From: Harald Freudenberger <freude@linux.ibm.com>
To: Finn Callies <fcallies@linux.ibm.com>
Cc: richard.henderson@linaro.org, iii@linux.ibm.com,
david@kernel.org, thuth@redhat.com, berrange@redhat.com,
qemu-s390x@nongnu.org, qemu-devel@nongnu.org,
linux390-list@tuxmaker.boeblingen.de.ibm.com,
linux-s390@vger.kernel.org, dengler@linux.ibm.com,
borntraeger@linux.ibm.com, cohuck@redhat.com
Subject: Re: [PATCH v7 00/17] target/s390x: Extend qemu CPACF support
Date: Tue, 23 Jun 2026 16:53:03 +0200 [thread overview]
Message-ID: <c4079273418b98ac92e7e3e3d4cb4c57@linux.ibm.com> (raw)
In-Reply-To: <6655e1cb-4259-49fa-ab83-06a0544f4632@linux.ibm.com>
On 2026-06-18 07:37, Finn Callies wrote:
> On 17.06.26 11:48, Harald Freudenberger wrote:
>> This patch series extends the s390 qemu CPACF support to be able to
>> run a subset of the CPACF instruction cross platform. There have been
>> requests on the kernel crypto mailing list about a way to test
>> s390 specific crypto implementations. For example a way to test
>> s390 CPACF exploitation code like the s390_aes.ko kernel module.
>>
>> So here now is a set of patches verified on x86 and s390 which
>> over (slow but working) support for a subset of the subfunctions of
>> some of the CPACF instructions.
>>
>> Test: As this series is more or less complete, a full blown linux
>> can be run and the 'usual' in-kernel crpyto modules will be
>> automatically loaded which run a bunch of test cases. So there
>> is now support for these kernel modules:
>> * sha256_s390x (autoloaded, sha256)
>> * sha512_s390x (autoloaded, sha512)
>> * aes_s390x (autoloaded, clear key aes ecb, cbc, ctr, xts)
>> * pkey_pckmo (autoloaded, derive AES protected key from clear key)
>> * paes_s390x (not autoloaded, protected key aes ecb, cbc, ctr, xts)
>> All these modules run selftests if configured by the kernel (which is
>> enabled by default). Failures are reported via syslog. Additionally
>> the aes testcases from libica can be run either inside such an qemu
>> environment or with a static build executed with the qemu tcg
>> application qemu-s390x --cpu max <static-build-libica-test>.
>>
>> Changelog:
>> v1: Initial version with
>> - Related code restructured
>> - Support KIMD SHA512 and thus SHA256
>> - Support KMC AES-128, AES-192 and AES-256 and thus have basic
>> AES
>> support (ECB mode) enabled.
>> - Support PCC Compute-XTS-Parameter-AES-128 and
>> Compute-XTS-Parameter-AES-256 but only for block sequence
>> number
>> 0. This is a requirement for the next step:
>> - Support KM XTS-AES-128 and KM XTS-AES-256. Together with the
>> minimal PCC support this enables AES-XTS CPACF acceleration.
>> v2: - Basic PCKMO support to be able to 'derive' an AES protected key
>> from clear key. See header details.
>> - Support protected key AES-ECB.
>> - Support protected key AES-CBC.
>> - Minimal protected key AES-XTS support for CPACF PCC.
>> - Support protected key AES-XTS.
>> - Support AES-CTR.
>> - Support protected key AES-CTR.
>> v3: - Reordered patches as suggested by Finn.
>> - One small bug fix in CPACF_aes.c related to address
>> translation.
>> v4: - Rename of the parameters based on feedback from Janosch to
>> make clear these are registers or ptrs to registers.
>> Added Tested by from Holger. Fixed typo "face" -> "fake".
>> v5: - Add documentation file docs/system/s390x/cpacf.rst which
>> describes the state of the CPACF instructions and which
>> functions are covered when this series is applied.
>> First version sent to public mailing list qemu-s390x.
>> v6: - Rebase/rework to build on current qemu head.
>> - Add docs/system/s390x/cpacf.rst to target-s390x.rst
>> - New file crypto/aes-helpers.c with some simple
>> functions to support AES modes CBC, CTR and XTS.
