From 676f3da2fc29ae71ed4189483b86e3c6496b8905 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Date: Wed, 3 Jul 2024 13:44:31 +0100 Subject: Add downstream ppc64 versioned 'spapr' machine types Adding changes to add RHEL machine types for ppc64 architecture. Signed-off-by: Miroslav Rezanina Rebase notes (6.2.0): - Fixed rebase conflict relicts - Update machine type compat for 6.2 (from MR 66) Rebase notes (9.1.0 rc0) - Don't call kvmppc_svm_allow() when !CONFIG_KVM - Convert to new DEFINE_SPAPR_MACHINE macros Merged patches (6.1.0): - c438c25ac3 redhat: Define pseries-rhel8.5.0 machine type - a3995e2eff Remove RHEL 7.0.0 machine type (only ppc64 changes) - ad3190a79b Remove RHEL 7.1.0 machine type (only ppc64 changes) - 84bbe15d4e Remove RHEL 7.2.0 machine type (only ppc64 changes) - 0215eb3356 Remove RHEL 7.3.0 machine types (only ppc64 changes) - af69d1ca6e Remove RHEL 7.4.0 machine types (only ppc64 changes) - 8f7a74ab78 Remove RHEL 7.5.0 machine types (only ppc64 changes) Merged patches (7.1.0): - baa6790171 target/ppc/cpu-models: Fix ppc_cpu_aliases list for RHEL --- hw/ppc/spapr.c | 254 +++++++++++++++++++++++++++++++++++++++- hw/ppc/spapr_cpu_core.c | 13 ++ include/hw/ppc/spapr.h | 4 + target/ppc/compat.c | 11 ++ target/ppc/cpu.h | 1 + target/ppc/kvm.c | 27 +++++ target/ppc/kvm_ppc.h | 13 ++ 7 files changed, 317 insertions(+), 6 deletions(-) diff --git a/hw/ppc/spapr.c b/hw/ppc/spapr.c index b48a2afc38..29e66f1b3f 100644 --- a/hw/ppc/spapr.c +++ b/hw/ppc/spapr.c @@ -1746,6 +1746,13 @@ static void spapr_machine_reset(MachineState *machine, ShutdownCause reason) } spapr_caps_apply(spapr); spapr_nested_reset(spapr); + if (spapr->svm_allowed) { +#ifdef CONFIG_KVM + kvmppc_svm_allow(&error_fatal); +#else + error_setg(&error_fatal, "No PEF support in tcg, try x-svm-allowed=off"); +#endif + } first_ppc_cpu = POWERPC_CPU(first_cpu); if (kvm_enabled() && kvmppc_has_cap_mmu_radix() && @@ -3452,6 +3459,20 @@ static void spapr_set_host_serial(Object *obj, const char *value, Error **errp) spapr->host_serial = g_strdup(value); } +static bool spapr_get_svm_allowed(Object *obj, Error **errp) +{ + SpaprMachineState *spapr = SPAPR_MACHINE(obj); + + return spapr->svm_allowed; +} + +static void spapr_set_svm_allowed(Object *obj, bool value, Error **errp) +{ + SpaprMachineState *spapr = SPAPR_MACHINE(obj); + + spapr->svm_allowed = value; +} + static void spapr_instance_init(Object *obj) { SpaprMachineState *spapr = SPAPR_MACHINE(obj); @@ -3530,6 +3551,12 @@ static void spapr_instance_init(Object *obj) spapr_get_host_serial, spapr_set_host_serial); object_property_set_description(obj, "host-serial", "Host serial number to advertise in guest device tree"); + object_property_add_bool(obj, "x-svm-allowed", + spapr_get_svm_allowed, + spapr_set_svm_allowed); + object_property_set_description(obj, "x-svm-allowed", + "Allow the guest to become a Secure Guest" + " (experimental only)"); } static void spapr_machine_finalizefn(Object *obj) @@ -4775,6 +4802,7 @@ static void spapr_machine_class_init(ObjectClass *oc, void *data) vmc->client_architecture_support = spapr_vof_client_architecture_support; vmc->quiesce = spapr_vof_quiesce; vmc->setprop = spapr_vof_setprop; + smc->has_power9_support = true; } static const TypeInfo spapr_machine_info = { @@ -4830,12 +4858,12 @@ static void spapr_machine_latest_class_options(MachineClass *mc) } \ type_init(MACHINE_VER_SYM(register, spapr, __VA_ARGS__)) -#define DEFINE_SPAPR_MACHINE_AS_LATEST(major, minor) \ - DEFINE_SPAPR_MACHINE_IMPL(true, major, minor) -#define DEFINE_SPAPR_MACHINE(major, minor) \ - DEFINE_SPAPR_MACHINE_IMPL(false, major, minor) -#define DEFINE_SPAPR_MACHINE_TAGGED(major, minor, tag) \ - DEFINE_SPAPR_MACHINE_IMPL(false, major, minor, _, tag) +#define DEFINE_SPAPR_MACHINE_AS_LATEST(major, minor, micro) \ + DEFINE_SPAPR_MACHINE_IMPL(true, major, minor, micro) +#define DEFINE_SPAPR_MACHINE(major, minor, micro) \ + DEFINE_SPAPR_MACHINE_IMPL(false, major, minor, micro) +#define DEFINE_SPAPR_MACHINE_TAGGED(major, minor, micro, tag) \ + DEFINE_SPAPR_MACHINE_IMPL(false, major, minor, micro, _, tag) #if 0 /* Disabled for Red Hat Enterprise Linux */ /* @@ -5386,6 +5414,220 @@ static void spapr_machine_2_1_class_options(MachineClass *mc) DEFINE_SPAPR_MACHINE(2, 1); #endif /* disabled for RHEL */ +static void spapr_rhel_machine_default_class_options(MachineClass *mc) +{ + /* + * Defaults for the latest behaviour inherited from the base class + * can be overriden here for all pseries-rhel* machines. + */ + + /* Maximum supported VCPU count */ + mc->max_cpus = 384; +} + +/* + * pseries-rhel8.5.0 + * like pseries-6.0 + */ + +static void spapr_rhel_machine_8_5_0_class_options(MachineClass *mc) +{ + SpaprMachineClass *smc = SPAPR_MACHINE_CLASS(mc); + + /* The default machine type must apply the RHEL specific defaults */ + spapr_rhel_machine_default_class_options(mc); + compat_props_add(mc->compat_props, hw_compat_rhel_8_5, + hw_compat_rhel_8_5_len); + smc->pre_6_2_numa_affinity = true; + mc->smp_props.prefer_sockets = true; +} + +DEFINE_SPAPR_MACHINE_AS_LATEST(8, 5, 0); + +/* + * pseries-rhel8.4.0 + * like pseries-5.2 + */ + +static void spapr_rhel_machine_8_4_0_class_options(MachineClass *mc) +{ + spapr_rhel_machine_8_5_0_class_options(mc); + compat_props_add(mc->compat_props, hw_compat_rhel_8_4, + hw_compat_rhel_8_4_len); +} + +DEFINE_SPAPR_MACHINE(8, 4, 0); + +/* + * pseries-rhel8.3.0 + * like pseries-5.1 + */ + +static void spapr_rhel_machine_8_3_0_class_options(MachineClass *mc) +{ + SpaprMachineClass *smc = SPAPR_MACHINE_CLASS(mc); + + spapr_rhel_machine_8_4_0_class_options(mc); + compat_props_add(mc->compat_props, hw_compat_rhel_8_3, + hw_compat_rhel_8_3_len); + + /* from pseries-5.1 */ + smc->pre_5_2_numa_associativity = true; +} + +DEFINE_SPAPR_MACHINE(8, 3, 0); + +/* + * pseries-rhel8.2.0 + * like pseries-4.2 + pseries-5.0 + * except SPAPR_CAP_CCF_ASSIST that has been backported to pseries-rhel8.1.0 + */ + +static void spapr_rhel_machine_8_2_0_class_options(MachineClass *mc) +{ + SpaprMachineClass *smc = SPAPR_MACHINE_CLASS(mc); + /* from pseries-5.0 */ + static GlobalProperty compat[] = { + { TYPE_SPAPR_PCI_HOST_BRIDGE, "pre-5.1-associativity", "on" }, + }; + + spapr_rhel_machine_8_3_0_class_options(mc); + compat_props_add(mc->compat_props, hw_compat_rhel_8_2, + hw_compat_rhel_8_2_len); + compat_props_add(mc->compat_props, compat, G_N_ELEMENTS(compat)); + + /* from pseries-4.2 */ + smc->default_caps.caps[SPAPR_CAP_FWNMI] = SPAPR_CAP_OFF; + smc->rma_limit = 16 * GiB; + mc->nvdimm_supported = false; + + /* from pseries-5.0 */ + mc->numa_mem_supported = true; + smc->pre_5_1_assoc_refpoints = true; +} + +DEFINE_SPAPR_MACHINE(8, 2, 0); + +/* + * pseries-rhel8.1.0 + * like pseries-4.1 + */ + +static void spapr_rhel_machine_8_1_0_class_options(MachineClass *mc) +{ + SpaprMachineClass *smc = SPAPR_MACHINE_CLASS(mc); + static GlobalProperty compat[] = { + /* Only allow 4kiB and 64kiB IOMMU pagesizes */ + { TYPE_SPAPR_PCI_HOST_BRIDGE, "pgsz", "0x11000" }, + }; + + spapr_rhel_machine_8_2_0_class_options(mc); + + /* from pseries-4.1 */ + smc->linux_pci_probe = false; + smc->smp_threads_vsmt = false; + compat_props_add(mc->compat_props, hw_compat_rhel_8_1, + hw_compat_rhel_8_1_len); + compat_props_add(mc->compat_props, compat, G_N_ELEMENTS(compat)); + + /* from pseries-4.2 */ + smc->default_caps.caps[SPAPR_CAP_CCF_ASSIST] = SPAPR_CAP_OFF; +} + +DEFINE_SPAPR_MACHINE(8, 1, 0); + +/* + * pseries-rhel8.0.0 + * like pseries-3.1 and pseries-4.0 + * except SPAPR_CAP_CFPC, SPAPR_CAP_SBBC and SPAPR_CAP_IBS + * that have been backported to pseries-rhel8.0.0 + */ + +static void spapr_rhel_machine_8_0_0_class_options(MachineClass *mc) +{ + SpaprMachineClass *smc = SPAPR_MACHINE_CLASS(mc); + + spapr_rhel_machine_8_1_0_class_options(mc); + compat_props_add(mc->compat_props, hw_compat_rhel_8_0, + hw_compat_rhel_8_0_len); + + /* pseries-4.0 */ + smc->phb_placement = phb_placement_4_0; + smc->irq = &spapr_irq_xics; + smc->pre_4_1_migration = true; + + /* pseries-3.1 */ + mc->default_cpu_type = POWERPC_CPU_TYPE_NAME("power8_v2.0"); + smc->update_dt_enabled = false; + smc->dr_phb_enabled = false; + smc->broken_host_serial_model = true; + smc->default_caps.caps[SPAPR_CAP_LARGE_DECREMENTER] = SPAPR_CAP_OFF; +} + +DEFINE_SPAPR_MACHINE(8, 0, 0); + +/* + * pseries-rhel7.6.0 + * like spapr_compat_2_12 and spapr_compat_3_0 + * spapr_compat_0 is empty + */ +GlobalProperty spapr_compat_rhel7_6[] = { + { TYPE_POWERPC_CPU, "pre-3.0-migration", "on" }, + { TYPE_SPAPR_CPU_CORE, "pre-3.0-migration", "on" }, +}; +const size_t spapr_compat_rhel7_6_len = G_N_ELEMENTS(spapr_compat_rhel7_6); + + +static void spapr_rhel_machine_7_6_0_class_options(MachineClass *mc) +{ + SpaprMachineClass *smc = SPAPR_MACHINE_CLASS(mc); + + spapr_rhel_machine_8_0_0_class_options(mc); + compat_props_add(mc->compat_props, hw_compat_rhel_7_6, hw_compat_rhel_7_6_len); + compat_props_add(mc->compat_props, spapr_compat_rhel7_6, spapr_compat_rhel7_6_len); + + /* from spapr_machine_3_0_class_options() */ + smc->legacy_irq_allocation = true; + smc->nr_xirqs = 0x400; + smc->irq = &spapr_irq_xics_legacy; + + /* from spapr_machine_2_12_class_options() */ + /* We depend on kvm_enabled() to choose a default value for the + * hpt-max-page-size capability. Of course we can't do it here + * because this is too early and the HW accelerator isn't initialzed + * yet. Postpone this to machine init (see default_caps_with_cpu()). + */ + smc->default_caps.caps[SPAPR_CAP_HPT_MAXPAGESIZE] = 0; + + /* SPAPR_CAP_WORKAROUND enabled in pseries-rhel800 by + * f21757edc554 + * "Enable mitigations by default for pseries-4.0 machine type") + */ + smc->default_caps.caps[SPAPR_CAP_CFPC] = SPAPR_CAP_BROKEN; + smc->default_caps.caps[SPAPR_CAP_SBBC] = SPAPR_CAP_BROKEN; + smc->default_caps.caps[SPAPR_CAP_IBS] = SPAPR_CAP_BROKEN; +} + +DEFINE_SPAPR_MACHINE(7, 