *vcpu)
{
	VCPU_EVENT(vcpu, 4, "%s", "I/O instruction");

513 514 515
	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);

516 517 518 519 520 521 522 523 524 525 526 527 528
	if (vcpu->kvm->arch.css_support) {
		/*
		 * Most I/O instructions will be handled by userspace.
		 * Exceptions are tpi and the interrupt portion of tsch.
		 */
		if (vcpu->arch.sie_block->ipa == 0xb236)
			return handle_tpi(vcpu);
		if (vcpu->arch.sie_block->ipa == 0xb235)
			return handle_tsch(vcpu);
		/* Handle in userspace. */
		return -EOPNOTSUPP;
	} else {
		/*
529
		 * Set condition code 3 to stop the guest from issuing channel
530 531
		 * I/O instructions.
		 */
532
		kvm_s390_set_psw_cc(vcpu, 3);
533 534 535 536
		return 0;
	}
}

537 538 539
static int handle_stfl(struct kvm_vcpu *vcpu)
{
	int rc;
540
	unsigned int fac;
541 542

	vcpu->stat.instruction_stfl++;
543 544 545 546

	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);

547 548 549 550
	/*
	 * We need to shift the lower 32 facility bits (bit 0-31) from a u64
	 * into a u32 memory representation. They will remain bits 0-31.
	 */
551
	fac = *vcpu->kvm->arch.model.fac_list >> 32;
552
	rc = write_guest_lc(vcpu, offsetof(struct lowcore, stfl_fac_list),
553
			    &fac, sizeof(fac));
554
	if (rc)
555
		return rc;
556
	VCPU_EVENT(vcpu, 3, "STFL: store facility list 0x%x", fac);
557
	trace_kvm_s390_handle_stfl(vcpu, fac);
558 559 560
	return 0;
}

561 562
#define PSW_MASK_ADDR_MODE (PSW_MASK_EA | PSW_MASK_BA)
#define PSW_MASK_UNASSIGNED 0xb80800fe7fffffffUL
563
#define PSW_ADDR_24 0x0000000000ffffffUL
564 565
#define PSW_ADDR_31 0x000000007fffffffUL

T
Thomas Huth 已提交
566 567
int is_valid_psw(psw_t *psw)
{
568 569 570 571 572 573 574 575 576 577
	if (psw->mask & PSW_MASK_UNASSIGNED)
		return 0;
	if ((psw->mask & PSW_MASK_ADDR_MODE) == PSW_MASK_BA) {
		if (psw->addr & ~PSW_ADDR_31)
			return 0;
	}
	if (!(psw->mask & PSW_MASK_ADDR_MODE) && (psw->addr & ~PSW_ADDR_24))
		return 0;
	if ((psw->mask & PSW_MASK_ADDR_MODE) ==  PSW_MASK_EA)
		return 0;
T
Thomas Huth 已提交
578 579
	if (psw->addr & 1)
		return 0;
580 581 582
	return 1;
}

583 584
int kvm_s390_handle_lpsw(struct kvm_vcpu *vcpu)
{
585
	psw_t *gpsw = &vcpu->arch.sie_block->gpsw;
586
	psw_compat_t new_psw;
587
	u64 addr;
588
	int rc;
589
	u8 ar;
590

591
	if (gpsw->mask & PSW_MASK_PSTATE)
592 593
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);

594
	addr = kvm_s390_get_base_disp_s(vcpu, &ar);
595 596
	if (addr & 7)
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);
597

598
	rc = read_guest(vcpu, addr, ar, &new_psw, sizeof(new_psw));
599 600
	if (rc)
		return kvm_s390_inject_prog_cond(vcpu, rc);
601 602
	if (!(new_psw.mask & PSW32_MASK_BASE))
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);
603 604 605 606
	gpsw->mask = (new_psw.mask & ~PSW32_MASK_BASE) << 32;
	gpsw->mask |= new_psw.addr & PSW32_ADDR_AMODE;
	gpsw->addr = new_psw.addr & ~PSW32_ADDR_AMODE;
	if (!is_valid_psw(gpsw))
607
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);
608 609 610 611 612 613
	return 0;
}

static int handle_lpswe(struct kvm_vcpu *vcpu)
{
	psw_t new_psw;
614
	u64 addr;
615
	int rc;
616
	u8 ar;
617

618 619 620
	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);

