1 /* SPDX-License-Identifier: GPL-2.0 */ 2 /* 3 * access guest memory 4 * 5 * Copyright IBM Corp. 2008, 2014 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License (version 2 only) 9 * as published by the Free Software Foundation. 10 * 11 * Author(s): Carsten Otte <cotte@de.ibm.com> 12 */ 13 14 #ifndef __KVM_S390_GACCESS_H 15 #define __KVM_S390_GACCESS_H 16 17 #include <linux/compiler.h> 18 #include <linux/kvm_host.h> 19 #include <linux/uaccess.h> 20 #include <linux/ptrace.h> 21 #include "kvm-s390.h" 22 23 /** 24 * kvm_s390_real_to_abs - convert guest real address to guest absolute address 25 * @vcpu - guest virtual cpu 26 * @gra - guest real address 27 * 28 * Returns the guest absolute address that corresponds to the passed guest real 29 * address @gra of a virtual guest cpu by applying its prefix. 30 */ 31 static inline unsigned long kvm_s390_real_to_abs(struct kvm_vcpu *vcpu, 32 unsigned long gra) 33 { 34 unsigned long prefix = kvm_s390_get_prefix(vcpu); 35 36 if (gra < 2 * PAGE_SIZE) 37 gra += prefix; 38 else if (gra >= prefix && gra < prefix + 2 * PAGE_SIZE) 39 gra -= prefix; 40 return gra; 41 } 42 43 /** 44 * kvm_s390_logical_to_effective - convert guest logical to effective address 45 * @vcpu: guest virtual cpu 46 * @ga: guest logical address 47 * 48 * Convert a guest vcpu logical address to a guest vcpu effective address by 49 * applying the rules of the vcpu's addressing mode defined by PSW bits 31 50 * and 32 (extendended/basic addressing mode). 51 * 52 * Depending on the vcpu's addressing mode the upper 40 bits (24 bit addressing 53 * mode), 33 bits (31 bit addressing mode) or no bits (64 bit addressing mode) 54 * of @ga will be zeroed and the remaining bits will be returned. 55 */ 56 static inline unsigned long kvm_s390_logical_to_effective(struct kvm_vcpu *vcpu, 57 unsigned long ga) 58 { 59 psw_t *psw = &vcpu->arch.sie_block->gpsw; 60 61 if (psw_bits(*psw).eaba == PSW_BITS_AMODE_64BIT) 62 return ga; 63 if (psw_bits(*psw).eaba == PSW_BITS_AMODE_31BIT) 64 return ga & ((1UL << 31) - 1); 65 return ga & ((1UL << 24) - 1); 66 } 67 68 /* 69 * put_guest_lc, read_guest_lc and write_guest_lc are guest access functions 70 * which shall only be used to access the lowcore of a vcpu. 71 * These functions should be used for e.g. interrupt handlers where no 72 * guest memory access protection facilities, like key or low address 73 * protection, are applicable. 74 * At a later point guest vcpu lowcore access should happen via pinned 75 * prefix pages, so that these pages can be accessed directly via the 76 * kernel mapping. All of these *_lc functions can be removed then. 77 */ 78 79 /** 80 * put_guest_lc - write a simple variable to a guest vcpu's lowcore 81 * @vcpu: virtual cpu 82 * @x: value to copy to guest 83 * @gra: vcpu's destination guest real address 84 * 85 * Copies a simple value from kernel space to a guest vcpu's lowcore. 86 * The size of the variable may be 1, 2, 4 or 8 bytes. The destination 87 * must be located in the vcpu's lowcore. Otherwise the result is undefined. 88 * 89 * Returns zero on success or -EFAULT on error. 90 * 91 * Note: an error indicates that either the kernel is out of memory or 92 * the guest memory mapping is broken. In any case the best solution 93 * would be to terminate the guest. 94 * It is wrong to inject a guest exception. 95 */ 96 #define put_guest_lc(vcpu, x, gra) \ 97 ({ \ 98 struct kvm_vcpu *__vcpu = (vcpu); \ 99 __typeof__(*(gra)) __x = (x); \ 100 unsigned long __gpa; \ 101 \ 102 __gpa = (unsigned long)(gra); \ 103 __gpa += kvm_s390_get_prefix(__vcpu); \ 104 kvm_write_guest(__vcpu->kvm, __gpa, &__x, sizeof(__x)); \ 105 }) 106 107 /** 108 * write_guest_lc - copy data from kernel space to guest vcpu's lowcore 109 * @vcpu: virtual cpu 110 * @gra: vcpu's source guest real address 111 * @data: source address in kernel space 112 * @len: number of bytes to copy 113 * 114 * Copy data from kernel space to guest vcpu's lowcore. The entire range must 115 * be located within the vcpu's lowcore, otherwise the result is undefined. 116 * 117 * Returns zero on success or -EFAULT on error. 118 * 119 * Note: an error indicates that either the kernel is out of memory or 120 * the guest memory mapping is broken. In any case the best solution 121 * would be to terminate the guest. 122 * It is wrong to inject a guest exception. 