Received: by 10.192.165.148 with SMTP id m20csp186018imm; Fri, 20 Apr 2018 05:17:42 -0700 (PDT) X-Google-Smtp-Source: AIpwx49fdZBvOzqdu01sLSO2t6/wiki+R3VKBlat4fjadj6E99fjBpyFTNXGwesELiaU90vwW/DZ X-Received: by 10.99.168.13 with SMTP id o13mr8305343pgf.198.1524226661922; Fri, 20 Apr 2018 05:17:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1524226661; cv=none; d=google.com; s=arc-20160816; b=mqn8vJIlkLEFM8AbgcFRDb9RZUmjhmdhAwWbC3wuE4WpyIrctIOrVFuewZ65OYbkay 08mc4ukRwlVVHKJVIWpo0efrNRaDeD4eaz5IAKCMmPRuRaDWJWlXpWgn1CN/dyUglydG cH63KPEJwsV2O30ON2uu1gAY3MS+D5H0+uDwMg0JxBLYZHLaWLPnw+9wO8ITFELmlmBq RKQgCq51bgbX+VRlk5iEmUIIJK2rCsJ+TXdJQSuKk3UtQJKtCrWVbZrOYTmRGrZsCWtc MblFclarZNLQpl5VXuWFKVh56GHCZrOQWhAeOF/yHTqdZiOF/WrSODCOiMFsh8zhNrjl 8yRw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:in-reply-to:mime-version :user-agent:date:autocrypt:openpgp:references:cc:to:from:subject :arc-authentication-results; bh=rNBsasH4DoMrg+PH7LYtusG7ayp64rT57aw1FnPlmrM=; b=AiHfaGSZ1q6F1XjLx1SnMEpxVVDNQmeL2ln2jG8USuYCPhyypN+s4HsZAKIvBeblKY /F9M6zbCDWXeAdSA2kJN/IwSbI1k8v0symqo+fd7yPOc3+bS5CtpZfOnWkR/C1GN/BMh cg2INS+foPceUsiByotSwdbeZSbh7LIcVGrrIQVnRBJv/mmKwqWWoaqFtCO/d39S2BrW 0HgnmLWq8qr30hdfwNNFSCQSvrYyPkRnGlcCvtCz6s15Ksjdr2K1Ue4p4psnzNMl0Keq 1wmEfT0LDpFsMGhfyHJytD9wkLBdzpim49tFZ6MeYP9xQjEM0A2n4urcnFE8qX6yz7X1 XrAg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f59-v6si3997785plb.106.2018.04.20.05.17.27; Fri, 20 Apr 2018 05:17:41 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754795AbeDTMP6 (ORCPT + 99 others); Fri, 20 Apr 2018 08:15:58 -0400 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:60328 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754591AbeDTMPz (ORCPT ); Fri, 20 Apr 2018 08:15:55 -0400 Received: from pps.filterd (m0098410.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w3KCF4VQ044707 for ; Fri, 20 Apr 2018 08:15:54 -0400 Received: from e06smtp11.uk.ibm.com (e06smtp11.uk.ibm.com [195.75.94.107]) by mx0a-001b2d01.pphosted.com with ESMTP id 2hfdpgecj2-1 (version=TLSv1.2 cipher=AES256-SHA256 bits=256 verify=NOT) for ; Fri, 20 Apr 2018 08:15:54 -0400 Received: from localhost by e06smtp11.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 20 Apr 2018 13:15:52 +0100 Received: from b06cxnps3075.portsmouth.uk.ibm.com (9.149.109.195) by e06smtp11.uk.ibm.com (192.168.101.141) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Fri, 20 Apr 2018 13:15:49 +0100 Received: from d06av24.portsmouth.uk.ibm.com (mk.ibm.com [9.149.105.60]) by b06cxnps3075.