Received: by 10.213.65.68 with SMTP id h4csp547642imn; Tue, 27 Mar 2018 04:32:16 -0700 (PDT) X-Google-Smtp-Source: AG47ELtAd81RbQY+9ry1r29mRy/qZuia1+MwZhouOxC7bEkP51yJqwFNGMWj1zDUIi8h3rurwV2y X-Received: by 10.101.67.198 with SMTP id n6mr31224413pgp.150.1522150336243; Tue, 27 Mar 2018 04:32:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522150336; cv=none; d=google.com; s=arc-20160816; b=OJSJyx2IWCloU2vmrnHbJWLvKd6jkYVD61e+1+pZh+oLcVJaTAeST68UglfWWhVAIG GmjI5oWxqIQXaqV7AAcHhiGFxGu2SqIGiQUDuV5J5yC9QxFQ4xXcM8mUGN46SadByx1/ 26DJ20EC6qpzg77gDRK/zR5sSupIdTZFBevsoLwDAUBRGC5RISFtJ/Fee8dxzVeeB5JZ G9k1QSyasMi7lWZuVpSImnwRQV3z/CFIeH86ksVqL7v+WOgsVXWEN9JZUKZA0GbG7q4u l0AUbbMR9pLG13wczMnS+RWLveaR7hARe5wPQR5sZxKg8zuSxSLzRPvn3EpdRV4M1ur0 YRBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :organization:references:in-reply-to:message-id:subject:cc:to:from :date:arc-authentication-results; bh=mXBFFGVEQwsJtdNhVIOeAY1txutpKyU8GGn/+yooK18=; b=JCuJW1KfYbE7ykyGFpeFcbQhshwL5Q588kj5FwbyrSUYc1mU9cWSGaOwgCBkW0q1sB H5WUdcdsq+aXrwslsHSdANVLYPl3tIobwwwt2/dhoxFXmyzNzBMeZfFSu1zTIYpdedxC c1vihW/LisQwTbTLkC1Wc0HPqdftSebDTwXpHsKzIsJ43Kn1Myg+JN+F7AmoWYqLEwnN gwXjTKzncYYEfSQ1m7EQSpLS75+eXjka8sTKa6nJQrCajlV9n/pj4Ctgt+XiUtY0WSsI nPL0wjM6Kw5sGyuNH+gXe4uzMQVy+UffpQVgJKFVYkiFpcnHSqokH6om3ftLsQrMFyB4 Qcww== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id o3si734499pgv.773.2018.03.27.04.32.01; Tue, 27 Mar 2018 04:32:16 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752146AbeC0Lao (ORCPT + 99 others); Tue, 27 Mar 2018 07:30:44 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:47258 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751120AbeC0Lam (ORCPT ); Tue, 27 Mar 2018 07:30:42 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id EDC264000B6E; Tue, 27 Mar 2018 11:30:41 +0000 (UTC) Received: from gondolin (dhcp-192-222.str.redhat.com [10.33.192.222]) by smtp.corp.redhat.com (Postfix) with ESMTP id E613810AF9E7; Tue, 27 Mar 2018 11:30:36 +0000 (UTC) Date: Tue, 27 Mar 2018 13:30:34 +0200 From: Cornelia Huck To: Pierre Morel Cc: Tony Krowiak , linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, freude@de.ibm.com, schwidefsky@de.ibm.com, heiko.carstens@de.ibm.com, borntraeger@de.ibm.com, kwankhede@nvidia.com, bjsdjshi@linux.vnet.ibm.com, pbonzini@redhat.com, alex.williamson@redhat.com, alifm@linux.vnet.ibm.com, mjrosato@linux.vnet.ibm.com, jjherne@linux.vnet.ibm.com, thuth@redhat.com, pasic@linux.vnet.ibm.com, berrange@redhat.com, fiuczy@linux.vnet.ibm.com, buendgen@de.ibm.com Subject: Re: [PATCH v3 03/14] KVM: s390: CPU model support for AP virtualization Message-ID: <20180327133034.1562ad88.cohuck@redhat.com> In-Reply-To: <327f20bc-741d-ac0a-8e3f-929e8ad73159@linux.vnet.ibm.com> References: <1521051954-25715-1-git-send-email-akrowiak@linux.vnet.ibm.com> <1521051954-25715-4-git-send-email-akrowiak@linux.vnet.ibm.com> <20180327125911.5c7ecf34.cohuck@redhat.com> <327f20bc-741d-ac0a-8e3f-929e8ad73159@linux.vnet.ibm.com> Organization: Red Hat GmbH MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.7]); Tue, 27 Mar 2018 11:30:42 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.7]); Tue, 27 Mar 2018 11:30:42 +0000 (UTC) for IP:'10.11.54.3' DOMAIN:'int-mx03.