123 */ 124 static inline __must_check 125 int write_guest_lc(struct kvm_vcpu *vcpu, unsigned long gra, void *data, 126 unsigned long len) 127 { 128 unsigned long gpa = gra + kvm_s390_get_prefix(vcpu); 129 130 return kvm_write_guest(vcpu->kvm, gpa, data, len); 131 } 132 133 /** 134 * read_guest_lc - copy data from guest vcpu's lowcore to kernel space 135 * @vcpu: virtual cpu 136 * @gra: vcpu's source guest real address 137 * @data: destination address in kernel space 138 * @len: number of bytes to copy 139 * 140 * Copy data from guest vcpu's lowcore to kernel space. The entire range must 141 * be located within the vcpu's lowcore, otherwise the result is undefined. 142 * 143 * Returns zero on success or -EFAULT on error. 144 * 145 * Note: an error indicates that either the kernel is out of memory or 146 * the guest memory mapping is broken. In any case the best solution 147 * would be to terminate the guest. 148 * It is wrong to inject a guest exception. 149 */ 150 static inline __must_check 151 int read_guest_lc(struct kvm_vcpu *vcpu, unsigned long gra, void *data, 152 unsigned long len) 153 { 154 unsigned long gpa = gra + kvm_s390_get_prefix(vcpu); 155 156 return kvm_read_guest(vcpu->kvm, gpa, data, len); 157 } 158 159 enum gacc_mode { 160 GACC_FETCH, 161 GACC_STORE, 162 GACC_IFETCH, 163 }; 164 165 int guest_translate_address(struct kvm_vcpu *vcpu, unsigned long gva, 166 u8 ar, unsigned long *gpa, enum gacc_mode mode); 167 int check_gva_range(struct kvm_vcpu *vcpu, unsigned long gva, u8 ar, 168 unsigned long length, enum gacc_mode mode); 169 170 int access_guest(struct kvm_vcpu *vcpu, unsigned long ga, u8 ar, void *data, 171 unsigned long len, enum gacc_mode mode); 172 173 int access_guest_real(struct kvm_vcpu *vcpu, unsigned long gra, 174 void *data, unsigned long len, enum gacc_mode mode); 175 176 /** 177 * write_guest - copy data from kernel space to guest space 178 * @vcpu: virtual cpu 179 * @ga: guest address 180 * @ar: access register 181 * @data: source address in kernel space 182 * @len: number of bytes to copy 183 * 184 * Copy @len bytes from @data (kernel space) to @ga (guest address). 185 * In order to copy data to guest space the PSW of the vcpu is inspected: 186 * If DAT is off data will be copied to guest real or absolute memory. 187 * If DAT is on data will be copied to the address space as specified by 188 * the address space bits of the PSW: 189 * Primary, secondary, home space or access register mode. 190 * The addressing mode of the PSW is also inspected, so that address wrap 191 * around is taken into account for 24-, 31- and 64-bit addressing mode, 192 * if the to be copied data crosses page boundaries in guest address space. 193 * In addition also low address and DAT protection are inspected before 194 * copying any data (key protection is currently not implemented). 195 * 196 * This function modifies the 'struct kvm_s390_pgm_info pgm' member of @vcpu. 197 * In case of an access exception (e.g. protection exception) pgm will contain 198 * all data necessary so that a subsequent call to 'kvm_s390_inject_prog_vcpu()' 199 * will inject a correct exception into the guest. 200 * If no access exception happened, the contents of pgm are undefined when 201 * this function returns. 202 * 203 * Returns: - zero on success 204 * - a negative value if e.g. the guest mapping is broken or in 205 * case of out-of-memory. In this case the contents of pgm are 206 * undefined. Also parts of @data may have been copied to guest 207 * space. 208 * - a positive value if an access exception happened. In this case 209 * the returned value is the program interruption code and the 210 * contents of pgm may be used to inject an exception into the 211 * guest. No data has been copied to guest space. 212 * 213 * Note: in case an access exception is recognized no data has been copied to 214 * guest space (this is also true, if the to be copied data would cross 215 * one or more page boundaries in guest space). 216 * Therefore this function may be used for nullifying and suppressing 217 * instruction emulation. 218 * It may also be used for terminating instructions, if it is undefined 219 * if data has been changed in guest space in case of an exception. 220 */ 221 static inline __must_check 222 int write_guest(struct kvm_vcpu *vcpu, unsigned long ga, u8 ar, void *data, 223 unsigned long len) 224 { 225 return access_guest(vcpu, ga, ar, data, len, GACC_STORE); 226 } 227 228 /** 229 * read_guest - copy data from guest space to kernel space 230 * @vcpu: virtual cpu 231 * @ga: guest address 232 * @ar: access register 233 * @data: destination address in kernel space 234 * @len: number of bytes to copy 235 * 236 * Copy @len bytes from @ga (guest address) to @data (kernel space). 237 * 238 * The behaviour of read_guest is identical to write_guest, except that 239 * data will be copied from guest space to kernel space. 