>> - Slight rewrite of the s390x CPACF implementations to
>> use these generic AES mode implementations.
>> v7: - Update on docs/system/s390x/cpacf.rst to mention
>> the zArchicteture Principles of Operation document
>> which describes all these CPAC instructions.
>>
>> Harald Freudenberger (17):
>> target/s390x: Rework s390 cpacf implementations
>> target/s390x: Move cpacf sha512 code into a new file
>> target/s390x: Support cpacf sha256
>> target/s390x: Support AES ECB for cpacf km instruction
>> target/s390x: Support AES CBC for cpacf kmc instruction
>> target/s390x: Support AES CTR for cpacf kmctr instruction
>> target/s390x: Minimal AES XTS support for cpacf pcc instruction
>> target/s390x: Support AES XTS for cpacf km instruction
>> target/s390x: Support pckmo encrypt AES subfunctions
>> target/s390x: Support protected key AES ECB for cpacf km
>> instruction
>> target/s390x: Support protected key AES CBC for cpacf kmc
>> instruction
>> target/s390x: Support protected key AES CTR for cpacf kmctr
>> instruction
>> target/s390x: Minimal protected key AES XTS support for cpacf pcc
>> instruction
>> target/s390x: Support protected key AES XTS for cpacf km
>> instruction
>> docs/s390: Document CPACF instructions support
>> crypto: Add aes-helpers file to support some AES modes
>> target/s390x: Use generic AES helper functions
>>
>> crypto/aes-helpers.c | 101 ++++
>> crypto/meson.build | 1 +
>> docs/system/s390x/cpacf.rst | 116 ++++
>> docs/system/target-s390x.rst | 1 +
>> include/crypto/aes.h | 14 +
>> target/s390x/gen-features.c | 31 +
>> target/s390x/tcg/cpacf.h | 63 ++
>> target/s390x/tcg/cpacf_aes.c | 955
>> +++++++++++++++++++++++++++++++
>> target/s390x/tcg/cpacf_sha256.c | 232 ++++++++
>> target/s390x/tcg/cpacf_sha512.c | 245 ++++++++
>
> Since you implemented all aes related stuff into cpacf_aes.c maybe
> think about putting all sha related stuff into cpacf_sha.c instead of
> singular files. Or go the singular way with the aes stuff as well.
>
Well, you are right. But ... the sha512 implementation is from Jason
Donenfeld
and has a extra Copyright. I tried to keep this implementation as close
as possible
to the original version. So no mixing of any weired copyrights.
And I think the AES implementations belong together, similar for example
when ECC
implementations come up (:-O) or some hmacs or so.
>> target/s390x/tcg/crypto_helper.c | 423 +++++++-------
>> target/s390x/tcg/insn-data.h.inc | 1 +
>> target/s390x/tcg/meson.build | 3 +
>> target/s390x/tcg/translate.c | 2 +
>> 14 files changed, 1972 insertions(+), 216 deletions(-)
>> create mode 100644 crypto/aes-helpers.c
>> create mode 100644 docs/system/s390x/cpacf.rst
>> create mode 100644 target/s390x/tcg/cpacf.h
>> create mode 100644 target/s390x/tcg/cpacf_aes.c
>> create mode 100644 target/s390x/tcg/cpacf_sha256.c
>> create mode 100644 target/s390x/tcg/cpacf_sha512.c
>>
>>
>> base-commit: e89049b3ba5f1f0468bc0d294173345597514a1b
>> --
>> 2.43.0
>>
prev parent reply other threads:[~2026-06-23 14:53 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-17 9:48 [PATCH v7 00/17] target/s390x: Extend qemu CPACF support Harald Freudenberger
2026-06-17 9:48 ` [PATCH v7 01/17] target/s390x: Rework s390 cpacf implementations Harald Freudenberger
2026-06-17 9:48 ` [PATCH v7 02/17] target/s390x: Move cpacf sha512 code into a new file Harald Freudenberger
2026-06-18 4:54 ` Finn Callies
