rpms/qemu-kvm
7
0
Fork 0
Code Issues Pull Requests Releases Activity

* Fri Sep 29 2023 Jon Maloy <jmaloy@redhat.com> - 6.2.0-41

Browse Source 
- kvm-s390x-ap-fix-missing-subsystem-reset-registration.patch [bz#2111390]
- kvm-s390x-do-a-subsystem-reset-before-the-unprotect-on-r.patch [bz#2111390]
- kvm-redhat-Update-linux-headers-for-kvm_s390_vm_cpu_uv_f.patch [bz#2111390]
- kvm-target-s390x-kvm-Refactor-AP-functionalities.patch [bz#2111390]
- kvm-target-s390x-AP-passthrough-for-PV-guests.patch [bz#2111390]
- Resolves: bz#2111390
  ([IBM 8.10 FEAT] KVM: Enable Secure Execution Crypto Passthrough - qemu part)
This commit is contained in:
Jon Maloy 2023-09-29 17:26:27 -04:00
parent 5d18fc78b6
commit 095070217f
6 changed files with 493 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
kvm-redhat-Update-linux-headers-for-kvm_s390_vm_cpu_uv_f.patch Normal file
View File

@ -0,0 +1,56 @@
From 76e75a129e59a33103aa7d1d92074ddcef556980 Mon Sep 17 00:00:00 2001
From: Thomas Huth <thuth@redhat.com>
Date: Tue, 12 Sep 2023 11:24:40 +0200
Subject: [PATCH 3/5] redhat: Update linux-headers for kvm_s390_vm_cpu_uv_feat
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Thomas Huth <thuth@redhat.com>
RH-MergeRequest: 321: Enable Secure Execution Crypto Passthrough for KVM on s390x
RH-Bugzilla: 2111390
RH-Acked-by: Cédric Le Goater <clg@redhat.com>
RH-Commit: [3/5] f1329f5ce5f66033ead7777384dcc1613cad1226
Upstream Status: rhel-only
This hunk is part of upstream commit da3c22c74a3c
("linux-headers: Update to Linux v6.6-rc1"), but since that
commit updates a lot of files and does not apply cleanly,
we only focus on the necessary change here.
Signed-off-by: Thomas Huth <thuth@redhat.com>
---
linux-headers/asm-s390/kvm.h | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/linux-headers/asm-s390/kvm.h b/linux-headers/asm-s390/kvm.h
index f053b8304a..6706bdc5cc 100644
--- a/linux-headers/asm-s390/kvm.h
+++ b/linux-headers/asm-s390/kvm.h
@@ -158,6 +158,22 @@ struct kvm_s390_vm_cpu_subfunc {
__u8 reserved[1728];
};
+#define KVM_S390_VM_CPU_PROCESSOR_UV_FEAT_GUEST 6
+#define KVM_S390_VM_CPU_MACHINE_UV_FEAT_GUEST 7
+
+#define KVM_S390_VM_CPU_UV_FEAT_NR_BITS 64
+struct kvm_s390_vm_cpu_uv_feat {
+ union {
+ struct {
+ __u64 : 4;
+ __u64 ap : 1; /* bit 4 */
+ __u64 ap_intr : 1; /* bit 5 */
+ __u64 : 58;
+ };
+ __u64 feat;
+ };
+};
+
/* kvm attributes for crypto */
#define KVM_S390_VM_CRYPTO_ENABLE_AES_KW 0
#define KVM_S390_VM_CRYPTO_ENABLE_DEA_KW 1
--
2.41.0

44
kvm-s390x-ap-fix-missing-subsystem-reset-registration.patch Normal file
View File

