Re: [PATCH v2 2/4] s390x/pv: Check for support on the host

Mon, 09 Jan 2023 01:45:31 -0800 

On 1/9/23 09:45, Janosch Frank wrote:

On 1/6/23 08:53, Cédric Le Goater wrote:

From: Cédric Le Goater <[email protected]>

Support for protected VMs should have been enabled on the host with
the kernel parameter 'prot_virt=1'. If the hardware supports the
feature, it is reflected under sysfs.

Reviewed-by: Thomas Huth <[email protected]>
Signed-off-by: Cédric Le Goater <[email protected]>


Any reason why you didn't use KVM_CAP_S390_PROTECTED?


I think my setup was incorrect when I did the patch. I just verified and QEMU
indeed reports :

 qemu-system-s390x: CPU model does not support Protected Virtualization

which means S390_FEAT_UNPACK was not set.



The sysfs interface isn't meant to be parsed by programs, it's been introduced 
for humans. Most of the interface's data has therefore been made available via 
the UV info API.


Well, QEMU is user space and does peek around in sysfs to collect some info.
Unneeded in that case.

Thanks,

C.




---
  hw/s390x/pv.c | 23 ++++++++++++++++++++++-
  1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/hw/s390x/pv.c b/hw/s390x/pv.c
index 8a1c71436b..d53ef8fd38 100644
--- a/hw/s390x/pv.c
+++ b/hw/s390x/pv.c
@@ -14,6 +14,7 @@
  #include <linux/kvm.h>
  #include "qapi/error.h"
+#include "qemu/cutils.h"
  #include "qemu/error-report.h"
  #include "sysemu/kvm.h"
  #include "qom/object_interfaces.h"
@@ -280,9 +281,29 @@ static bool s390_pv_check_cpus(Error **errp)
      return true;
  }
+#define S390_PV_HOST "/sys/firmware/uv/prot_virt_host"
+
+static bool s390_pv_check_host(Error **errp)
+{
+    gchar *s = NULL;
+    uint64_t pv_host = 0;
+
+    if (g_file_get_contents(S390_PV_HOST, &s, NULL, NULL)) {
+        pv_host = g_ascii_strtoull(s, NULL, 10);
+    }
+    g_free(s);
+
+    if (pv_host != 1) {
+        error_setg(errp, "Host does not support protected VMs");
+        return false;
+    }
+
+    return true;
+}
+
  static bool s390_pv_guest_check(ConfidentialGuestSupport *cgs, Error **errp)
  {
-    return s390_pv_check_cpus(errp);
+    return s390_pv_check_cpus(errp) && s390_pv_check_host(errp);
  }
  int s390_pv_kvm_init(ConfidentialGuestSupport *cgs, Error **errp)

Reply via email to