621
	addr = kvm_s390_get_base_disp_s(vcpu, &ar);
622 623
	if (addr & 7)
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);
624
	rc = read_guest(vcpu, addr, ar, &new_psw, sizeof(new_psw));
625 626
	if (rc)
		return kvm_s390_inject_prog_cond(vcpu, rc);
627 628
	vcpu->arch.sie_block->gpsw = new_psw;
	if (!is_valid_psw(&vcpu->arch.sie_block->gpsw))
629
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);
630 631 632
	return 0;
}

633 634
static int handle_stidp(struct kvm_vcpu *vcpu)
{
635
	u64 stidp_data = vcpu->kvm->arch.model.cpuid;
636
	u64 operand2;
637
	int rc;
638
	u8 ar;
639 640

	vcpu->stat.instruction_stidp++;
641

642 643 644
	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);

645
	operand2 = kvm_s390_get_base_disp_s(vcpu, &ar);
646

647 648
	if (operand2 & 7)
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);
649

650
	rc = write_guest(vcpu, operand2, ar, &stidp_data, sizeof(stidp_data));
651 652
	if (rc)
		return kvm_s390_inject_prog_cond(vcpu, rc);
653

654
	VCPU_EVENT(vcpu, 3, "STIDP: store cpu id 0x%llx", stidp_data);
655 656 657 658 659 660 661 662
	return 0;
}

static void handle_stsi_3_2_2(struct kvm_vcpu *vcpu, struct sysinfo_3_2_2 *mem)
{
	int cpus = 0;
	int n;

663
	cpus = atomic_read(&vcpu->kvm->online_vcpus);
664 665

	/* deal with other level 3 hypervisors */
666
	if (stsi(mem, 3, 2, 2))
667 668 669 670 671 672
		mem->count = 0;
	if (mem->count < 8)
		mem->count++;
	for (n = mem->count - 1; n > 0 ; n--)
		memcpy(&mem->vm[n], &mem->vm[n - 1], sizeof(mem->vm[0]));

673
	memset(&mem->vm[0], 0, sizeof(mem->vm[0]));
674 675 676 677 678 679 680 681 682 683 684
	mem->vm[0].cpus_total = cpus;
	mem->vm[0].cpus_configured = cpus;
	mem->vm[0].cpus_standby = 0;
	mem->vm[0].cpus_reserved = 0;
	mem->vm[0].caf = 1000;
	memcpy(mem->vm[0].name, "KVMguest", 8);
	ASCEBC(mem->vm[0].name, 8);
	memcpy(mem->vm[0].cpi, "KVM/Linux       ", 16);
	ASCEBC(mem->vm[0].cpi, 16);
}

685
static void insert_stsi_usr_data(struct kvm_vcpu *vcpu, u64 addr, u8 ar,
686 687 688 689 690 691 692 693 694 695
				 u8 fc, u8 sel1, u16 sel2)
{
	vcpu->run->exit_reason = KVM_EXIT_S390_STSI;
	vcpu->run->s390_stsi.addr = addr;
	vcpu->run->s390_stsi.ar = ar;
	vcpu->run->s390_stsi.fc = fc;
	vcpu->run->s390_stsi.sel1 = sel1;
	vcpu->run->s390_stsi.sel2 = sel2;
}

696 697
static int handle_stsi(struct kvm_vcpu *vcpu)
{
698 699 700
	int fc = (vcpu->run->s.regs.gprs[0] & 0xf0000000) >> 28;
	int sel1 = vcpu->run->s.regs.gprs[0] & 0xff;
	int sel2 = vcpu->run->s.regs.gprs[1] & 0xffff;
701
	unsigned long mem = 0;
702
	u64 operand2;
703
	int rc = 0;
704
	u8 ar;
705 706

	vcpu->stat.instruction_stsi++;
707
	VCPU_EVENT(vcpu, 3, "STSI: fc: %u sel1: %u sel2: %u", fc, sel1, sel2);
708

709 710 711
	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);

712
	if (fc > 3) {
713
		kvm_s390_set_psw_cc(vcpu, 3);
714 715
		return 0;
	}
716

717 718
	if (vcpu->run->s.regs.gprs[0] & 0x0fffff00
	    || vcpu->run->s.regs.gprs[1] & 0xffff0000)
719 720
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);

721
	if (fc == 0) {
722
		vcpu->run->s.regs.gprs[0] = 3 << 28;
723
		kvm_s390_set_psw_cc(vcpu, 0);
724
		return 0;
725 726
	}