@ -0,0 +1,44 @@
From eb60b6cab9550a62f0b20a9e6d69547d651e3020 Mon Sep 17 00:00:00 2001
From: Janosch Frank <frankja@linux.ibm.com>
Date: Wed, 23 Aug 2023 16:22:15 +0200
Subject: [PATCH 1/5] s390x/ap: fix missing subsystem reset registration
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Thomas Huth <thuth@redhat.com>
RH-MergeRequest: 321: Enable Secure Execution Crypto Passthrough for KVM on s390x
RH-Bugzilla: 2111390
RH-Acked-by: Cédric Le Goater <clg@redhat.com>
RH-Commit: [1/5] 4ebe81bb6cc4fc137ca4ebc9c0cebdedc421cc91
A subsystem reset contains a reset of AP resources which has been
missing. Adding the AP bridge to the list of device types that need
reset fixes this issue.
Reviewed-by: Jason J. Herne <jjherne@linux.ibm.com>
Reviewed-by: Tony Krowiak <akrowiak@linux.ibm.com>
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
Fixes: a51b3153 ("s390x/ap: base Adjunct Processor (AP) object model")
Message-ID: <20230823142219.1046522-2-seiden@linux.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
(cherry picked from commit 297ec01f0b9864ea8209ca0ddc6643b4c0574bdb)
---
hw/s390x/s390-virtio-ccw.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
index 4a7cd21cac..412d73715a 100644
--- a/hw/s390x/s390-virtio-ccw.c
+++ b/hw/s390x/s390-virtio-ccw.c
@@ -100,6 +100,7 @@ static const char *const reset_dev_types[] = {
"s390-flic",
"diag288",
TYPE_S390_PCI_HOST_BRIDGE,
+ TYPE_AP_BRIDGE,
};
static void subsystem_reset(void)
--
2.41.0

68
kvm-s390x-do-a-subsystem-reset-before-the-unprotect-on-r.patch Normal file
View File

@ -0,0 +1,68 @@
From 05b145a8d5b1c2f796069cdd81826c00cf7c983e Mon Sep 17 00:00:00 2001
From: Janosch Frank <frankja@linux.ibm.com>
Date: Fri, 1 Sep 2023 11:48:51 +0000
Subject: [PATCH 2/5] s390x: do a subsystem reset before the unprotect on
reboot
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Thomas Huth <thuth@redhat.com>
RH-MergeRequest: 321: Enable Secure Execution Crypto Passthrough for KVM on s390x
RH-Bugzilla: 2111390
RH-Acked-by: Cédric Le Goater <clg@redhat.com>
RH-Commit: [2/5] ea430d236e1a20ddad7095d2e6d10f741f9a1907
Bound APQNs have to be reset before tearing down the secure config via
s390_machine_unprotect(). Otherwise the Ultravisor will return a error
code.
So let's do a subsystem_reset() which includes a AP reset before the
unprotect call. We'll do a full device_reset() afterwards which will
reset some devices twice. That's ok since we can't move the
device_reset() before the unprotect as it includes a CPU clear reset
which the Ultravisor does not expect at that point in time.
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
Message-ID: <20230901114851.154357-1-frankja@linux.ibm.com>
Tested-by: Viktor Mihajlovski <mihajlov@linux.ibm.com>
Acked-by: Christian Borntraeger <borntraeger@linux.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
(cherry picked from commit ef1535901a07f2e49fa25c8bcee7f0b73801d824)
Conflicts:
hw/s390x/s390-virtio-ccw.c
(contextual conflict due to missing commit 7966d70f6f6b)
Signed-off-by: Thomas Huth <thuth@redhat.com>
---
hw/s390x/s390-virtio-ccw.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
index 412d73715a..17146469ee 100644
--- a/hw/s390x/s390-virtio-ccw.c
+++ b/hw/s390x/s390-virtio-ccw.c
@@ -430,10 +430,20 @@ static void s390_machine_reset(MachineState *machine)
switch (reset_type) {
case S390_RESET_EXTERNAL:
case S390_RESET_REIPL:
+ /*
+ * Reset the subsystem which includes a AP reset. If a PV
+ * guest had APQNs attached the AP reset is a prerequisite to
+ * unprotecting since the UV checks if all APQNs are reset.
+ */
+ subsystem_reset();
if (s390_is_pv()) {
s390_machine_unprotect(ms);
}
+ /*
+ * Device reset includes CPU clear resets so this has to be
+ * done AFTER the unprotect call above.
+ */
qemu_devices_reset();
s390_crypto_reset();
--
2.41.0