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id w3KCFmMS45875340; Fri, 20 Apr 2018 12:15:48 GMT Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C25AE4205E; Fri, 20 Apr 2018 13:07:17 +0100 (BST) Received: from d06av24.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5ABF54204F; Fri, 20 Apr 2018 13:07:17 +0100 (BST) Received: from [9.152.224.155] (unknown [9.152.224.155]) by d06av24.portsmouth.uk.ibm.com (Postfix) with ESMTP; Fri, 20 Apr 2018 13:07:17 +0100 (BST) Subject: Re: [PATCH] KVM: s390: reset crypto attributes for all vcpus From: Janosch Frank To: Tony Krowiak , linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: borntraeger@de.ibm.com, cohuck@redhat.com, pmorel@linux.vnet.ibm.com, pasic@linux.vnet.ibm.com, pbonzini@redhat.com, rkrcmar@redhat.com References: <1524172432-26211-1-git-send-email-akrowiak@linux.vnet.ibm.com> <870459b4-228d-0be3-5dd3-48ab480b46de@linux.ibm.com> Openpgp: preference=signencrypt Autocrypt: addr=frankja@linux.ibm.com; prefer-encrypt=mutual; keydata= xsFNBFfqIWIBEAC9u1ku3alDY4YilAfKidqWZ46kCnu7WPXkdcgH3ww/9CcgIDoeSr90SnaU T9gQRO92ESh2OO0ff3RMfmQpPG7hivVKu9G8z4Fsblxqi3sSHBNpZu3wYE81UQTlG2EJpccX DXlBUGmMI44Ra3+NoeYbsTn0vU2ke69NgOz9MxE87ZpsvQaDfl7XgxTqo+6DJMRpiCJiSgWs SXa73uTdHWgmauAbUkaExe+Mb0txAHPweh6zDrLmiMHO2aZLRCPiY6aaP4m6DtjAaZcBQRcG kliWjsiPs1i8UPJp00/oZW2sDvHntDcp34JXDEdxpRXlsBFOVaWs/9hkI+91M78+fgVxNyQD bc1KH7wiwoND/OSgeJqvI1kN/bz+qdwlQaoAEfSkOkfu7yC1yyx/VpQSdL1ozczGF/4ABZ+G FteQmDEjdg1C5vHAdmoh+yHqsNSDVgwi7Vr03r3D9ESUA8bLbQtBVc772rZpEEeuyKZhMi/f SF5aEk16cjp2EiXW5DJSGGKEut2FQQEWeya0A4/MItCplho1nUBGhtCoj5EpCdl7Z6mc4amO 00m6TKFc03cU5Vo/ta3TwIZgmsnpWulgzlZYpxyezc3oJiOjTyQHo9QgChPOBXNe2mKs8pVY TtVksdg6V9UtuFz+FS9B/yuJO+3hMXcg+SOWvCs0HTNP8e4l8wARAQABzSVKYW5vc2NoIEZy YW5rIDxmcmFua2phQGxpbnV4LmlibS5jb20+wsF9BBMBCAAnBQJay0EFAhsjBQkSzAMABQsJ CAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEBcO/8Q8ZEV5BHEP/jaHXSQQQjBkACPIiejAqKZn GtRCnvYCvNDq801cvy20bEjKDYBVqWa958gTaynYdeDIoodyij+Vo/07O7J8Hua0ygJBJcEL IsQ4mikMO4AexFxulkk94Zcddukrhx8PHFCJqTEeNggYthI/Is+f+ypfkYq7A8MUFf+1K7Cz xJ+1e3eEM+3ZwOpI/qmGTnOpraxzu7nOhp+sezmvUPyiQ5YKz0nHUGQmrKS0Unoiz2Ooemmv WmFALdBa8Mep56PNKiucSckX49u5r7+4UHngJ569rOxevoUPZRgwpCgB4HWAsuNgpNrd3UJ5 