727
	operand2 = kvm_s390_get_base_disp_s(vcpu, &ar);
728 729 730 731 732

	if (operand2 & 0xfff)
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);

	switch (fc) {
733 734 735 736
	case 1: /* same handling for 1 and 2 */
	case 2:
		mem = get_zeroed_page(GFP_KERNEL);
		if (!mem)
737
			goto out_no_data;
738
		if (stsi((void *) mem, fc, sel1, sel2))
739
			goto out_no_data;
740 741 742
		break;
	case 3:
		if (sel1 != 2 || sel2 != 2)
743
			goto out_no_data;
744 745
		mem = get_zeroed_page(GFP_KERNEL);
		if (!mem)
746
			goto out_no_data;
747 748 749 750
		handle_stsi_3_2_2(vcpu, (void *) mem);
		break;
	}

751
	rc = write_guest(vcpu, operand2, ar, (void *)mem, PAGE_SIZE);
752 753 754
	if (rc) {
		rc = kvm_s390_inject_prog_cond(vcpu, rc);
		goto out;
755
	}
756 757 758 759
	if (vcpu->kvm->arch.user_stsi) {
		insert_stsi_usr_data(vcpu, operand2, ar, fc, sel1, sel2);
		rc = -EREMOTE;
	}
760
	trace_kvm_s390_handle_stsi(vcpu, fc, sel1, sel2, operand2);
761
	free_page(mem);
762
	kvm_s390_set_psw_cc(vcpu, 0);
763
	vcpu->run->s.regs.gprs[0] = 0;
764
	return rc;
765
out_no_data:
766
	kvm_s390_set_psw_cc(vcpu, 3);
767
out:
768
	free_page(mem);
769
	return rc;
770 771
}

772
static const intercept_handler_t b2_handlers[256] = {
773
	[0x02] = handle_stidp,
774
	[0x04] = handle_set_clock,
775 776 777
	[0x10] = handle_set_prefix,
	[0x11] = handle_store_prefix,
	[0x12] = handle_store_cpu_address,
778
	[0x14] = kvm_s390_handle_vsie,
779
	[0x21] = handle_ipte_interlock,
780 781 782
	[0x29] = handle_iske,
	[0x2a] = handle_rrbe,
	[0x2b] = handle_sske,
T
Thomas Huth 已提交
783
	[0x2c] = handle_test_block,
784 785 786 787 788 789 790 791 792 793 794 795 796
	[0x30] = handle_io_inst,
	[0x31] = handle_io_inst,
	[0x32] = handle_io_inst,
	[0x33] = handle_io_inst,
	[0x34] = handle_io_inst,
	[0x35] = handle_io_inst,
	[0x36] = handle_io_inst,
	[0x37] = handle_io_inst,
	[0x38] = handle_io_inst,
	[0x39] = handle_io_inst,
	[0x3a] = handle_io_inst,
	[0x3b] = handle_io_inst,
	[0x3c] = handle_io_inst,
797
	[0x50] = handle_ipte_interlock,
798
	[0x56] = handle_sthyi,
799 800 801
	[0x5f] = handle_io_inst,
	[0x74] = handle_io_inst,
	[0x76] = handle_io_inst,
802 803
	[0x7d] = handle_stsi,
	[0xb1] = handle_stfl,
804
	[0xb2] = handle_lpswe,
805 806
};

807
int kvm_s390_handle_b2(struct kvm_vcpu *vcpu)
808 809 810
{
	intercept_handler_t handler;

811
	/*
812 813 814 815
	 * A lot of B2 instructions are priviledged. Here we check for
	 * the privileged ones, that we can handle in the kernel.
	 * Anything else goes to userspace.
	 */
816
	handler = b2_handlers[vcpu->arch.sie_block->ipa & 0x00ff];
817 818 819
	if (handler)
		return handler(vcpu);

820
	return -EOPNOTSUPP;
821
}
822

823 824 825 826
static int handle_epsw(struct kvm_vcpu *vcpu)
{
	int reg1, reg2;

827
	kvm_s390_get_regs_rre(vcpu, &reg1, &reg2);
828 829

	/* This basically extracts the mask half of the psw. */
830
	vcpu->run->s.regs.gprs[reg1] &= 0xffffffff00000000UL;
831 832
	vcpu->run->s.regs.gprs[reg1] |= vcpu->arch.sie_block->gpsw.mask >> 32;
	if (reg2) {
833
		vcpu->run->s.regs.gprs[reg2] &= 0xffffffff00000000UL;
834
		vcpu->run->s.regs.gprs[reg2] |=
835
			vcpu->arch.sie_block->gpsw.mask & 0x00000000ffffffffUL;
836 837 838 839
	}
	return 0;
}