194
kvm-target-s390x-AP-passthrough-for-PV-guests.patch Normal file
View File

@ -0,0 +1,194 @@
From 885d04faf5edb787341aab6917fd2de743e029ac Mon Sep 17 00:00:00 2001
From: Steffen Eiden <seiden@linux.ibm.com>
Date: Wed, 23 Aug 2023 16:22:19 +0200
Subject: [PATCH 5/5] target/s390x: AP-passthrough for PV guests
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Thomas Huth <thuth@redhat.com>
RH-MergeRequest: 321: Enable Secure Execution Crypto Passthrough for KVM on s390x
RH-Bugzilla: 2111390
RH-Acked-by: Cédric Le Goater <clg@redhat.com>
RH-Commit: [5/5] 9bf3dfd78fb030a22db7bb756a2cb7f54a0a8d82
Enabling AP-passthrough(AP-pt) for PV-guest by using the new CPU
features for PV-AP-pt of KVM.
As usual QEMU first checks which CPU features are available and then
sets them if available and selected by user. An additional check is done
to verify that PV-AP can only be enabled if "regular" AP-pt is enabled
as well. Note that KVM itself does not enforce this restriction.
Reviewed-by: Michael Mueller <mimu@linux.ibm.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Steffen Eiden <seiden@linux.ibm.com>
Message-ID: <20230823142219.1046522-6-seiden@linux.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
(cherry picked from commit 5ac951519c23d9eaf7dc9e2dcbcbc7d9a745ffe7)
Conflicts:
target/s390x/gen-features.c
(simple contextual conflict due to missing S390_FEAT_PAIE)
Signed-off-by: Thomas Huth <thuth@redhat.com>
---
target/s390x/cpu_features.h | 1 +
target/s390x/cpu_features_def.h.inc | 4 ++
target/s390x/cpu_models.c | 2 +
target/s390x/gen-features.c | 2 +
target/s390x/kvm/kvm.c | 70 +++++++++++++++++++++++++++++
5 files changed, 79 insertions(+)
diff --git a/target/s390x/cpu_features.h b/target/s390x/cpu_features.h
index 87463f064d..a9bd68a2e1 100644
--- a/target/s390x/cpu_features.h
+++ b/target/s390x/cpu_features.h
@@ -43,6 +43,7 @@ typedef enum {
S390_FEAT_TYPE_KDSA,
S390_FEAT_TYPE_SORTL,
S390_FEAT_TYPE_DFLTCC,
+ S390_FEAT_TYPE_UV_FEAT_GUEST,
} S390FeatType;
/* Definition of a CPU feature */
diff --git a/target/s390x/cpu_features_def.h.inc b/target/s390x/cpu_features_def.h.inc
index e86662bb3b..aa1f51f2a8 100644
--- a/target/s390x/cpu_features_def.h.inc
+++ b/target/s390x/cpu_features_def.h.inc
@@ -378,3 +378,7 @@ DEF_FEAT(DEFLATE_GHDT, "dfltcc-gdht", DFLTCC, 1, "DFLTCC GDHT")
DEF_FEAT(DEFLATE_CMPR, "dfltcc-cmpr", DFLTCC, 2, "DFLTCC CMPR")
DEF_FEAT(DEFLATE_XPND, "dfltcc-xpnd", DFLTCC, 4, "DFLTCC XPND")
DEF_FEAT(DEFLATE_F0, "dfltcc-f0", DFLTCC, 192, "DFLTCC format 0 parameter-block")
+
+/* Features exposed via the UV-CALL instruction */
+DEF_FEAT(UV_FEAT_AP, "appv", UV_FEAT_GUEST, 4, "AP instructions installed for secure guests")
+DEF_FEAT(UV_FEAT_AP_INTR, "appvi", UV_FEAT_GUEST, 5, "AP instructions interruption support for secure guests")
diff --git a/target/s390x/cpu_models.c b/target/s390x/cpu_models.c
index 11e06cc51f..454485e706 100644
--- a/target/s390x/cpu_models.c
+++ b/target/s390x/cpu_models.c
@@ -467,6 +467,8 @@ static void check_consistency(const S390CPUModel *model)
{ S390_FEAT_DIAG_318, S390_FEAT_EXTENDED_LENGTH_SCCB },
{ S390_FEAT_NNPA, S390_FEAT_VECTOR },
{ S390_FEAT_RDP, S390_FEAT_LOCAL_TLB_CLEARING },
+ { S390_FEAT_UV_FEAT_AP, S390_FEAT_AP },