DIwQpwD4tJP0r/Pfz61MiE9ViCsNFMAGEZ6Sth4rHAnZrVtBmWcvqRTlP80PLjUeDZ3GtzsP CgspTxG5RRC2o1wpJeUfwiGRFgZ/x+j7cLjlfVGr3s3o8m0Ig2R17PMQh0r9RZ09MyZAqIvA A5MLX8Bs7znzlePwan7piToOGSOP5r7V7kejA+UGJLGmZHC5F9n7y8Pot1D99y/TiZW+wToy ESvPLCyTbMzzVxYxtKhoQXhazDeuoj+j9n8eaXVv2QXxWjDK4rjZj3gQw+yoxMt/pMMIVF7o PMdcaxXz3kSjwuknG9cmKmbVpl8nSVrtaewG2+A9lmv77XAYoZB7qynJH5dZXNpZJKZZLz8g 1pWzSrI44X9QzsFNBFfqIWIBEACxMNRjr5jNnVCWusQTFMrn/IqlQ2pTRszzeHPJ3KYPE+m9 z+WvNWJeaFXKnfza0HWvIZb5eMJ5DXZ/h6yMNcU2waCZA3HU4Qu0waGGzPdjNNhdv+qETp+5 PHSwrqVt/cRDBGy9sv/MsDfo1bZkr5uBA73He/eeiLykxmYXgIYaXm/iBocclLDmMkHR4YS1 IFk1Z27o2tz4nZ135jR22Leqf8MJluV8r+PGGY1NRAneXR9utS6oJnoWUJotBBIEP5ix/8Pt HrxvisS9VEu0kxa+mexJWnwHxFDTM9IsGgWMH0J5bm9W9fodoZCnZAh090mcUC7N3GVDJNgP 620oBeBrd4gGUSLte0gy68hNujFDcbQ1w084lo5KETKx6Pd3UGjx+XgLyOpcV6yt5gn06bNk 0PLJiBDWlI0+pT7R3mvP3CNwi3gbygViJ3gqNNNhiER78v+RQEylLgOHANnfJFsa2llKzUVO a74WcCA08SbNvGSywTriVAgrC1nyqC6wv8s2IsVvVJsI5dEXxlA05llbTgFXfrysPQnR04hm hwa7OmtvPzh67VbKUR1tJxiaRZuVeBhjNInNsx+0fWSX6cNr3Yp9GAEtKEfcUWnjttHgSQ2B B7J+WOIlmlhIhDFKBQrXT/sYxIu055o7YGxgO+cqJVrC5n2HoaCeTAVA6r1xKQARAQABwsFl BBgBAgAPBQJX6iFiAhsMBQkSzAMAAAoJEBcO/8Q8ZEV5R+oQAJgaEDxy1cpGmGva0s0Oxvia s5b4+otopF5pnlElTZcqWY1bx3vh2c5NZjCCubY1tb8548x6IprwAYtpmx3XlOXb12Jki/HT qHgeSscyleLbneNO+s8LfhJKY15smPqVKG6leCbtIpliZ0TI2Zif+gYvDZRruHYgHwi9bQzH +wEVDrgess/1dDq3Pt+W7NRhFoKKq7ZQOYkyHE1qdck/cGvq4/XCL9np7+3CBEql+QOtuR2o AdES5cnZwKm7peagQBEaFqgni26de11pW294pJRG0U36mSqxEoyqe97vKUYzsdy1hPPbOPfy 7img6Ifh6WL1b4FIIn9TFbooQ1WRSQvbOzxL+E2x+vmEPfNxpzAuuS+ASLJ6Zv9QCOUAvzBn Lfg7BvkfUhALMIZnAoyYmxutcWL4XYYAvMG13l8hFYpoQcF4WEnUoP0UuNwXmR4QZvOuiE8u CyL9U2LEYbrPVTIsEtUVmDlCyD1Kq+6LE3aU+n06soITGp9a3/WNLpXUbUYfzRvYJ3p6jssI Pe50r3yPfdgbWIWzeWuLimNVTlbIZAi1Y0VIdCDbDQpXl2DDTB9zZw2yz0kRKxasMCAEsvlA CT0NLoyQplUjM1ir5e6QTwy9+v3niCCesupe7owsFfrg/YZsE9jCy8vWgdPjSnRJkwQqV2Fw lFM6NIuMAY1Y Date: Fri, 20 Apr 2018 14:15:47 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 MIME-Version: 1.0 In-Reply-To: <870459b4-228d-0be3-5dd3-48ab480b46de@linux.ibm.