840 841 842 843 844 845 846 847 848 849 850 851
#define PFMF_RESERVED   0xfffc0101UL
#define PFMF_SK         0x00020000UL
#define PFMF_CF         0x00010000UL
#define PFMF_UI         0x00008000UL
#define PFMF_FSC        0x00007000UL
#define PFMF_NQ         0x00000800UL
#define PFMF_MR         0x00000400UL
#define PFMF_MC         0x00000200UL
#define PFMF_KEY        0x000000feUL

static int handle_pfmf(struct kvm_vcpu *vcpu)
{
852
	bool mr = false, mc = false, nq;
853 854
	int reg1, reg2;
	unsigned long start, end;
855
	unsigned char key;
856 857 858 859 860

	vcpu->stat.instruction_pfmf++;

	kvm_s390_get_regs_rre(vcpu, &reg1, &reg2);

861
	if (!test_kvm_facility(vcpu->kvm, 8))
862 863 864
		return kvm_s390_inject_program_int(vcpu, PGM_OPERATION);

	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
865
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);
866 867 868 869

	if (vcpu->run->s.regs.gprs[reg1] & PFMF_RESERVED)
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);

870 871 872
	/* Only provide non-quiescing support if enabled for the guest */
	if (vcpu->run->s.regs.gprs[reg1] & PFMF_NQ &&
	    !test_kvm_facility(vcpu->kvm, 14))
873 874
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);

875 876 877 878 879 880 881 882 883
	/* Only provide conditional-SSKE support if enabled for the guest */
	if (vcpu->run->s.regs.gprs[reg1] & PFMF_SK &&
	    test_kvm_facility(vcpu->kvm, 10)) {
		mr = vcpu->run->s.regs.gprs[reg1] & PFMF_MR;
		mc = vcpu->run->s.regs.gprs[reg1] & PFMF_MC;
	}

	nq = vcpu->run->s.regs.gprs[reg1] & PFMF_NQ;
	key = vcpu->run->s.regs.gprs[reg1] & PFMF_KEY;
884
	start = vcpu->run->s.regs.gprs[reg2] & PAGE_MASK;
885
	start = kvm_s390_logical_to_effective(vcpu, start);
T
Thomas Huth 已提交
886

887 888 889 890 891
	if (vcpu->run->s.regs.gprs[reg1] & PFMF_CF) {
		if (kvm_s390_check_low_addr_prot_real(vcpu, start))
			return kvm_s390_inject_prog_irq(vcpu, &vcpu->arch.pgm);
	}

892 893
	switch (vcpu->run->s.regs.gprs[reg1] & PFMF_FSC) {
	case 0x00000000:
894 895
		/* only 4k frames specify a real address */
		start = kvm_s390_real_to_abs(vcpu, start);
896 897 898 899 900 901
		end = (start + (1UL << 12)) & ~((1UL << 12) - 1);
		break;
	case 0x00001000:
		end = (start + (1UL << 20)) & ~((1UL << 20) - 1);
		break;
	case 0x00002000:
902 903 904
		/* only support 2G frame size if EDAT2 is available and we are
		   not in 24-bit addressing mode */
		if (!test_kvm_facility(vcpu->kvm, 78) ||
H
Heiko Carstens 已提交
905
		    psw_bits(vcpu->arch.sie_block->gpsw).eaba == PSW_BITS_AMODE_24BIT)
906
			return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);
907
		end = (start + (1UL << 31)) & ~((1UL << 31) - 1);
908
		break;
909 910 911
	default:
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);
	}
912

913
	while (start != end) {
914
		unsigned long useraddr;
T
Thomas Huth 已提交
915 916

		/* Translate guest address to host address */
917
		useraddr = gfn_to_hva(vcpu->kvm, gpa_to_gfn(start));
T
Thomas Huth 已提交
918
		if (kvm_is_error_hva(useraddr))
919 920 921 922 923 924 925 926
			return kvm_s390_inject_program_int(vcpu, PGM_ADDRESSING);

		if (vcpu->run->s.regs.gprs[reg1] & PFMF_CF) {
			if (clear_user((void __user *)useraddr, PAGE_SIZE))
				return kvm_s390_inject_program_int(vcpu, PGM_ADDRESSING);
		}

		if (vcpu->run->s.regs.gprs[reg1] & PFMF_SK) {
927
			int rc = kvm_s390_skey_check_enable(vcpu);
928 929 930

			if (rc)
				return rc;
931
			down_read(&current->mm->mmap_sem);
932 933
			rc = cond_set_guest_storage_key(current->mm, useraddr,
							key, NULL, nq, mr, mc);
934
			up_read(&current->mm->mmap_sem);
935
			if (rc < 0)
936 937 938 939 940
				return kvm_s390_inject_program_int(vcpu, PGM_ADDRESSING);
		}