+ { S390_FEAT_UV_FEAT_AP_INTR, S390_FEAT_UV_FEAT_AP },
};
int i;
diff --git a/target/s390x/gen-features.c b/target/s390x/gen-features.c
index 7cb1a6ec10..b789288c82 100644
--- a/target/s390x/gen-features.c
+++ b/target/s390x/gen-features.c
@@ -575,6 +575,8 @@ static uint16_t full_GEN16_GA1[] = {
S390_FEAT_BEAR_ENH,
S390_FEAT_RDP,
S390_FEAT_PAI,
+ S390_FEAT_UV_FEAT_AP,
+ S390_FEAT_UV_FEAT_AP_INTR,
};
diff --git a/target/s390x/kvm/kvm.c b/target/s390x/kvm/kvm.c
index eb8ca4c780..a963866ef4 100644
--- a/target/s390x/kvm/kvm.c
+++ b/target/s390x/kvm/kvm.c
@@ -2308,6 +2308,42 @@ static bool ap_enabled(const S390FeatBitmap features)
return test_bit(S390_FEAT_AP, features);
}
+static bool uv_feat_supported(void)
+{
+ return kvm_vm_check_attr(kvm_state, KVM_S390_VM_CPU_MODEL,
+ KVM_S390_VM_CPU_PROCESSOR_UV_FEAT_GUEST);
+}
+
+static int query_uv_feat_guest(S390FeatBitmap features)
+{
+ struct kvm_s390_vm_cpu_uv_feat prop = {};
+ struct kvm_device_attr attr = {
+ .group = KVM_S390_VM_CPU_MODEL,
+ .attr = KVM_S390_VM_CPU_MACHINE_UV_FEAT_GUEST,
+ .addr = (uint64_t) &prop,
+ };
+ int rc;
+
+ /* AP support check is currently the only user of the UV feature test */
+ if (!(uv_feat_supported() && ap_available())) {
+ return 0;
+ }
+
+ rc = kvm_vm_ioctl(kvm_state, KVM_GET_DEVICE_ATTR, &attr);
+ if (rc) {
+ return rc;
+ }
+
+ if (prop.ap) {
+ set_bit(S390_FEAT_UV_FEAT_AP, features);
+ }
+ if (prop.ap_intr) {
+ set_bit(S390_FEAT_UV_FEAT_AP_INTR, features);
+ }
+
+ return 0;
+}
+
static int kvm_to_feat[][2] = {
{ KVM_S390_VM_CPU_FEAT_ESOP, S390_FEAT_ESOP },
{ KVM_S390_VM_CPU_FEAT_SIEF2, S390_FEAT_SIE_F2 },
@@ -2502,11 +2538,38 @@ void kvm_s390_get_host_cpu_model(S390CPUModel *model, Error **errp)
set_bit(S390_FEAT_DIAG_318, model->features);
}
+ /* Test for Ultravisor features that influence secure guest behavior */
+ query_uv_feat_guest(model->features);
+
/* strip of features that are not part of the maximum model */
bitmap_and(model->features, model->features, model->def->full_feat,
S390_FEAT_MAX);
}
+static int configure_uv_feat_guest(const S390FeatBitmap features)
+{
+ struct kvm_s390_vm_cpu_uv_feat uv_feat = {};
+ struct kvm_device_attr attribute = {
+ .group = KVM_S390_VM_CPU_MODEL,
+ .attr = KVM_S390_VM_CPU_PROCESSOR_UV_FEAT_GUEST,
+ .addr = (__u64) &uv_feat,
+ };
+
+ /* AP support check is currently the only user of the UV feature test */
+ if (!(uv_feat_supported() && ap_enabled(features))) {
+ return 0;
+ }
+
+ if (test_bit(S390_FEAT_UV_FEAT_AP, features)) {
+ uv_feat.ap = 1;
+ }
+ if (test_bit(S390_FEAT_UV_FEAT_AP_INTR, features)) {
+ uv_feat.ap_intr = 1;
+ }
+
+ return kvm_vm_ioctl(kvm_state, KVM_SET_DEVICE_ATTR, &attribute);
+}
+
static void kvm_s390_configure_apie(bool interpret)
{
uint64_t attr = interpret ? KVM_S390_VM_CRYPTO_ENABLE_APIE :
@@ -2578,6 +2641,13 @@ void kvm_s390_apply_cpu_model(const S390CPUModel *model, Error **errp)
if (ap_enabled(model->features)) {
kvm_s390_configure_apie(true);
}
+
+ /* configure UV-features for the guest indicated via query / test_bit */
+ rc = configure_uv_feat_guest(model->features);
+ if (rc) {
+ error_setg(errp, "KVM: Error configuring CPU UV features %d", rc);
+ return;
+ }
}
void kvm_s390_restart_interrupt(S390CPU *cpu)
--
2.41.0

