Received: by 10.213.65.68 with SMTP id h4csp1654761imn; Thu, 15 Mar 2018 06:04:32 -0700 (PDT) X-Google-Smtp-Source: AG47ELu1fdg5d8AhWdZBaQKw9UFkqB5HPHIRynzTMpN41XX/WBO2YbWEYncIMcLEn0kolRleZ9PH X-Received: by 10.98.13.211 with SMTP id 80mr7723717pfn.69.1521119072399; Thu, 15 Mar 2018 06:04:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1521119072; cv=none; d=google.com; s=arc-20160816; b=GJiP59xP2JOvcmL8iB9wtyaRGH65i8KoF5AbDZYuof8/vNPrkRC81HtLG5ZMxGW81l h0Chwe8ljgl6YU2+G5+SHS7Z51crlbIWpKcW1sH7wB98RyBpGr8g6XBBQyBAfD50M1EJ gQSZo9hr0Wtxjmmjgvn1uj26DiVYh4JAnXqOsxS3Whiq979x2QV76ARbwm1lWdiCt6k4 8HfsmdxQt2mJEv9Na7hV9QdOQ32srx4UW1pKfygo6PuzqiaON+OayrpsYjR7k+fO6LPn Xl4yfs62/voAqwQh/FyyHSUNJEQM1TSHm6mstfVIovKiRbP3p8XoINKp+4bab14NDpFh CiGw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :from:references:cc:to:subject:arc-authentication-results; bh=otU25fk9SHsNckYJEacmTSltUbp3X1Jg3z97hcNdbtA=; b=Ks2jIJ5ug7Z4+ovmWYabdjfDgyHJh6k/oHUUfqVEmU5dRBf9ir3rKxhErqPLyJGx0q pJy3wDMm6d/3ufxDKYrUcDNfjZlhs+xraP6EKqQ8wot5CZhkNWOmFMkCXrLSmHo9UapB +WTEKT1kQf3/T8R9dul1xtTtP9LnrMbbsIv1w+YHNKKGKnBM+l6BJ49MeDMU7eRKNw7N JJ8cfLnGtr8WobC87AxS1qJjz5rX5zmA4GiClWL8sdihxUp6eJhbr98uhNgm73TKA8yT +9SnUwAucfZHJInDcda2GYCtC9E3ODFGa+jvyuIUbdaOSKvG36s2+RKkhAJeFcVOxNgd bfJg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w5si3399747pgv.514.2018.03.15.06.03.55; Thu, 15 Mar 2018 06:04:32 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752295AbeCONAi (ORCPT + 99 others); Thu, 15 Mar 2018 09:00:38 -0400 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:38666 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751921AbeCONAg (ORCPT ); Thu, 15 Mar 2018 09:00:36 -0400 Received: from pps.filterd (m0098416.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w2FCxDwc137956 for ; Thu, 15 Mar 2018 09:00:36 -0400 Received: from e06smtp15.uk.ibm.com (e06smtp15.uk.ibm.com [195.75.94.111]) by mx0b-001b2d01.pphosted.com with ESMTP id 2gqrexubwa-1 (version=TLSv1.2 cipher=AES256-SHA256 bits=256 verify=NOT) for ; Thu, 15 Mar 2018 09:00:35 -0400 Received: from localhost by e06smtp15.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 15 Mar 2018 13:00:32 -0000 Received: from b06cxnps3075.portsmouth.uk.ibm.com (9.149.109.195) by e06smtp15.uk.ibm.com (192.168.101.145) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 15 Mar 2018 13:00:28 -0000 Received: from d06av24.portsmouth.uk.ibm.com (mk.ibm.com [9.149.105.60]) by b06cxnps3075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id w2FD0RbP58982464; Thu, 15 Mar 2018 13:00:27 GMT Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 77DD94204B; Thu, 15 Mar 2018 12:52:41 +0000 (GMT) Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 8DEA84203F; Thu, 15 Mar 2018 12:52:40 +0000 (GMT) Received: from [9.152.224.146] (unknown [9.152.224.146]) by d06av24.portsmouth.uk.ibm.com (Postfix) with ESMTP; Thu, 15 Mar 2018 12:52:40 +0000 (GMT) Subject: Re: [PATCH v3 04/14] KVM: s390: device attribute to set AP interpretive execution To: Halil Pasic , Tony Krowiak , linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: freude@de.ibm.com, schwidefsky@de.ibm.com, heiko.carstens@de.ibm.com, borntraeger@de.ibm.com, cohuck@redhat.com, kwankhede@nvidia.com, bjsdjshi@linux.vnet.ibm.com, pbonzini@redhat.com, alex.williamson@redhat.com, alifm@linux.vnet.ibm.com, mjrosato@linux.vnet.ibm.com, jjherne@linux.vnet.ibm.com, thuth@redhat.com, berrange@redhat.com, fiuczy@linux.vnet.ibm.com, buendgen@de.ibm.com References: <1521051954-25715-1-git-send-email-akrowiak@linux.vnet.ibm.com> <1521051954-25715-5-git-send-email-akrowiak@linux.vnet.ibm.com> From: Pierre Morel Date: Thu, 15 Mar 2018 14:00:26 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-TM-AS-GCONF: 00 x-cbid: 18031513-0020-0000-0000-000004052C96 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 18031513-0021-0000-0000-000042993536 Message-Id: <21bd029b-3500-3461-ce98-68ad3ae9b647@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2018-03-15_07:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1709140000 definitions=main-1803150146 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 14/03/2018 22:57, Halil Pasic wrote: > > On 03/14/2018 07:25 PM, Tony Krowiak wrote: >> The VFIO AP device model exploits interpretive execution of AP >> instructions (APIE) to provide guests passthrough access to AP >> devices. This patch introduces a new device attribute in the >> KVM_S390_VM_CRYPTO device attribute group to set APIE from >> the VFIO AP device defined on the guest. >> >> Signed-off-by: Tony Krowiak >> --- > [..] > >> diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c >> index a60c45b..bc46b67 100644 >> --- a/arch/s390/kvm/kvm-s390.c >> +++ b/arch/s390/kvm/kvm-s390.c >> @@ -815,6 +815,19 @@ static int kvm_s390_vm_set_crypto(struct kvm *kvm, struct kvm_device_attr *attr) >> sizeof(kvm->arch.crypto.crycb->dea_wrapping_key_mask)); >> VM_EVENT(kvm, 3, "%s", "DISABLE: DEA keywrapping support"); >> break; >> + case KVM_S390_VM_CRYPTO_INTERPRET_AP: >> + if (attr->addr) { >> + if (!test_kvm_cpu_feat(kvm, KVM_S390_VM_CPU_FEAT_AP)) > Unlock mutex before returning? > > Maybe flip conditions (don't allow manipulating apie if feature not there). > Clearing the anyways clear apie if feature not there ain't too bad, but > rejecting the operation appears nicer to me. > >> + return -EOPNOTSUPP; >> + kvm->arch.crypto.apie = 1; >> + VM_EVENT(kvm, 3, "%s", >> + "ENABLE: AP interpretive execution"); >> + } else { >> + kvm->arch.crypto.apie = 0; >> + VM_EVENT(kvm, 3, "%s", >> + "DISABLE: AP interpretive execution"); >> + } >> + break; >> default: >> mutex_unlock(&kvm->lock); >> return -ENXIO; > I wonder how the loop after this switch works for KVM_S390_VM_CRYPTO_INTERPRET_AP: > > kvm_for_each_vcpu(i, vcpu, kvm) { > kvm_s390_vcpu_crypto_setup(vcpu); > exit_sie(vcpu); > } > > From not doing something like for KVM_S390_VM_CRYPTO_INTERPRET_AP > > if (kvm->created_vcpus) { > mutex_unlock(&kvm->lock); > return -EBUSY; > and from the aforementioned loop I guess ECA.28 can be changed > for a running guest. > > If there are running vcpus when KVM_S390_VM_CRYPTO_INTERPRET_AP is > changed (set) these will be taken out of SIE by exit_sie(). Then for the > corresponding threads the control probably goes to QEMU (the emulator in > the userspace). And it puts that vcpu back into the SIE, and then that > cpu starts acting according to the new ECA.28 value. While other vcpus > may still work with the old value of ECA.28. > > I'm not saying what I describe above is necessarily something broken. > But I would like to have it explained, why is it OK -- provided I did not > make any errors in my reasoning (assumptions included). > > Can you help me understand this code? > > Regards, > Halil > > [..] > I have the same concerns as Halil. We do not need to change the virtulization type (hardware/software) on the fly for the current use case. Couldn't we delay this until we have one and in between only make the vCPU hotplug clean? We only need to let the door open for the day we have such a use case. Pierre -- Pierre Morel Linux/KVM/QEMU in Böblingen - Germany