		start += PAGE_SIZE;
	}
941
	if (vcpu->run->s.regs.gprs[reg1] & PFMF_FSC) {
H
Heiko Carstens 已提交
942
		if (psw_bits(vcpu->arch.sie_block->gpsw).eaba == PSW_BITS_AMODE_64BIT) {
943 944 945 946 947 948 949
			vcpu->run->s.regs.gprs[reg2] = end;
		} else {
			vcpu->run->s.regs.gprs[reg2] &= ~0xffffffffUL;
			end = kvm_s390_logical_to_effective(vcpu, end);
			vcpu->run->s.regs.gprs[reg2] |= end;
		}
	}
950 951 952
	return 0;
}

953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011
static inline int do_essa(struct kvm_vcpu *vcpu, const int orc)
{
	struct kvm_s390_migration_state *ms = vcpu->kvm->arch.migration_state;
	int r1, r2, nappended, entries;
	unsigned long gfn, hva, res, pgstev, ptev;
	unsigned long *cbrlo;

	/*
	 * We don't need to set SD.FPF.SK to 1 here, because if we have a
	 * machine check here we either handle it or crash
	 */

	kvm_s390_get_regs_rre(vcpu, &r1, &r2);
	gfn = vcpu->run->s.regs.gprs[r2] >> PAGE_SHIFT;
	hva = gfn_to_hva(vcpu->kvm, gfn);
	entries = (vcpu->arch.sie_block->cbrlo & ~PAGE_MASK) >> 3;

	if (kvm_is_error_hva(hva))
		return kvm_s390_inject_program_int(vcpu, PGM_ADDRESSING);

	nappended = pgste_perform_essa(vcpu->kvm->mm, hva, orc, &ptev, &pgstev);
	if (nappended < 0) {
		res = orc ? 0x10 : 0;
		vcpu->run->s.regs.gprs[r1] = res; /* Exception Indication */
		return 0;
	}
	res = (pgstev & _PGSTE_GPS_USAGE_MASK) >> 22;
	/*
	 * Set the block-content state part of the result. 0 means resident, so
	 * nothing to do if the page is valid. 2 is for preserved pages
	 * (non-present and non-zero), and 3 for zero pages (non-present and
	 * zero).
	 */
	if (ptev & _PAGE_INVALID) {
		res |= 2;
		if (pgstev & _PGSTE_GPS_ZERO)
			res |= 1;
	}
	vcpu->run->s.regs.gprs[r1] = res;
	/*
	 * It is possible that all the normal 511 slots were full, in which case
	 * we will now write in the 512th slot, which is reserved for host use.
	 * In both cases we let the normal essa handling code process all the
	 * slots, including the reserved one, if needed.
	 */
	if (nappended > 0) {
		cbrlo = phys_to_virt(vcpu->arch.sie_block->cbrlo & PAGE_MASK);
		cbrlo[entries] = gfn << PAGE_SHIFT;
	}

	if (orc) {
		/* increment only if we are really flipping the bit to 1 */
		if (!test_and_set_bit(gfn, ms->pgste_bitmap))
			atomic64_inc(&ms->dirty_pages);
	}

	return nappended;
}

1012 1013 1014 1015
static int handle_essa(struct kvm_vcpu *vcpu)
{
	/* entries expected to be 1FF */
	int entries = (vcpu->arch.sie_block->cbrlo & ~PAGE_MASK) >> 3;
1016
	unsigned long *cbrlo;
1017
	struct gmap *gmap;
1018
	int i, orc;
1019

1020
	VCPU_EVENT(vcpu, 4, "ESSA: release %d pages", entries);
1021 1022
	gmap = vcpu->arch.gmap;
	vcpu->stat.instruction_essa++;
1023
	if (!vcpu->kvm->arch.use_cmma)
1024 1025 1026 1027
		return kvm_s390_inject_program_int(vcpu, PGM_OPERATION);

	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);
1028 1029 1030
	/* Check for invalid operation request code */
	orc = (vcpu->arch.sie_block->ipb & 0xf0000000) >> 28;
	if (orc > ESSA_MAX)
1031 1032
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);