111
kvm-target-s390x-kvm-Refactor-AP-functionalities.patch Normal file
View File

@ -0,0 +1,111 @@
From 57bcc768ac7d0614472e60cc2833b74a2a198d29 Mon Sep 17 00:00:00 2001
From: Steffen Eiden <seiden@linux.ibm.com>
Date: Wed, 23 Aug 2023 16:22:18 +0200
Subject: [PATCH 4/5] target/s390x/kvm: Refactor AP functionalities
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
RH-Author: Thomas Huth <thuth@redhat.com>
RH-MergeRequest: 321: Enable Secure Execution Crypto Passthrough for KVM on s390x
RH-Bugzilla: 2111390
RH-Acked-by: Cédric Le Goater <clg@redhat.com>
RH-Commit: [4/5] 8ab2f8766931fb65a391aab590d0ccabd8ba8909
kvm_s390_set_attr() is a misleading name as it only sets attributes for
the KVM_S390_VM_CRYPTO group. Therefore, rename it to
kvm_s390_set_crypto_attr().
Add new functions ap_available() and ap_enabled() to avoid code
duplication later.
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Michael Mueller <mimu@linux.ibm.com>
Signed-off-by: Steffen Eiden <seiden@linux.ibm.com>
Message-ID: <20230823142219.1046522-5-seiden@linux.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
(cherry picked from commit 354383c12294f2ee510204cfdc5aaed9f0c42171)
---
target/s390x/kvm/kvm.c | 24 +++++++++++++++++-------
1 file changed, 17 insertions(+), 7 deletions(-)
diff --git a/target/s390x/kvm/kvm.c b/target/s390x/kvm/kvm.c
index 8d36c377b5..eb8ca4c780 100644
--- a/target/s390x/kvm/kvm.c
+++ b/target/s390x/kvm/kvm.c
@@ -251,7 +251,7 @@ static void kvm_s390_enable_cmma(void)
trace_kvm_enable_cmma(rc);
}
-static void kvm_s390_set_attr(uint64_t attr)
+static void kvm_s390_set_crypto_attr(uint64_t attr)
{
struct kvm_device_attr attribute = {
.group = KVM_S390_VM_CRYPTO,
@@ -276,7 +276,7 @@ static void kvm_s390_init_aes_kw(void)
}
if (kvm_vm_check_attr(kvm_state, KVM_S390_VM_CRYPTO, attr)) {
- kvm_s390_set_attr(attr);
+ kvm_s390_set_crypto_attr(attr);
}
}
@@ -290,7 +290,7 @@ static void kvm_s390_init_dea_kw(void)
}
if (kvm_vm_check_attr(kvm_state, KVM_S390_VM_CRYPTO, attr)) {
- kvm_s390_set_attr(attr);
+ kvm_s390_set_crypto_attr(attr);
}
}
@@ -2297,6 +2297,17 @@ static int configure_cpu_subfunc(const S390FeatBitmap features)
return kvm_vm_ioctl(kvm_state, KVM_SET_DEVICE_ATTR, &attr);
}
+static bool ap_available(void)
+{
+ return kvm_vm_check_attr(kvm_state, KVM_S390_VM_CRYPTO,
+ KVM_S390_VM_CRYPTO_ENABLE_APIE);
+}
+
+static bool ap_enabled(const S390FeatBitmap features)
+{
+ return test_bit(S390_FEAT_AP, features);
+}
+
static int kvm_to_feat[][2] = {
{ KVM_S390_VM_CPU_FEAT_ESOP, S390_FEAT_ESOP },
{ KVM_S390_VM_CPU_FEAT_SIEF2, S390_FEAT_SIE_F2 },
@@ -2476,8 +2487,7 @@ void kvm_s390_get_host_cpu_model(S390CPUModel *model, Error **errp)
return;
}
/* for now, we can only provide the AP feature with HW support */
- if (kvm_vm_check_attr(kvm_state, KVM_S390_VM_CRYPTO,
- KVM_S390_VM_CRYPTO_ENABLE_APIE)) {
+ if (ap_available()) {
set_bit(S390_FEAT_AP, model->features);
}
@@ -2503,7 +2513,7 @@ static void kvm_s390_configure_apie(bool interpret)
KVM_S390_VM_CRYPTO_DISABLE_APIE;
if (kvm_vm_check_attr(kvm_state, KVM_S390_VM_CRYPTO, attr)) {
- kvm_s390_set_attr(attr);
+ kvm_s390_set_crypto_attr(attr);
}
}
@@ -2565,7 +2575,7 @@ void kvm_s390_apply_cpu_model(const S390CPUModel *model, Error **errp)
kvm_s390_enable_cmma();
}
- if (test_bit(S390_FEAT_AP, model->features)) {
+ if (ap_enabled(model->features)) {
kvm_s390_configure_apie(true);
}
}
--
2.41.0

