Received: by 10.213.65.68 with SMTP id h4csp547642imn;
        Tue, 27 Mar 2018 04:32:16 -0700 (PDT)
X-Google-Smtp-Source: AG47ELtAd81RbQY+9ry1r29mRy/qZuia1+MwZhouOxC7bEkP51yJqwFNGMWj1zDUIi8h3rurwV2y
X-Received: by 10.101.67.198 with SMTP id n6mr31224413pgp.150.1522150336243;
        Tue, 27 Mar 2018 04:32:16 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1522150336; cv=none;
        d=google.com; s=arc-20160816;
        b=OJSJyx2IWCloU2vmrnHbJWLvKd6jkYVD61e+1+pZh+oLcVJaTAeST68UglfWWhVAIG
         GmjI5oWxqIQXaqV7AAcHhiGFxGu2SqIGiQUDuV5J5yC9QxFQ4xXcM8mUGN46SadByx1/
         26DJ20EC6qpzg77gDRK/zR5sSupIdTZFBevsoLwDAUBRGC5RISFtJ/Fee8dxzVeeB5JZ
         G9k1QSyasMi7lWZuVpSImnwRQV3z/CFIeH86ksVqL7v+WOgsVXWEN9JZUKZA0GbG7q4u
         l0AUbbMR9pLG13wczMnS+RWLveaR7hARe5wPQR5sZxKg8zuSxSLzRPvn3EpdRV4M1ur0
         YRBQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :organization:references:in-reply-to:message-id:subject:cc:to:from
         :date:arc-authentication-results;
        bh=mXBFFGVEQwsJtdNhVIOeAY1txutpKyU8GGn/+yooK18=;
        b=JCuJW1KfYbE7ykyGFpeFcbQhshwL5Q588kj5FwbyrSUYc1mU9cWSGaOwgCBkW0q1sB
         H5WUdcdsq+aXrwslsHSdANVLYPl3tIobwwwt2/dhoxFXmyzNzBMeZfFSu1zTIYpdedxC
         c1vihW/LisQwTbTLkC1Wc0HPqdftSebDTwXpHsKzIsJ43Kn1Myg+JN+F7AmoWYqLEwnN
         gwXjTKzncYYEfSQ1m7EQSpLS75+eXjka8sTKa6nJQrCajlV9n/pj4Ctgt+XiUtY0WSsI
         nPL0wjM6Kw5sGyuNH+gXe4uzMQVy+UffpQVgJKFVYkiFpcnHSqokH6om3ftLsQrMFyB4
         Qcww==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id o3si734499pgv.773.2018.03.27.04.32.01;
        Tue, 27 Mar 2018 04:32:16 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752146AbeC0Lao (ORCPT <rfc822;saikripd@gmail.com> + 99 others);
        Tue, 27 Mar 2018 07:30:44 -0400
Received: from mx3-rdu2.redhat.com ([66.187.233.73]:47258 "EHLO mx1.redhat.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1751120AbeC0Lam (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 27 Mar 2018 07:30:42 -0400
Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mx1.redhat.com (Postfix) with ESMTPS id EDC264000B6E;
        Tue, 27 Mar 2018 11:30:41 +0000 (UTC)
Received: from gondolin (dhcp-192-222.str.redhat.com [10.33.192.222])
        by smtp.corp.redhat.com (Postfix) with ESMTP id E613810AF9E7;
        Tue, 27 Mar 2018 11:30:36 +0000 (UTC)
Date:   Tue, 27 Mar 2018 13:30:34 +0200
From:   Cornelia Huck <cohuck@redhat.com>
To:     Pierre Morel <pmorel@linux.vnet.ibm.com>
Cc:     Tony Krowiak <akrowiak@linux.vnet.ibm.com>,
        linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org,
        kvm@vger.kernel.org, freude@de.ibm.com, schwidefsky@de.ibm.com,
        heiko.carstens@de.ibm.com, borntraeger@de.ibm.com,
        kwankhede@nvidia.com, bjsdjshi@linux.vnet.ibm.com,
        pbonzini@redhat.com, alex.williamson@redhat.com,
        alifm@linux.vnet.ibm.com, mjrosato@linux.vnet.ibm.com,
        jjherne@linux.vnet.ibm.com, thuth@redhat.com,
        pasic@linux.vnet.ibm.com, berrange@redhat.com,
        fiuczy@linux.vnet.ibm.com, buendgen@de.ibm.com
Subject: Re: [PATCH v3 03/14] KVM: s390: CPU model support for AP
 virtualization
Message-ID: <20180327133034.1562ad88.cohuck@redhat.com>
In-Reply-To: <327f20bc-741d-ac0a-8e3f-929e8ad73159@linux.vnet.ibm.com>
References: <1521051954-25715-1-git-send-email-akrowiak@linux.vnet.ibm.com>
        <1521051954-25715-4-git-send-email-akrowiak@linux.vnet.ibm.com>
        <20180327125911.5c7ecf34.cohuck@redhat.com>
        <327f20bc-741d-ac0a-8e3f-929e8ad73159@linux.vnet.ibm.com>
Organization: Red Hat GmbH
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.7]); Tue, 27 Mar 2018 11:30:42 +0000 (UTC)
X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.7]); Tue, 27 Mar 2018 11:30:42 +0000 (UTC) for IP:'10.11.54.3' DOMAIN:'int-mx03.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'cohuck@redhat.com' RCPT:''
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, 27 Mar 2018 13:22:56 +0200
Pierre Morel <pmorel@linux.vnet.ibm.com> wrote:

> On 27/03/2018 12:59, Cornelia Huck wrote:
> > On Wed, 14 Mar 2018 14:25:43 -0400
> > Tony Krowiak <akrowiak@linux.vnet.ibm.com> wrote:
> >  
> >> Introduces a new CPU model feature and two CPU model
> >> facilities to support AP virtualization for KVM guests.
> >>
> >> CPU model feature:
> >>
> >> The KVM_S390_VM_CPU_FEAT_AP feature indicates that
> >> AP instructions are available on the guest. This
> >> feature will be enabled by the kernel only if the AP
> >> instructions are installed on the linux host. This feature
> >> must be specifically turned on for the KVM guest from
> >> userspace to use the VFIO AP device driver for guest
> >> access to AP devices.
> >>
> >> CPU model facilities:
> >>
> >> 1. AP Query Configuration Information (QCI) facility is installed.
> >>
> >>     This is indicated by setting facilities bit 12 for
> >>     the guest. The kernel will not enable this facility
> >>     for the guest if it is not set on the host. This facility
> >>     must not be set by userspace if the KVM_S390_VM_CPU_FEAT_AP
> >>     feature is not installed.
> >>
> >> 2. AP Facilities Test facility (APFT) is installed.
> >>
> >>     This is indicated by setting facilities bit 15 for
> >>     the guest. The kernel will not enable this facility for
> >>     the guest if it is not set on the host. This facility
> >>     must not be set by userspace if the KVM_S390_VM_CPU_FEAT_AP
> >>     feature is not installed.
> >>
> >> Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
> >> Reviewed-by: Halil Pasic <pasic@linux.vnet.ibm.com>
> >> Signed-off-by: Tony Krowiak <akrowiak@linux.vnet.ibm.com>
> >> ---
> >>   arch/s390/include/asm/kvm_host.h |    1 +
> >>   arch/s390/include/uapi/asm/kvm.h |    1 +
> >>   arch/s390/kvm/kvm-s390.c         |    4 ++++
> >>   arch/s390/tools/gen_facilities.c |    2 ++
> >>   4 files changed, 8 insertions(+), 0 deletions(-)
> >>
> >> diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c
> >> index c47731d..a60c45b 100644
> >> --- a/arch/s390/kvm/kvm-s390.c
> >> +++ b/arch/s390/kvm/kvm-s390.c
> >> @@ -350,6 +350,10 @@ static void kvm_s390_cpu_feat_init(void)
> >>   
> >>   	if (MACHINE_HAS_ESOP)
> >>   		allow_cpu_feat(KVM_S390_VM_CPU_FEAT_ESOP);
> >> +
> >> +	if (ap_instructions_installed()) /* AP instructions installed on host */
> >> +		allow_cpu_feat(KVM_S390_VM_CPU_FEAT_AP);  
> > That's another dependency of the base kvm-s390 module on zcrypt, which
> > I don't like at all.  
> 
> In fact there is a tricky thing about zcrypt it is that even it is 
> configured a a module
> CONFIG_ZCRYPT=M, the AP BUS is built statically with the kernel.
> See drivers/s390/crypto/Makefile
> "
> ap-objs := ap_bus.o ap_card.o ap_queue.o
> obj-$(subst m,y,$(CONFIG_ZCRYPT)) += ap.o
> "
> ugly isn't it?

Yeah, I found it... interesting the first time I saw it.

> 
> >
> > There are two possibilities here:
> > - Exposing the features makes sense even if no zcrypt driver is active
> >    in the host. Then, ap_instructions_installed() needs to be moved into
> >    always-built code (see my comments for the interface in patch 1).  
> 
> This is what we need for future enhancement I think.

OK, so that function needs to go into whatever place the interface used
in patch 1 goes to as well.

> 
> > - Exposing the features makes sense only if we actually want to make
> >    vfio-ap available. Then we should provide the proper check in the
> >    vfio-ap parts (which depends on zcrypt) and stub it out if vfio-ap is
> >    not configured.
> >  
> >> +
> >>   	/*
> >>   	 * We need SIE support, ESOP (PROT_READ protection for gmap_shadow),
> >>   	 * 64bit SCAO (SCA passthrough) and IDTE (for gmap_shadow unshadowing).  
> 
>