1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066
	if (likely(!vcpu->kvm->arch.migration_state)) {
		/*
		 * CMMA is enabled in the KVM settings, but is disabled in
		 * the SIE block and in the mm_context, and we are not doing
		 * a migration. Enable CMMA in the mm_context.
		 * Since we need to take a write lock to write to the context
		 * to avoid races with storage keys handling, we check if the
		 * value really needs to be written to; if the value is
		 * already correct, we do nothing and avoid the lock.
		 */
		if (vcpu->kvm->mm->context.use_cmma == 0) {
			down_write(&vcpu->kvm->mm->mmap_sem);
			vcpu->kvm->mm->context.use_cmma = 1;
			up_write(&vcpu->kvm->mm->mmap_sem);
		}
		/*
		 * If we are here, we are supposed to have CMMA enabled in
		 * the SIE block. Enabling CMMA works on a per-CPU basis,
		 * while the context use_cmma flag is per process.
		 * It's possible that the context flag is enabled and the
		 * SIE flag is not, so we set the flag always; if it was
		 * already set, nothing changes, otherwise we enable it
		 * on this CPU too.
		 */
		vcpu->arch.sie_block->ecb2 |= ECB2_CMMA;
		/* Retry the ESSA instruction */
		kvm_s390_retry_instr(vcpu);
	} else {
		/* Account for the possible extra cbrl entry */
		i = do_essa(vcpu, orc);
		if (i < 0)
			return i;
		entries += i;
	}
1067 1068 1069
	vcpu->arch.sie_block->cbrlo &= PAGE_MASK;	/* reset nceo */
	cbrlo = phys_to_virt(vcpu->arch.sie_block->cbrlo);
	down_read(&gmap->mm->mmap_sem);
1070 1071
	for (i = 0; i < entries; ++i)
		__gmap_zap(gmap, cbrlo[i]);
1072 1073 1074 1075
	up_read(&gmap->mm->mmap_sem);
	return 0;
}

1076
static const intercept_handler_t b9_handlers[256] = {
1077
	[0x8a] = handle_ipte_interlock,
1078
	[0x8d] = handle_epsw,
1079 1080
	[0x8e] = handle_ipte_interlock,
	[0x8f] = handle_ipte_interlock,
1081
	[0xab] = handle_essa,
1082
	[0xaf] = handle_pfmf,
1083 1084 1085 1086 1087 1088 1089 1090
};

int kvm_s390_handle_b9(struct kvm_vcpu *vcpu)
{
	intercept_handler_t handler;

	/* This is handled just as for the B2 instructions. */
	handler = b9_handlers[vcpu->arch.sie_block->ipa & 0x00ff];
1091 1092 1093
	if (handler)
		return handler(vcpu);

1094 1095 1096
	return -EOPNOTSUPP;
}

1097 1098 1099 1100
int kvm_s390_handle_lctl(struct kvm_vcpu *vcpu)
{
	int reg1 = (vcpu->arch.sie_block->ipa & 0x00f0) >> 4;
	int reg3 = vcpu->arch.sie_block->ipa & 0x000f;
1101 1102
	int reg, rc, nr_regs;
	u32 ctl_array[16];
1103
	u64 ga;
1104
	u8 ar;
1105 1106 1107 1108 1109 1110

	vcpu->stat.instruction_lctl++;

	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);

1111
	ga = kvm_s390_get_base_disp_rs(vcpu, &ar);
1112

1113
	if (ga & 3)
1114 1115
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);

1116
	VCPU_EVENT(vcpu, 4, "LCTL: r1:%d, r3:%d, addr: 0x%llx", reg1, reg3, ga);
1117
	trace_kvm_s390_handle_lctl(vcpu, 0, reg1, reg3, ga);
1118

1119
	nr_regs = ((reg3 - reg1) & 0xf) + 1;
1120
	rc = read_guest(vcpu, ga, ar, ctl_array, nr_regs * sizeof(u32));
1121 1122
	if (rc)
		return kvm_s390_inject_prog_cond(vcpu, rc);
1123
	reg = reg1;
1124
	nr_regs = 0;
1125 1126
	do {
		vcpu->arch.sie_block->gcr[reg] &= 0xffffffff00000000ul;
1127
		vcpu->arch.sie_block->gcr[reg] |= ctl_array[nr_regs++];
1128 1129 1130 1131
		if (reg == reg3)
			break;
		reg = (reg + 1) % 16;
	} while (1);
1132
	kvm_make_request(KVM_REQ_TLB_FLUSH, vcpu);
1133 1134 1135
	return 0;
}

1136 1137 1138 1139
int kvm_s390_handle_stctl(struct kvm_vcpu *vcpu)
{
	int reg1 = (vcpu->arch.sie_block->ipa & 0x00f0) >> 4;
	int reg3 = vcpu->arch.sie_block->ipa & 0x000f;
1140 1141
	int reg, rc, nr_regs;
	u32 ctl_array[16];
1142
	u64 ga;
1143
	u8 ar;
1144 1145 1146 1147 1148 1149

	vcpu->stat.instruction_stctl++;