6, 0); + +/* + * pseries-rhel7.6.0-sxxm + * + * pseries-rhel7.6.0 with speculative execution exploit mitigations enabled by default + */ + +static void spapr_rhel_machine_7_6_0_sxxm_class_options(MachineClass *mc) +{ + SpaprMachineClass *smc = SPAPR_MACHINE_CLASS(mc); + + spapr_rhel_machine_7_6_0_class_options(mc); + smc->default_caps.caps[SPAPR_CAP_CFPC] = SPAPR_CAP_WORKAROUND; + smc->default_caps.caps[SPAPR_CAP_SBBC] = SPAPR_CAP_WORKAROUND; + smc->default_caps.caps[SPAPR_CAP_IBS] = SPAPR_CAP_FIXED_CCD; +} + +DEFINE_SPAPR_MACHINE_TAGGED(7, 6, 0, sxxm); + static void spapr_machine_register_types(void) { type_register_static(&spapr_machine_info); diff --git a/hw/ppc/spapr_cpu_core.c b/hw/ppc/spapr_cpu_core.c index 0bf7c52077..c845f4acef 100644 --- a/hw/ppc/spapr_cpu_core.c +++ b/hw/ppc/spapr_cpu_core.c @@ -25,6 +25,7 @@ #include "sysemu/reset.h" #include "sysemu/hw_accel.h" #include "qemu/error-report.h" +#include "cpu-models.h" static void spapr_reset_vcpu(PowerPCCPU *cpu) { @@ -264,6 +265,7 @@ static bool spapr_realize_vcpu(PowerPCCPU *cpu, SpaprMachineState *spapr, { CPUPPCState *env = &cpu->env; CPUState *cs = CPU(cpu); + SpaprMachineClass *smc = SPAPR_MACHINE_GET_CLASS(spapr); if (!qdev_realize(DEVICE(cpu), NULL, errp)) { return false; @@ -280,6 +282,17 @@ static bool spapr_realize_vcpu(PowerPCCPU *cpu, SpaprMachineState *spapr, /* Set time-base frequency to 512 MHz. vhyp must be set first. */ cpu_ppc_tb_init(env, SPAPR_TIMEBASE_FREQ); + if (!smc->has_power9_support && + (((spapr->max_compat_pvr && + ppc_compat_cmp(spapr->max_compat_pvr, + CPU_POWERPC_LOGICAL_3_00) >= 0)) || + (!spapr->max_compat_pvr && + ppc_check_compat(cpu, CPU_POWERPC_LOGICAL_3_00, 0, 0)))) { + error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND, + "POWER9 CPU is not supported by this machine class"); + return false; + } + if (spapr_irq_cpu_intc_create(spapr, cpu, errp) < 0) { qdev_unrealize(DEVICE(cpu)); return false; diff --git a/include/hw/ppc/spapr.h b/include/hw/ppc/spapr.h index f6de3e9972..fc48348747 100644 --- a/include/hw/ppc/spapr.h +++ b/include/hw/ppc/spapr.h @@ -157,6 +157,7 @@ struct SpaprMachineClass { bool pre_5_2_numa_associativity; bool pre_6_2_numa_affinity; + bool has_power9_support; bool (*phb_placement)(SpaprMachineState *spapr, uint32_t index, uint64_t *buid, hwaddr *pio, hwaddr *mmio32, hwaddr *mmio64, @@ -259,6 +260,9 @@ struct SpaprMachineState { /* Set by -boot */ char *boot_device; + /* Secure Guest support via x-svm-allowed */ + bool svm_allowed; + /*< public >*/ char *kvm_type; char *host_model; diff --git a/target/ppc/compat.c b/target/ppc/compat.c index ebef2cccec..ab7ed76806 100644 --- a/target/ppc/compat.c +++ b/target/ppc/compat.c @@ -114,6 +114,17 @@ static const CompatInfo *compat_by_pvr(uint32_t pvr) return NULL; } +long ppc_compat_cmp(uint32_t pvr1, uint32_t pvr2) +{ + const CompatInfo *compat1 = compat_by_pvr(pvr1); + const CompatInfo *compat2 = compat_by_pvr(pvr2); + + g_assert(compat1); + g_assert(compat2); + + return compat1 - compat2; +} + static bool pcc_compat(PowerPCCPUClass *pcc, uint32_t compat_pvr, uint32_t min_compat_pvr, uint32_t max_compat_pvr) { diff --git a/target/ppc/cpu.h b/target/ppc/cpu.h index 321ed2da75..e35a997628 100644 --- a/target/ppc/cpu.h +++ b/target/ppc/cpu.h @@ -1673,6 +1673,7 @@ static inline int ppc_env_mmu_index(CPUPPCState *env, bool ifetch) /* Compatibility modes */ #if defined(TARGET_PPC64) +long ppc_compat_cmp(uint32_t pvr1, uint32_t pvr2); bool ppc_check_compat(PowerPCCPU *cpu, uint32_t compat_pvr, uint32_t min_compat_pvr, uint32_t max_compat_pvr); bool ppc_type_check_compat(const char *cputype, uint32_t compat_pvr, diff --git a/target/ppc/kvm.c b/target/ppc/kvm.c index 907dba60d1..c942ff55b2 100644 --- a/target/ppc/kvm.c +++ b/target/ppc/kvm.c @@ -92,6 +92,7 @@ static int cap_large_decr; static int cap_fwnmi; static int cap_rpt_invalidate; static int cap_ail_mode_3; +static int cap_ppc_secure_guest; #ifdef CONFIG_PSERIES static int cap_papr; @@ -150,6 +151,7 @@ int kvm_arch_init(MachineState *ms, KVMState *s) cap_resize_hpt = kvm_vm_check_extension(s, KVM_CAP_SPAPR_RESIZE_HPT); kvmppc_get_cpu_characteristics(s); cap_ppc_nested_kvm_hv = kvm_vm_check_extension(s, KVM_CAP_PPC_NESTED_HV); + cap_ppc_secure_guest = kvm_vm_check_extension(s, KVM_CAP_PPC_SECURE_GUEST); cap_large_decr = kvmppc_get_dec_bits(); cap_fwnmi = kvm_vm_check_extension(s, KVM_CAP_PPC_FWNMI); /* @@ -2597,6 +2599,16 @@ bool kvmppc_supports_ail_3(void) return cap_ail_mode_3; } +bool kvmppc_has_cap_secure_guest(void) +{ + return !!cap_ppc_secure_guest; +} + +int kvmppc_enable_cap_secure_guest(void) +{ + return kvm_vm_enable_cap(kvm_state, KVM_CAP_PPC_SECURE_GUEST, 0, 1); +} + PowerPCCPUClass *kvm_ppc_get_host_cpu_class(void) { uint32_t host_pvr = mfpvr(); @@ -3012,3 +3024,18 @@ static void kvm_cpu_accel_register_types(void) type_register_static(&kvm_cpu_accel_type_info); } type_init(kvm_cpu_accel_register_types); + +void kvmppc_svm_allow(Error **errp) +{ + if (!kvm_enabled()) { + error_setg(errp, "No PEF support in tcg, try x-svm-allowed=off"); + return; + } + + if (!kvmppc_has_cap_secure_guest()) { + error_setg(errp, "KVM implementation does not support secure guests, " + "try x-svm-allowed=off"); + } else if (kvmppc_enable_cap_secure_guest() < 0) { + error_setg(errp, "Error enabling x-svm-allowed, try x-svm-allowed=off"); + } +} diff --git a/target/ppc/kvm_ppc.h b/target/ppc/kvm_ppc.h index 1975fb5ee6..d1017f98be 100644 --- a/target/ppc/kvm_ppc.h +++ b/target/ppc/kvm_ppc.h @@ -46,6 +46,7 @@ int kvmppc_booke_watchdog_enable(PowerPCCPU *cpu); target_ulong kvmppc_configure_v3_mmu(PowerPCCPU *cpu, bool radix, bool gtse, uint64_t proc_tbl); +void kvmppc_svm_allow(Error **errp); bool kvmppc_spapr_use_multitce(void); int kvmppc_spapr_enable_inkernel_multitce(void); void *kvmppc_create_spapr_tce(uint32_t liobn, uint32_t page_shift, @@ -79,6 +80,8 @@ int kvmppc_enable_cap_large_decr(PowerPCCPU *cpu, int enable); int kvmppc_has_cap_rpt_invalidate(void); bool kvmppc_supports_ail_3(void); int kvmppc_enable_hwrng(void); +bool kvmppc_has_cap_secure_guest(void); +int kvmppc_enable_cap_secure_guest(void); int kvmppc_put_books_sregs(PowerPCCPU *cpu); PowerPCCPUClass *kvm_ppc_get_host_cpu_class(void); void kvmppc_check_papr_resize_hpt(Error **errp); @@ -427,6 +430,16 @@ static inline bool kvmppc_supports_ail_3(void) return false; } +static inline bool kvmppc_has_cap_secure_guest(void) +{ + return false; +} + +static inline int kvmppc_enable_cap_secure_guest(void) +{ + return -1; +} + static inline int kvmppc_enable_hwrng(void) { return -1; -- 2.39.3