Received: by 10.213.65.68 with SMTP id h4csp2729389imn;
        Mon, 2 Apr 2018 12:55:21 -0700 (PDT)
X-Google-Smtp-Source: AIpwx4+rF3HqKuNgIZGSi/EnYrKIzrq/Qlm8XqABcasJ1Gvm4/3HxmjpKKg858eLg5m4gaduGU47
X-Received: by 10.98.223.16 with SMTP id u16mr8347518pfg.146.1522698921719;
        Mon, 02 Apr 2018 12:55:21 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1522698921; cv=none;
        d=google.com; s=arc-20160816;
        b=MwnVWq2tskqFReFQpbZnfIksSG0QVeQGiO0I7py2yfEkZu5e4p+WdtuzKsDq/QOyDF
         ExQY3Jf2siq74fJ0yY4HlR4/4pS/ppeUh67kwxEMGAb2cLZrZ9aDqLn2Y3JhZPiDUIYK
         T76qLXiUF7xtkJgZoiHEEv0Zi7z7gbEI5NBljIVkyEQOFtQ1RbwJ85hCPr3rkcuHYWaK
         qaUggVktxKUE71ygOMHs/ShMb/EXDRM6As0SyS0/1cYiPSMgLpxWBpIHDRFTDsg6YSbs
         2JDb3yjc4lguT/H5ztStnpsTZ5HzuUG9kkNLp6xOZa1v1s9/oOnyHMdmfpiXQPYTb5LF
         TvxQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:content-language
         :content-transfer-encoding:in-reply-to:mime-version:user-agent:date
         :from:references:cc:to:subject:arc-authentication-results;
        bh=GPaH2ksCBNjkYIEfN0D4aD6AiztIznLLx8b7KjkDGso=;
        b=ftKofXgBsjBpzGknVrd8y7Y4yPA0tmpUxYHptY9fx3IO6mmHaaBjhSKtgYvg0gIxx/
         3bHTtvw63axlG2vEgepxB+LDoxBcGOQSBsKRzv6L8GksOwlM0/5/ktJJ6aZ4jYgiGSC7
         G3pXCNztMBSalNiOyoDJ3ZauITLpHAXB3UeXY8NGK+khx7NfGJN9Jzr4nZetOi3URLAE
         4u7QrAy3c61R4YvnT908kDql3GRKHY7N9e43+hGW+2nf8Z+A7/IJfArXNO+kJjVOzR5r
         6bK1V+sbk8hFwg4R3MfxQVZ8oypydKBHHn7WO0QbreeMB921Yt9EaEasMQHYFSvcHZf/
         M2Xg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id q4si647979pgv.822.2018.04.02.12.55.07;
        Mon, 02 Apr 2018 12:55:21 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1755435AbeDBS4A (ORCPT <rfc822;fezhang.suse@gmail.com>
        + 99 others); Mon, 2 Apr 2018 14:56:00 -0400
Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:32924 "EHLO
        mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1756544AbeDBSzz (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 2 Apr 2018 14:55:55 -0400
Received: from pps.filterd (m0098410.ppops.net [127.0.0.1])
        by mx0a-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w32It3dQ031314
        for <linux-kernel@vger.kernel.org>; Mon, 2 Apr 2018 14:55:54 -0400
Received: from e19.ny.us.ibm.com (e19.ny.us.ibm.com [129.33.205.209])
        by mx0a-001b2d01.pphosted.com with ESMTP id 2h3sc41yfn-1
        (version=TLSv1.2 cipher=AES256-SHA256 bits=256 verify=NOT)
        for <linux-kernel@vger.kernel.org>; Mon, 02 Apr 2018 14:55:54 -0400
Received: from localhost
        by e19.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted
        for <linux-kernel@vger.kernel.org> from <akrowiak@linux.vnet.ibm.com>;
        Mon, 2 Apr 2018 14:55:53 -0400
Received: from b01cxnp22034.gho.pok.ibm.com (9.57.198.24)
        by e19.ny.us.ibm.com (146.89.104.206) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted;
        Mon, 2 Apr 2018 14:55:49 -0400
Received: from b01ledav001.gho.pok.ibm.com (b01ledav001.gho.pok.ibm.com [9.57.199.106])
        by b01cxnp22034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id w32ItmLN53542922;
        Mon, 2 Apr 2018 18:55:48 GMT
Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1])
        by IMSVA (Postfix) with ESMTP id 395482803F;
        Mon,  2 Apr 2018 14:55:12 -0400 (EDT)
Received: from oc8043147753.ibm.com (unknown [9.80.198.232])
        by b01ledav001.gho.pok.ibm.com (Postfix) with ESMTP id D406C28041;
        Mon,  2 Apr 2018 14:55:10 -0400 (EDT)
Subject: Re: [PATCH v3 04/14] KVM: s390: device attribute to set AP
 interpretive execution
To:     Halil Pasic <pasic@linux.vnet.ibm.com>,
        Pierre Morel <pmorel@linux.vnet.ibm.com>,
        linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org,
        kvm@vger.kernel.org
Cc:     freude@de.ibm.com, schwidefsky@de.ibm.com,
        heiko.carstens@de.ibm.com, borntraeger@de.ibm.com,
        cohuck@redhat.com, kwankhede@nvidia.com,
        bjsdjshi@linux.vnet.ibm.com, pbonzini@redhat.com,
        alex.williamson@redhat.com, alifm@linux.vnet.ibm.com,
        mjrosato@linux.vnet.ibm.com, jjherne@linux.vnet.ibm.com,
        thuth@redhat.com, berrange@redhat.com, fiuczy@linux.vnet.ibm.com,
        buendgen@de.ibm.com
References: <1521051954-25715-1-git-send-email-akrowiak@linux.vnet.ibm.com>
 <1521051954-25715-5-git-send-email-akrowiak@linux.vnet.ibm.com>