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="3eMqAE81vonGJFht6nNny6RbI9K2v3NPb" X-TM-AS-GCONF: 00 x-cbid: 18042012-0040-0000-0000-0000044FB282 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 18042012-0041-0000-0000-000020F40E85 Message-Id: X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2018-04-20_05:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1709140000 definitions=main-1804200121 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --3eMqAE81vonGJFht6nNny6RbI9K2v3NPb Content-Type: multipart/mixed; boundary="nTdTieXVKijukp1sK58IHlWQMAQqhisVQ"; protected-headers="v1" From: Janosch Frank To: Tony Krowiak , linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: borntraeger@de.ibm.com, cohuck@redhat.com, pmorel@linux.vnet.ibm.com, pasic@linux.vnet.ibm.com, pbonzini@redhat.com, rkrcmar@redhat.com Message-ID: Subject: Re: [PATCH] KVM: s390: reset crypto attributes for all vcpus References: <1524172432-26211-1-git-send-email-akrowiak@linux.vnet.ibm.com> <870459b4-228d-0be3-5dd3-48ab480b46de@linux.ibm.com> In-Reply-To: <870459b4-228d-0be3-5dd3-48ab480b46de@linux.ibm.com> --nTdTieXVKijukp1sK58IHlWQMAQqhisVQ Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 20.04.2018 13:59, Janosch Frank wrote: > Thanks, applied. >=20 Well this does not compile, as you use kvm_s390_vcpu_crypto_setup before declaration. Please fix, then I'll take the patch. >=20 > On 19.04.2018 23:13, Tony Krowiak wrote: >> Introduces a new function to reset the crypto attributes for all >> vcpus whether they are running or not. Each vcpu in KVM will >> be removed from SIE prior to resetting the crypto attributes in its >> SIE state description. After all vcpus have had their crypto attribute= s >> reset the vcpus will be restored to SIE. >> >> This function is incorporated into the kvm_s390_vm_set_crypto(kvm) >> function to fix a reported issue whereby the crypto key wrapping >> attributes could potentially get out of synch for running vcpus. >> >> Reported-by: Halil Pasic >> Signed-off-by: Tony Krowiak >> --- >> arch/s390/kvm/kvm-s390.c | 18 ++++++++++++++---- >> arch/s390/kvm/kvm-s390.h | 13 +++++++++++++ >> 2 files changed, 27 insertions(+), 4 deletions(-) >> >> diff --git a/arch/s390/kvm/kvm-s390.c b/arch/s390/kvm/kvm-s390.c >> index fa355a6..4fa3037 100644 >> --- a/arch/s390/kvm/kvm-s390.c >> +++ b/arch/s390/kvm/kvm-s390.c >> @@ -789,6 +789,19 @@ static int kvm_s390_set_mem_control(struct kvm *k= vm, struct kvm_device_attr *att >> return ret; >> } >> >> +void kvm_s390_vcpu_crypto_reset_all(struct kvm *kvm) >> + { >> + int i; >> + struct kvm_vcpu *vcpu; >> + >> + kvm_s390_vcpu_block_all(kvm); >> + >> + kvm_for_each_vcpu(i, vcpu, kvm) >> + kvm_s390_vcpu_crypto_setup(vcpu); >> + >> + kvm_s390_vcpu_unblock_all(kvm); >> +} >> + >> static void kvm_s390_vcpu_crypto_setup(struct kvm_vcpu *vcpu); >> >> static int kvm_s390_vm_set_crypto(struct kvm *kvm, struct kvm_device_= attr *attr) >> @@ -832,10 +845,7 @@ static int kvm_s390_vm_set_crypto(struct kvm *kvm= , struct kvm_device_attr *attr) >> return -ENXIO; >> } >> >> - kvm_for_each_vcpu(i, vcpu, kvm) { >> - kvm_s390_vcpu_crypto_setup(vcpu); >> - exit_sie(vcpu); >> - } >> + kvm_s390_vcpu_crypto_reset_all(kvm); >> mutex_unlock(&kvm->lock); >> return 0; >> } >> diff --git a/arch/s390/kvm/kvm-s390.h b/arch/s390/kvm/kvm-s390.h >> index 1b5621f..981e3ba 100644 >> --- a/arch/s390/kvm/kvm-s390.h >> +++ b/arch/s390/kvm/kvm-s390.h >> @@ -410,4 +410,17 @@ static inline int kvm_s390_use_sca_entries(void) >> } >> void kvm_s390_reinject_machine_check(struct kvm_vcpu *vcpu, >> struct mcck_volatile_info *mcck_info); >> + >> +/** >> + * kvm_s390_vcpu_crypto_reset_all >> + * >> + * Reset the crypto attributes for each vcpu. This can be done while = the vcpus >> + * are running as each vcpu will be removed from SIE before resetting= the crypt >> + * attributes and restored to SIE afterward. >> + * >> + * Note: The kvm->lock must be held while calling this function >> + * >> + * @kvm: the KVM guest >> + */ >> +void kvm_s390_vcpu_crypto_reset_all(struct kvm *kvm); >> #endif >> >=20 >=20 --nTdTieXVKijukp1sK58IHlWQMAQqhisVQ-- --3eMqAE81vonGJFht6nNny6RbI9K2v3NPb Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJa2dnzAAoJEBcO/8Q8ZEV5eLgP/2VWIvPhb9PlLBNNLTiZw9M6 IGScDIjRkHSwZA6YDeA+yaeQWJEFJnpt6NIa29d4O70tdGRV2zgPRIz2PdXeB0CR 8GaWmGipc7CbyS/lCKcatCssJqCpnaS+oc1+t/Lub2W7Dy1nvGNMXkXzVBx7wb/5 VDbZINzAkMdi8PIg1Zo5LvkkzotBkbQKYz0ywgmKVNo4ZD9AbQgDF3srf3YOkNGm TzEuockYbgEia/p4bzRtRdt5vWCsFEMtoA/r3ZxRZn/6YfoqiuapNAwymH67DSvg 8sK2qqxzyZthGAbuY2xBDBVFIHB3nxiHpE1J3zsdICIIlDgif9yr9b56KNszn2vk wJ//rMhDI+Y7az00CMxAoQv1gFQnpkkDa0eGor24dqkzvITXMmbBR4fFwWRuVHkA oyzlGfUvOJsmFNwwYaJKahzLzyOwBkoY1DR5rZldn5niJPi2MmABvg4XGIoq+ZSC hFTH0P4GNRDY8IX6lZ1LsxSDkjFFed+W2PBLqLdnJ4IeHs+JWpS5ydXcv3L5hEvo kOEQJp4mKgXTBk+S71zRMFymCZOd/O5WuvyybYgl1npMp2+x9h4Geazanhq474uk OWoIuXylKbh/0myav+NcPOhmpyak03+4pEmLeyMi+im/tjmdmqWIkY5LdApbRrb1 FbvAxj9Ee4bvgqnS7jxE =97Ch -----END PGP SIGNATURE----- --3eMqAE81vonGJFht6nNny6RbI9K2v3NPb--