240 */ 241 static inline __must_check 242 int read_guest(struct kvm_vcpu *vcpu, unsigned long ga, u8 ar, void *data, 243 unsigned long len) 244 { 245 return access_guest(vcpu, ga, ar, data, len, GACC_FETCH); 246 } 247 248 /** 249 * read_guest_instr - copy instruction data from guest space to kernel space 250 * @vcpu: virtual cpu 251 * @ga: guest address 252 * @data: destination address in kernel space 253 * @len: number of bytes to copy 254 * 255 * Copy @len bytes from the given address (guest space) to @data (kernel 256 * space). 257 * 258 * The behaviour of read_guest_instr is identical to read_guest, except that 259 * instruction data will be read from primary space when in home-space or 260 * address-space mode. 261 */ 262 static inline __must_check 263 int read_guest_instr(struct kvm_vcpu *vcpu, unsigned long ga, void *data, 264 unsigned long len) 265 { 266 return access_guest(vcpu, ga, 0, data, len, GACC_IFETCH); 267 } 268 269 /** 270 * write_guest_abs - copy data from kernel space to guest space absolute 271 * @vcpu: virtual cpu 272 * @gpa: guest physical (absolute) address 273 * @data: source address in kernel space 274 * @len: number of bytes to copy 275 * 276 * Copy @len bytes from @data (kernel space) to @gpa (guest absolute address). 277 * It is up to the caller to ensure that the entire guest memory range is 278 * valid memory before calling this function. 279 * Guest low address and key protection are not checked. 280 * 281 * Returns zero on success or -EFAULT on error. 282 * 283 * If an error occurs data may have been copied partially to guest memory. 284 */ 285 static inline __must_check 286 int write_guest_abs(struct kvm_vcpu *vcpu, unsigned long gpa, void *data, 287 unsigned long len) 288 { 289 return kvm_write_guest(vcpu->kvm, gpa, data, len); 290 } 291 292 /** 293 * read_guest_abs - copy data from guest space absolute to kernel space 294 * @vcpu: virtual cpu 295 * @gpa: guest physical (absolute) address 296 * @data: destination address in kernel space 297 * @len: number of bytes to copy 298 * 299 * Copy @len bytes from @gpa (guest absolute address) to @data (kernel space). 300 * It is up to the caller to ensure that the entire guest memory range is 301 * valid memory before calling this function. 302 * Guest key protection is not checked. 303 * 304 * Returns zero on success or -EFAULT on error. 305 * 306 * If an error occurs data may have been copied partially to kernel space. 307 */ 308 static inline __must_check 309 int read_guest_abs(struct kvm_vcpu *vcpu, unsigned long gpa, void *data, 310 unsigned long len) 311 { 312 return kvm_read_guest(vcpu->kvm, gpa, data, len); 313 } 314 315 /** 316 * write_guest_real - copy data from kernel space to guest space real 317 * @vcpu: virtual cpu 318 * @gra: guest real address 319 * @data: source address in kernel space 320 * @len: number of bytes to copy 321 * 322 * Copy @len bytes from @data (kernel space) to @gra (guest real address). 323 * It is up to the caller to ensure that the entire guest memory range is 324 * valid memory before calling this function. 325 * Guest low address and key protection are not checked. 326 * 327 * Returns zero on success or -EFAULT on error. 328 * 329 * If an error occurs data may have been copied partially to guest memory. 330 */ 331 static inline __must_check 332 int write_guest_real(struct kvm_vcpu *vcpu, unsigned long gra, void *data, 333 unsigned long len) 334 { 335 return access_guest_real(vcpu, gra, data, len, 1); 336 } 337 338 /** 339 * read_guest_real - copy data from guest space real to kernel space 340 * @vcpu: virtual cpu 341 * @gra: guest real address 342 * @data: destination address in kernel space 343 * @len: number of bytes to copy 344 * 345 * Copy @len bytes from @gra (guest real address) to @data (kernel space). 346 * It is up to the caller to ensure that the entire guest memory range is 347 * valid memory before calling this function. 348 * Guest key protection is not checked. 349 * 350 * Returns zero on success or -EFAULT on error. 351 * 352 * If an error occurs data may have been copied partially to kernel space. 353 */ 354 static inline __must_check 355 int read_guest_real(struct kvm_vcpu *vcpu, unsigned long gra, void *data, 356 unsigned long len) 357 { 358 return access_guest_real(vcpu, gra, data, len, 0); 359 } 360 361 void ipte_lock(struct kvm_vcpu *vcpu); 362 void ipte_unlock(struct kvm_vcpu *vcpu); 363 int ipte_lock_held(struct kvm_vcpu *vcpu); 364 int kvm_s390_check_low_addr_prot_real(struct kvm_vcpu *vcpu, unsigned long gra); 365 366 int kvm_s390_shadow_fault(struct kvm_vcpu *vcpu, struct gmap *shadow, 367 unsigned long saddr); 368 369 #endif /* __KVM_S390_GACCESS_H */ 370