	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);

1150
	ga = kvm_s390_get_base_disp_rs(vcpu, &ar);
1151 1152 1153 1154

	if (ga & 3)
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);

1155
	VCPU_EVENT(vcpu, 4, "STCTL r1:%d, r3:%d, addr: 0x%llx", reg1, reg3, ga);
1156 1157 1158
	trace_kvm_s390_handle_stctl(vcpu, 0, reg1, reg3, ga);

	reg = reg1;
1159
	nr_regs = 0;
1160
	do {
1161
		ctl_array[nr_regs++] = vcpu->arch.sie_block->gcr[reg];
1162 1163 1164 1165
		if (reg == reg3)
			break;
		reg = (reg + 1) % 16;
	} while (1);
1166
	rc = write_guest(vcpu, ga, ar, ctl_array, nr_regs * sizeof(u32));
1167
	return rc ? kvm_s390_inject_prog_cond(vcpu, rc) : 0;
1168 1169
}

1170 1171 1172 1173
static int handle_lctlg(struct kvm_vcpu *vcpu)
{
	int reg1 = (vcpu->arch.sie_block->ipa & 0x00f0) >> 4;
	int reg3 = vcpu->arch.sie_block->ipa & 0x000f;
1174 1175 1176
	int reg, rc, nr_regs;
	u64 ctl_array[16];
	u64 ga;
1177
	u8 ar;
1178 1179 1180 1181 1182 1183

	vcpu->stat.instruction_lctlg++;

	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);

1184
	ga = kvm_s390_get_base_disp_rsy(vcpu, &ar);
1185

1186
	if (ga & 7)
1187 1188
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);

1189
	VCPU_EVENT(vcpu, 4, "LCTLG: r1:%d, r3:%d, addr: 0x%llx", reg1, reg3, ga);
1190
	trace_kvm_s390_handle_lctl(vcpu, 1, reg1, reg3, ga);
1191

1192
	nr_regs = ((reg3 - reg1) & 0xf) + 1;
1193
	rc = read_guest(vcpu, ga, ar, ctl_array, nr_regs * sizeof(u64));
1194 1195 1196 1197
	if (rc)
		return kvm_s390_inject_prog_cond(vcpu, rc);
	reg = reg1;
	nr_regs = 0;
1198
	do {
1199
		vcpu->arch.sie_block->gcr[reg] = ctl_array[nr_regs++];
1200 1201 1202 1203
		if (reg == reg3)
			break;
		reg = (reg + 1) % 16;
	} while (1);
1204
	kvm_make_request(KVM_REQ_TLB_FLUSH, vcpu);
1205 1206 1207
	return 0;
}

1208 1209 1210 1211
static int handle_stctg(struct kvm_vcpu *vcpu)
{
	int reg1 = (vcpu->arch.sie_block->ipa & 0x00f0) >> 4;
	int reg3 = vcpu->arch.sie_block->ipa & 0x000f;
1212 1213 1214
	int reg, rc, nr_regs;
	u64 ctl_array[16];
	u64 ga;
1215
	u8 ar;
1216 1217 1218 1219 1220 1221

	vcpu->stat.instruction_stctg++;

	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);

1222
	ga = kvm_s390_get_base_disp_rsy(vcpu, &ar);
1223 1224 1225 1226

	if (ga & 7)
		return kvm_s390_inject_program_int(vcpu, PGM_SPECIFICATION);

1227
	VCPU_EVENT(vcpu, 4, "STCTG r1:%d, r3:%d, addr: 0x%llx", reg1, reg3, ga);
1228 1229
	trace_kvm_s390_handle_stctl(vcpu, 1, reg1, reg3, ga);

1230 1231
	reg = reg1;
	nr_regs = 0;
1232
	do {
1233
		ctl_array[nr_regs++] = vcpu->arch.sie_block->gcr[reg];
1234 1235 1236 1237
		if (reg == reg3)
			break;
		reg = (reg + 1) % 16;
	} while (1);
1238
	rc = write_guest(vcpu, ga, ar, ctl_array, nr_regs * sizeof(u64));
1239
	return rc ? kvm_s390_inject_prog_cond(vcpu, rc) : 0;
1240 1241
}

1242
static const intercept_handler_t eb_handlers[256] = {
1243
	[0x2f] = handle_lctlg,
1244
	[0x25] = handle_stctg,
F
Fan Zhang 已提交
1245 1246 1247
	[0x60] = handle_ri,
	[0x61] = handle_ri,
	[0x62] = handle_ri,
1248 1249
};