2026-06-17 9:48 ` [PATCH v7 03/17] target/s390x: Support cpacf sha256 Harald Freudenberger
2026-06-18 5:18 ` Finn Callies
2026-06-17 9:48 ` [PATCH v7 04/17] target/s390x: Support AES ECB for cpacf km instruction Harald Freudenberger
2026-06-18 5:22 ` Finn Callies
2026-06-17 9:48 ` [PATCH v7 05/17] target/s390x: Support AES CBC for cpacf kmc instruction Harald Freudenberger
2026-06-18 5:27 ` Finn Callies
2026-06-17 9:48 ` [PATCH v7 06/17] target/s390x: Support AES CTR for cpacf kmctr instruction Harald Freudenberger
2026-06-18 5:31 ` Finn Callies
2026-06-17 9:48 ` [PATCH v7 07/17] target/s390x: Minimal AES XTS support for cpacf pcc instruction Harald Freudenberger
2026-06-18 5:35 ` Finn Callies
2026-06-17 9:48 ` [PATCH v7 08/17] target/s390x: Support AES XTS for cpacf km instruction Harald Freudenberger
2026-06-18 5:45 ` Finn Callies
2026-06-22 14:25 ` Harald Freudenberger
2026-06-17 9:48 ` [PATCH v7 09/17] target/s390x: Support pckmo encrypt AES subfunctions Harald Freudenberger
2026-06-18 5:50 ` Finn Callies
2026-06-22 14:34 ` Harald Freudenberger
2026-06-17 9:48 ` [PATCH v7 10/17] target/s390x: Support protected key AES ECB for cpacf km instruction Harald Freudenberger
2026-06-18 5:57 ` Finn Callies
2026-06-22 15:05 ` Harald Freudenberger
2026-06-22 15:41 ` Hendrik Brueckner
2026-06-18 6:05 ` Finn Callies
2026-06-23 12:02 ` Harald Freudenberger
2026-06-17 9:48 ` [PATCH v7 11/17] target/s390x: Support protected key AES CBC for cpacf kmc instruction Harald Freudenberger
2026-06-18 6:08 ` Finn Callies
2026-06-23 12:24 ` Harald Freudenberger
2026-06-17 9:48 ` [PATCH v7 12/17] target/s390x: Support protected key AES CTR for cpacf kmctr instruction Harald Freudenberger
2026-06-18 6:10 ` Finn Callies
2026-06-23 12:32 ` Harald Freudenberger
2026-06-17 9:48 ` [PATCH v7 13/17] target/s390x: Minimal protected key AES XTS support for cpacf pcc instruction Harald Freudenberger
2026-06-18 6:18 ` Finn Callies
2026-06-23 12:34 ` Harald Freudenberger
2026-06-18 6:21 ` Finn Callies
2026-06-17 9:48 ` [PATCH v7 14/17] target/s390x: Support protected key AES XTS for cpacf km instruction Harald Freudenberger
2026-06-18 6:22 ` Finn Callies
2026-06-23 12:36 ` Harald Freudenberger
2026-06-17 9:48 ` [PATCH v7 15/17] docs/s390: Document CPACF instructions support Harald Freudenberger
2026-06-18 6:28 ` Finn Callies
2026-06-23 13:20 ` Harald Freudenberger
2026-06-17 9:48 ` [PATCH v7 16/17] crypto: Add aes-helpers file to support some AES modes Harald Freudenberger
2026-06-18 6:31 ` Finn Callies
2026-06-23 13:24 ` Harald Freudenberger
2026-06-17 9:48 ` [PATCH v7 17/17] target/s390x: Use generic AES helper functions Harald Freudenberger
2026-06-18 6:35 ` Finn Callies
2026-06-18 5:37 ` [PATCH v7 00/17] target/s390x: Extend qemu CPACF support Finn Callies
2026-06-23 14:53 ` Harald Freudenberger [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c4079273418b98ac92e7e3e3d4cb4c57@linux.ibm.com \
--to=freude@linux.ibm.com \
--cc=berrange@redhat.com \
--cc=borntraeger@linux.ibm.com \
--cc=cohuck@redhat.com \
--cc=david@kernel.org \
--cc=dengler@linux.ibm.com \
--cc=fcallies@linux.ibm.com \
--cc=iii@linux.ibm.com \
--cc=linux-s390@vger.kernel.org \
--cc=linux390-list@tuxmaker.boeblingen.de.ibm.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-s390x@nongnu.org \
--cc=richard.henderson@linaro.org \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.