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'cohuck@redhat.com' RCPT:'' Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 27 Mar 2018 13:22:56 +0200 Pierre Morel wrote: > On 27/03/2018 12:59, Cornelia Huck wrote: > > On Wed, 14 Mar 2018 14:25:43 -0400 > > Tony Krowiak wrote: > > > >> Introduces a new CPU model feature and two CPU model > >> facilities to support AP virtualization for KVM guests. > >> > >> CPU model feature: > >> > >> The KVM_S390_VM_CPU_FEAT_AP feature indicates that > >> AP instructions are available on the guest. This > >> feature will be enabled by the kernel only if the AP > >> instructions are installed on the linux host. This feature > >> must be specifically turned on for the KVM guest from > >> userspace to use the VFIO AP device driver for guest > >> access to AP devices. > >> > >> CPU model facilities: > >> > >> 1. AP Query Configuration Information (QCI) facility is installed. > >> > >> This is indicated by setting facilities bit 12 for > >> the guest. The kernel will not enable this facility > >> for the guest if it is not set on the host. This facility > >> must not be set by userspace if the KVM_S390_VM_CPU_FEAT_AP > >> feature is not installed. > >> > >> 2. AP Facilities Test facility (APFT) is installed. > >> > >> This is indicated by setting facilities bit 15 for > >> the guest. The kernel will not enable this facility for > >> the guest if it is not set on the host. This facility > >> must not be set by userspace if the KVM_S390_VM_CPU_FEAT_AP > >> feature is not installed. > >> > >> Reviewed-by: Christian Borntraeger > >> Reviewed-by: Halil Pasic > >> Signed-off-by: Tony Krowiak > >> --- > >> arch/s390/include/asm/kvm_host.h | 1 + > >> arch/s390/include/uapi/asm/kvm.h | 1 + > >> arch/s390/kvm/kvm-s390.c | 4 ++++ > >> arch/s390/tools/gen_facilities.c | 2 ++ > >> 4 files changed, 8 insertions(+), 0 deletions(-) > >> > >> diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c > >> index c47731d..a60c45b 100644 > >> --- a/arch/s390/kvm/kvm-s390.c > >> +++ b/arch/s390/kvm/kvm-s390.c > >> @@ -350,6 +350,10 @@ static void kvm_s390_cpu_feat_init(void) > >> > >> if (MACHINE_HAS_ESOP) > >> allow_cpu_feat(KVM_S390_VM_CPU_FEAT_ESOP); > >> + > >> + if (ap_instructions_installed()) /* AP instructions installed on host */ > >> + allow_cpu_feat(KVM_S390_VM_CPU_FEAT_AP); > > That's another dependency of the base kvm-s390 module on zcrypt, which > > I don't like at all. > > In fact there is a tricky thing about zcrypt it is that even it is > configured a a module > CONFIG_ZCRYPT=M, the AP BUS is built statically with the kernel. > See drivers/s390/crypto/Makefile > " > ap-objs := ap_bus.o ap_card.o ap_queue.o > obj-$(subst m,y,$(CONFIG_ZCRYPT)) += ap.o > " > ugly isn't it? Yeah, I found it... interesting the first time I saw it. > > > > > There are two possibilities here: > > - Exposing the features makes sense even if no zcrypt driver is active > > in the host. Then, ap_instructions_installed() needs to be moved into > > always-built code (see my comments for the interface in patch 1). > > This is what we need for future enhancement I think. OK, so that function needs to go into whatever place the interface used in patch 1 goes to as well. > > > - Exposing the features makes sense only if we actually want to make > > vfio-ap available. Then we should provide the proper check in the > > vfio-ap parts (which depends on zcrypt) and stub it out if vfio-ap is > > not configured. > > > >> + > >> /* > >> * We need SIE support, ESOP (PROT_READ protection for gmap_shadow), > >> * 64bit SCAO (SCA passthrough) and IDTE (for gmap_shadow unshadowing). > >