 <d86ad01e-1c79-c14c-b4da-09d9a31572bd@linux.vnet.ibm.com>
 <21bd029b-3500-3461-ce98-68ad3ae9b647@linux.vnet.ibm.com>
 <46a7e838-2be2-9587-6eb2-3bba95485609@linux.vnet.ibm.com>
 <5ed8017b-0168-9a50-234b-cfe9258eab72@linux.vnet.ibm.com>
 <17683324-f6e4-4328-54c1-1fce572faecd@linux.vnet.ibm.com>
 <8e10f1cb-3722-d231-2603-b7867420ac0a@linux.vnet.ibm.com>
 <5dd1bcd3-5d17-37c1-1184-7f75a1fd32bc@linux.vnet.ibm.com>
 <68e9e3ea-f99a-da88-5e56-21e38b438b4f@linux.vnet.ibm.com>
 <1347ed2e-7bdb-e455-971a-cf60899e3c19@linux.vnet.ibm.com>
 <6c42b3e2-0f32-b84b-ea73-4e99157720d3@linux.vnet.ibm.com>
From:   Tony Krowiak <akrowiak@linux.vnet.ibm.com>
Date:   Mon, 2 Apr 2018 14:55:46 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.2.0
MIME-Version: 1.0
In-Reply-To: <6c42b3e2-0f32-b84b-ea73-4e99157720d3@linux.vnet.ibm.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-US
X-TM-AS-GCONF: 00
x-cbid: 18040218-0056-0000-0000-000004368428
X-IBM-SpamModules-Scores: 
X-IBM-SpamModules-Versions: BY=3.00008790; HX=3.00000241; KW=3.00000007;
 PH=3.00000004; SC=3.00000255; SDB=6.01012147; UDB=6.00515819; IPR=6.00791417;
 MB=3.00020378; MTD=3.00000008; XFM=3.00000015; UTC=2018-04-02 18:55:52
X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused
x-cbparentid: 18040218-0057-0000-0000-00000878965B
Message-Id: <b781deb9-5fdc-1809-8e3c-3858e10aa944@linux.vnet.ibm.com>
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2018-04-02_07:,,
 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501
 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0
 clxscore=1015 lowpriorityscore=0 impostorscore=0 adultscore=0
 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1709140000
 definitions=main-1804020206
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 03/20/2018 06:48 PM, Halil Pasic wrote:
>
> On 03/20/2018 06:58 PM, Tony Krowiak wrote:
>> I spoke with Christian this morning and he made a suggestion which I think would provide the best solution here.
>> This is my proposal:
>> 1. Get rid of the KVM_S390_VM_CRYPTO_INTERPRET_AP device attribute and return to setting ECA.28 from the
>>     mdev device open callback.
>> 2. Since there may be vcpus online at the time the mdev device open is called, we must first take all running vcpus out of
>>     SIE and block them. Christian suggested the kvm_s390_vcpu_block_all(struct kvm *kvm) function will do the trick. So I
>>     propose introducing a function like the following to be called during mdev open:
> There is one thing you missed, otherwise I'm *very* satisfied with this
> proposal.
>
> What you have missed IMHO is vcpu hottplug. So IMHO you should keep
> kvm->arch.crypto.apie, and update it accordingly ...
I agree, I will fix it.
>
>
>>      int kvm_ap_set_interpretive_exec(struct kvm *kvm, bool enable)
>>      {
>>          int i;
>>          struct kvm_vcpu *vcpu;
>>
>>          if (!test_kvm_cpu_feat(kvm, KVM_S390_VM_CPU_FEAT_AP))
>>              return -EOPNOTSUPP;
>>
>>          mutex_lock(&kvm->lock);
>>
>>          kvm_s390_vcpu_block_all(kvm);
> ... let's say here.
Yep
>
>>          kvm_for_each_vcpu(i, vcpu, kvm) {
> And here you can call kvm_s390_vcpu_crypto_setup(vcpu) (the changes to
> this function will be required for hotplug) if you like
Sounds good to me.
>
>>              if (enable)
>>                  vcpu->arch.sie_block->eca |= ECA_APIE;
>>              else
>>                  vcpu->arch.sie_block->eca &= ~ECA_APIE;
> or keep this stuff, it does not really matter to me.
I'll call the kvm_s390_vcpu_crypto_setup(vcpu) to set ECA_APIE.
>
>>          }
>>
>>          kvm_s390_vcpu_unblock_all(kvm);
>>
>>          mutex_unlock(&kvm->lock);
>>
>>          return 0;
>>      }
>>
>>     This interface allows us to set ECA.28 even if vcpus are running
> I tend to agree. I will give it a proper review when this gets more
> formal (e.g. v4 (preferably) or patches to be fixed up to this series).
>
> Please don't forget to revisit the discussion on kvm_s390_vm_set_crypto:
> if the mechanism there isn't right for ECA.28 I think you should tell
> us why it's OK for the other attributes if it's OK. If it is not then
> I guess you will want to do a stand alone patch for that.
That will no longer be a part of this patch series. We can revisit that as
a separate issue at a future time.
>