Re: [PATCH v7 11/17] target/s390x: Support protected key AES CBC for cpacf kmc instruction

Thu, 18 Jun 2026 05:52:22 -0700 



On 17.06.26 11:48, Harald Freudenberger wrote:

Support the subfunctions CPACF_KMC_PAES_128, CPACF_KMC_PAES_192
and CPACF_KMC_PAES_256 for the cpacf kmc instruction.

Signed-off-by: Harald Freudenberger <[email protected]>
Tested-by: Holger Dengler <[email protected]>


With the suggested changes:

Reviewed-by: Finn Callies <[email protected]>


---
  target/s390x/gen-features.c      |   3 +
  target/s390x/tcg/cpacf.h         |   4 ++
  target/s390x/tcg/cpacf_aes.c     | 109 +++++++++++++++++++++++++++++++
  target/s390x/tcg/crypto_helper.c |   7 ++
  4 files changed, 123 insertions(+)

diff --git a/target/s390x/gen-features.c b/target/s390x/gen-features.c
index 71e0e41d6e..074c53aecd 100644
--- a/target/s390x/gen-features.c
+++ b/target/s390x/gen-features.c
@@ -932,6 +932,9 @@ static uint16_t qemu_MAX[] = {
      S390_FEAT_KMC_AES_128,
      S390_FEAT_KMC_AES_192,
      S390_FEAT_KMC_AES_256,
+    S390_FEAT_KMC_EAES_128,
+    S390_FEAT_KMC_EAES_192,
+    S390_FEAT_KMC_EAES_256,


Again, either EAES -> PAES or EAES -> ENCRYPTED_AES


      S390_FEAT_KMCTR_AES_128,
      S390_FEAT_KMCTR_AES_192,
      S390_FEAT_KMCTR_AES_256,


[ snip ]


diff --git a/target/s390x/tcg/cpacf_aes.c b/target/s390x/tcg/cpacf_aes.c
index bcfcf3b660..a6487261e1 100644
--- a/target/s390x/tcg/cpacf_aes.c
+++ b/target/s390x/tcg/cpacf_aes.c
@@ -620,3 +620,112 @@ int cpacf_paes_ecb(CPUS390XState *env, const int mmu_idx, 
uintptr_t ra,

  
      return !len ? 0 : 3;

  }
+
+int cpacf_paes_cbc(CPUS390XState *env, const int mmu_idx, uintptr_t ra,
+                   uint64_t param_addr, uint64_t *dst_ptr_reg,
+                   uint64_t *src_ptr_reg, uint64_t *src_len_reg,
+                   uint32_t type, uint8_t fc, uint8_t mod)
+{


[ snip ]


+    /* fetch protected key from param block */
+    for (i = 0; i < keysize; i++) {
+        addr = wrap_address(env, param_addr + AES_BLOCK_SIZE + i);
+        key[i] = cpu_ldb_mmu(env, addr, oi, ra);
+    }
+    /* 'decrypt' the protected key */
+    for (i = 0; i < keysize; i++) {
+        key[i] ^= protkey_xor_pattern[i];
+    }


You would already benefit from the suggested outsourcing.


+
+    /* expand key */
+    if (mod) {
+        AES_set_decrypt_key(key, keysize * 8, &exkey);
+    } else {
+        AES_set_encrypt_key(key, keysize * 8, &exkey);
+    }


[ snip ]
























					Reply via email to