1250
int kvm_s390_handle_eb(struct kvm_vcpu *vcpu)
1251 1252 1253 1254 1255 1256 1257 1258 1259
{
	intercept_handler_t handler;

	handler = eb_handlers[vcpu->arch.sie_block->ipb & 0xff];
	if (handler)
		return handler(vcpu);
	return -EOPNOTSUPP;
}

1260 1261
static int handle_tprot(struct kvm_vcpu *vcpu)
{
1262
	u64 address1, address2;
1263 1264 1265
	unsigned long hva, gpa;
	int ret = 0, cc = 0;
	bool writable;
1266
	u8 ar;
1267 1268 1269

	vcpu->stat.instruction_tprot++;

1270 1271 1272
	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);

1273
	kvm_s390_get_base_disp_sse(vcpu, &address1, &address2, &ar, NULL);
1274

1275 1276 1277 1278 1279 1280
	/* we only handle the Linux memory detection case:
	 * access key == 0
	 * everything else goes to userspace. */
	if (address2 & 0xf0)
		return -EOPNOTSUPP;
	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_DAT)
1281
		ipte_lock(vcpu);
1282
	ret = guest_translate_address(vcpu, address1, ar, &gpa, GACC_STORE);
1283 1284 1285
	if (ret == PGM_PROTECTION) {
		/* Write protected? Try again with read-only... */
		cc = 1;
1286 1287
		ret = guest_translate_address(vcpu, address1, ar, &gpa,
					      GACC_FETCH);
1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298
	}
	if (ret) {
		if (ret == PGM_ADDRESSING || ret == PGM_TRANSLATION_SPEC) {
			ret = kvm_s390_inject_program_int(vcpu, ret);
		} else if (ret > 0) {
			/* Translation not available */
			kvm_s390_set_psw_cc(vcpu, 3);
			ret = 0;
		}
		goto out_unlock;
	}
1299

1300 1301 1302 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312
	hva = gfn_to_hva_prot(vcpu->kvm, gpa_to_gfn(gpa), &writable);
	if (kvm_is_error_hva(hva)) {
		ret = kvm_s390_inject_program_int(vcpu, PGM_ADDRESSING);
	} else {
		if (!writable)
			cc = 1;		/* Write not permitted ==> read-only */
		kvm_s390_set_psw_cc(vcpu, cc);
		/* Note: CC2 only occurs for storage keys (not supported yet) */
	}
out_unlock:
	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_DAT)
		ipte_unlock(vcpu);
	return ret;
1313 1314 1315 1316 1317 1318 1319 1320 1321 1322
}

int kvm_s390_handle_e5(struct kvm_vcpu *vcpu)
{
	/* For e5xx... instructions we only handle TPROT */
	if ((vcpu->arch.sie_block->ipa & 0x00ff) == 0x01)
		return handle_tprot(vcpu);
	return -EOPNOTSUPP;
}

1323 1324 1325 1326 1327
static int handle_sckpf(struct kvm_vcpu *vcpu)
{
	u32 value;

	if (vcpu->arch.sie_block->gpsw.mask & PSW_MASK_PSTATE)
1328
		return kvm_s390_inject_program_int(vcpu, PGM_PRIVILEGED_OP);
1329 1330 1331 1332 1333 1334 1335 1336 1337 1338 1339

	if (vcpu->run->s.regs.gprs[0] & 0x00000000ffff0000)
		return kvm_s390_inject_program_int(vcpu,
						   PGM_SPECIFICATION);

	value = vcpu->run->s.regs.gprs[0] & 0x000000000000ffff;
	vcpu->arch.sie_block->todpr = value;

	return 0;
}

1340 1341 1342 1343 1344 1345 1346
static int handle_ptff(struct kvm_vcpu *vcpu)
{
	/* we don't emulate any control instructions yet */
	kvm_s390_set_psw_cc(vcpu, 3);
	return 0;
}

1347
static const intercept_handler_t x01_handlers[256] = {
1348
	[0x04] = handle_ptff,
1349 1350 1351 1352 1353 1354 1355 1356 1357 1358 1359 1360
	[0x07] = handle_sckpf,
};

int kvm_s390_handle_01(struct kvm_vcpu *vcpu)
{
	intercept_handler_t handler;

	handler = x01_handlers[vcpu->arch.sie_block->ipa & 0x00ff];
	if (handler)
		return handler(vcpu);
	return -EOPNOTSUPP;
}