On 03/16/2018 06:36 AM, Pierre Morel wrote:
On 16/03/2018 00:24, Tony Krowiak wrote:
The VFIO AP device exploits interpretive execution of AP
instructions (APIE). APIE is enabled by setting a device attribute
via the KVM_SET_DEVICE_ATTR ioctl.
Signed-off-by: Tony Krowiak <akrow...@linux.vnet.ibm.com>
---
target/s390x/kvm.c | 16 ++++++++++++++++
target/s390x/kvm_s390x.h | 2 ++
2 files changed, 18 insertions(+), 0 deletions(-)
diff --git a/target/s390x/kvm.c b/target/s390x/kvm.c
index 33e5ec3..2812e28 100644
--- a/target/s390x/kvm.c
+++ b/target/s390x/kvm.c
@@ -277,6 +277,22 @@ static void kvm_s390_init_dea_kw(void)
}
}
+int kvm_s390_set_interpret_ap(uint8_t enable)
+{
+ struct kvm_device_attr attribute = {
+ .group = KVM_S390_VM_CRYPTO,
+ .attr = KVM_S390_VM_CRYPTO_INTERPRET_AP,
+ .addr = 1,
+ };
+
+ if (!kvm_vm_check_attr(kvm_state, KVM_S390_VM_CRYPTO,
+ KVM_S390_VM_CRYPTO_INTERPRET_AP)) {
Isn't it enough to have the CPU feature ?
I don't understand this question within this context. The code above checks
to see whether the KVM_S390_VM_CRYPTO_INTERPRET_AP attribute is supported.
What are expecting here?
I'm expecting that if the KVM_S390_VM_CRYPTO_INTERPRET_AP attribute can
not be set then that is an error condition that should be returned to
the caller.
+ return -EOPNOTSUPP;
+ }
+
+ return kvm_vm_ioctl(kvm_state, KVM_SET_DEVICE_ATTR, &attribute);
Shouldn't you use the "enable" parameter somewhere?
If attribute.addr is not zero, then that indicates enable. If that is
objectionable,
I can change it.
+}
+
void kvm_s390_crypto_reset(void)
{
if (s390_has_feat(S390_FEAT_MSA_EXT_3)) {
diff --git a/target/s390x/kvm_s390x.h b/target/s390x/kvm_s390x.h
index 34ee7e7..0d6c6e7 100644
--- a/target/s390x/kvm_s390x.h
+++ b/target/s390x/kvm_s390x.h
@@ -40,4 +40,6 @@ void kvm_s390_crypto_reset(void);
void kvm_s390_restart_interrupt(S390CPU *cpu);
void kvm_s390_stop_interrupt(S390CPU *cpu);
+int kvm_s390_set_interpret_ap(uint8_t enable);
+
#endif /* KVM_S390X_H */