21
qemu-kvm.spec
View File

@ -83,7 +83,7 @@ Obsoletes: %1-rhev <= %{epoch}:%{version}-%{release}
Summary: QEMU is a machine emulator and virtualizer
Name: qemu-kvm
Version: 6.2.0
Release: 40%{?rcrel}%{?dist}
Release: 41%{?rcrel}%{?dist}
# Epoch because we pushed a qemu-1.0 package. AIUI this can't ever be dropped
Epoch: 15
License: GPLv2 and GPLv2+ and CC-BY
@ -783,6 +783,16 @@ Patch310: kvm-target-i386-kvm-Fix-disabling-MPX-on-cpu-host-with-M.patch
Patch311: kvm-vhost-vdpa-do-not-cleanup-the-vdpa-vhost-net-structu.patch
# For bz#2218488 - CVE-2023-3255 virt:rhel/qemu-kvm: QEMU: VNC: infinite loop in inflate_buffer() leads to denial of service [rhel-8]
Patch312: kvm-ui-vnc-clipboard-fix-infinite-loop-in-inflate_buffer.patch
# For bz#2111390 - [IBM 8.10 FEAT] KVM: Enable Secure Execution Crypto Passthrough - qemu part
Patch313: kvm-s390x-ap-fix-missing-subsystem-reset-registration.patch
# For bz#2111390 - [IBM 8.10 FEAT] KVM: Enable Secure Execution Crypto Passthrough - qemu part
Patch314: kvm-s390x-do-a-subsystem-reset-before-the-unprotect-on-r.patch
# For bz#2111390 - [IBM 8.10 FEAT] KVM: Enable Secure Execution Crypto Passthrough - qemu part
Patch315: kvm-redhat-Update-linux-headers-for-kvm_s390_vm_cpu_uv_f.patch
# For bz#2111390 - [IBM 8.10 FEAT] KVM: Enable Secure Execution Crypto Passthrough - qemu part
Patch316: kvm-target-s390x-kvm-Refactor-AP-functionalities.patch
# For bz#2111390 - [IBM 8.10 FEAT] KVM: Enable Secure Execution Crypto Passthrough - qemu part
Patch317: kvm-target-s390x-AP-passthrough-for-PV-guests.patch
BuildRequires: wget
BuildRequires: rpm-build
@ -1952,6 +1962,15 @@ sh %{_sysconfdir}/sysconfig/modules/kvm.modules &> /dev/null || :
%changelog
* Fri Sep 29 2023 Jon Maloy <jmaloy@redhat.com> - 6.2.0-41
- kvm-s390x-ap-fix-missing-subsystem-reset-registration.patch [bz#2111390]
- kvm-s390x-do-a-subsystem-reset-before-the-unprotect-on-r.patch [bz#2111390]
- kvm-redhat-Update-linux-headers-for-kvm_s390_vm_cpu_uv_f.patch [bz#2111390]
- kvm-target-s390x-kvm-Refactor-AP-functionalities.patch [bz#2111390]
- kvm-target-s390x-AP-passthrough-for-PV-guests.patch [bz#2111390]
- Resolves: bz#2111390
([IBM 8.10 FEAT] KVM: Enable Secure Execution Crypto Passthrough - qemu part)
* Thu Sep 28 2023 Jon Maloy <jmaloy@redhat.com> - 6.2.0-40
- kvm-ui-vnc-clipboard-fix-infinite-loop-in-inflate_buffer.patch [bz#2218488]
- Resolves: bz#2218488