Received: by 10.192.165.156 with SMTP id m28csp943449imm; Wed, 18 Apr 2018 00:51:21 -0700 (PDT) X-Google-Smtp-Source: AIpwx497uC26YIn3EjlP8Tq6W/4+VVkCMrqUPKKM+oe6GR56hJC7MlgcK/p4cgYx4HtYhJG5QSu2 X-Received: by 10.98.30.4 with SMTP id e4mr1044718pfe.212.1524037881438; Wed, 18 Apr 2018 00:51:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1524037881; cv=none; d=google.com; s=arc-20160816; b=c1u3Z6PnXmVe3lye/mPIIc2TpWfq/XKoRwiznsccc1RXDO0SZIEbISxwrlajJUp2KV 6A1XuknmKMQmddIBgYkZkxnFK4So2gjT7fmApa/JNkwlW4f2XsopkWNhWZ/5Mvx5B6tK odYypbbjSBrn+/iuUoMlS6wUEoeeMK2fFlg7uhZuH7luUd5lEjCfXJrvqIcgCwcOLmKh fFd5NrPtnAk7N/Noh9G24V4ZJ6xC++89eJli7MJwOZy1bcb6EWpVlc7V/RQXsTQe6mlL jgctQNVa8FB3ezn52t6PCq0lR60U0D7fUyr3QqkiKdjhmB87MGeghOfs+xoOQe/KBK0v BI7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :organization:references:in-reply-to:message-id:subject:cc:to:from :date:arc-authentication-results; bh=nShDggCpoDrzcdqkWhmCOqnxwGXrKtpX72M5UluifoA=; b=k/JVTWZ/WV99AWy6L2Yq2kuyZz57TCUtp1mm5hyvuCc2M71LEZRBzyqmj/LrIP01V/ ztCsVzPrb1eZtsRPwsDFqjHKH2EqVOjTTptCso96pxFVIcgg+Gi2MXLBhMXx2TZxbCBy NWEX6qPB53TGsE+BrBX5PEan/43OfDm9hfUxKgXjSht3IbREixuldYIrhqZYnl1QZMmQ 9XlAGbse2F5M6k8XK3S3FmCxGMu14mSqVemI2Gu8mQ644bG0bjikgcUUJvJGaEUUnAOb Qp6X6utrpIf3RfmvEqmviewTZzMiBdLNpseYewoJYJYTr7/LhSpIKfEb8YBjutiI++Uw nn5w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z3si155418pgr.171.2018.04.18.00.51.07; Wed, 18 Apr 2018 00:51:21 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752726AbeDRHt6 (ORCPT + 99 others); Wed, 18 Apr 2018 03:49:58 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:35734 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751865AbeDRHt4 (ORCPT ); Wed, 18 Apr 2018 03:49:56 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 51D3B8DC23; Wed, 18 Apr 2018 07:49:56 +0000 (UTC) Received: from gondolin (dhcp-192-222.str.redhat.com [10.33.192.222]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1F9B77C30; Wed, 18 Apr 2018 07:49:51 +0000 (UTC) Date: Wed, 18 Apr 2018 09:49:49 +0200 From: Cornelia Huck To: Tony Krowiak Cc: Harald Freudenberger , Pierre Morel , alex.williamson@redhat.com, alifm@linux.vnet.ibm.com, berrange@redhat.com, bjsdjshi@linux.vnet.ibm.com, borntrae@linux.ibm.com, fiuczy@linux.vnet.ibm.com, heicars2@linux.vnet.ibm.com, jjherne@linux.vnet.ibm.com, kvm@vger.kernel.org, kwankhede@nvidia.com, linux-kernel@vger.kernel.org, linux-s390@vger.kernel.org, mjrosato@linux.vnet.ibm.com, mschwid2@linux.vnet.ibm.com, pasic@linux.vnet.ibm.com, pbonzini@redhat.com, Reinhard Buendgen , thuth@redhat.com Subject: Re: [PATCH v4 03/15] KVM: s390: refactor crypto initialization Message-ID: <20180418094949.0403dcaf.cohuck@redhat.com> In-Reply-To: <7276785e-2183-3204-ec80-99fba1546364@linux.vnet.ibm.com> References: <1523827345-11600-1-git-send-email-akrowiak@linux.vnet.ibm.com> <1523827345-11600-4-git-send-email-akrowiak@linux.vnet.ibm.com> <4fb50a31-1893-5cfb-0f35-fb2501c2afa8@linux.vnet.ibm.com> <20180417121044.5c8f2182.cohuck@redhat.com> <2ac8b862-e2dc-843e-a0b8-906fa32b42f4@linux.vnet.ibm.com> <20180417172139.0a2b148b.cohuck@redhat.com> <7276785e-2183-3204-ec80-99fba1546364@linux.vnet.ibm.com> Organization: Red Hat GmbH MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Wed, 18 Apr 2018 07:49:56 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Wed, 18 Apr 2018 07:49:56 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'cohuck@redhat.com' RCPT:'' Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 17 Apr 2018 14:08:59 -0400 Tony Krowiak wrote: > On 04/17/2018 11:21 AM, Cornelia Huck wrote: > > On Tue, 17 Apr 2018 10:26:57 -0400 > > Tony Krowiak wrote: > > > >> On 04/17/2018 06:10 AM, Cornelia Huck wrote: > >>> On Tue, 17 Apr 2018 09:49:58 +0200 > >>> "Harald Freudenberger" wrote: > >>> > >>>> Didn't we say that when APXA is not available there is no Crypto support > >>>> for KVM ? > >>> [Going by the code, as I don't have access to the architecture] > >>> > >>> Current status seems to be: > >>> - setup crycb if facility 76 is available (that's MSAX3, I guess?) > >> The crycb is set up regardless of whether STFLE.76 (MSAX3) is > >> installed or not. > > Hm, the current code does a quick exit if bit 76 is not set, doesn't > > it? > > I guess that depends upon what you mean by current code. If you are talking > about the code as it is distributed today - i.e., before my patch series - > then you are correct. This patch changes that; it initializes the > kvm->arch.crypto.crycbd to point to the CRYCB, then clears the format bits > (kvm->arch.crypto.crycbd &= ~(CRYCB_FORMAT_MASK)) which is the same as > setting the CRYCB format to format 0. It is only after this that the > check is done to determine whether STFLE.76 is set. Ah yes, with "current" I referred to current upstream. > > > > >>> - use format 2 if APXA is available, else use format 1 > >> Use format 0 if MSAX3 is not available > >> Use format 1 if MSAX3 is available but APXA is not > >> Use format 2 if MSAX3 and APXA is available > >> > >>> From Tony's patch description, the goal seems to be: > >>> - setup crycb even if MSAX3 is not available > >> Yes, that is true > >> > >>> So my understanding is that we use APXA only to decide on the format of > >>> the crycb, but provide it in any case? > >> Yes, that is true > > With the format selection you outlined above, I guess. Makes sense from > > my point of view (just looking at the source code). > It also implements what is stated in the architecture doc. OK, great. > > > >>> (Not providing a crycb if APXA is not available would be loss of > >>> functionality, I guess? Deciding not to provide vfio-ap if APXA is not > >>> available is a different game, of course.) > >> This would require a change to enabling the CPU model feature for > >> AP. > > But would it actually make sense to tie vfio-ap to APXA? This needs to > > be answered by folks with access to the architecture :) > > I don't see any reason to do that from an architectural perspective. > One can access AP devices whether APXA is installed or not, it just limits > the range of devices that can be addressed So I guess we should not introduce a tie-in then (unless it radically simplifies the code...)