Received: by 2002:ac0:a594:0:0:0:0:0 with SMTP id m20-v6csp1985896imm; Wed, 16 May 2018 06:14:43 -0700 (PDT) X-Google-Smtp-Source: AB8JxZqWhOKCvicl9xpIxQ09tv62f23kYrdZWI2pkf4J+YesUL8LnXfnG0BAmED9lS2Ocpu2qOYp X-Received: by 2002:a17:902:8d8c:: with SMTP id v12-v6mr918076plo.366.1526476483411; Wed, 16 May 2018 06:14:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1526476483; cv=none; d=google.com; s=arc-20160816; b=hZOlKjcACXRgYnLGmgdYDQpeU1jOIVJ8ShqhearrXcf9JHmLCBv5iPVZtfxfPAvSIK OtEbxVDfcj1mux7Xt7gjwz6ODL7JRNvPQeev5J2l5veaM5kzAOv+aiKda7yaHjmit/8G jZ8pu63apO3tIrHPpuPo+ueYhKRtiFKtSaUMrlyHX0mrk4fHefFaupeviv6X2xA4TcQz tbhiFPdClxgetDw+O5Y9QFQsHeQ+xMhSkEJ9x9s4Wr/C0z0ncpslWRQhAfbLd3rpKcmT bY2Q68/ktHx5a0xLI8p66WUmDEqn34YbLpKwjqEgoAg68tH2x1DYKXSsfzPVvpEfDgO3 6YQA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :from:references:cc:to:subject:arc-authentication-results; bh=zxiufg2NrZ/KI+u1b9vhhkKXw694twlEvU4U8bcscBs=; b=CMH9NJWWtO4cKy5TfjweoageUPDUjvsHQHo8KICVYSfKA3qFxbN/PTOAjDejco8PWi bbOkamRuAQL8ztutdh9fFhUkS1p8iguyYkhhnZJmWhaz8yfBxwWKaMDcoV2IJkBxBYaO Ggtn/4YgNxjvu7A6yiNTLwMyzDcDqUh3DwSQXKH+ZufLPjJ7QMfNxrCy5yMFVTN+36LG ear0BUMeMu72nFccigEH5tIWw/p4yCeGYjGnWULBv41WC5EOWQqBYdqbQi6mlgk6N36n CVyLD0vwNCoCpjte3EIX8Ku9oCXZqHRGZDUPreEmkoTLaxhoLpZxPUfas9FjdG5hSXDw hMSA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i89-v6si2645230pfd.117.2018.05.16.06.14.29; Wed, 16 May 2018 06:14:43 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752760AbeEPNNu (ORCPT + 99 others); Wed, 16 May 2018 09:13:50 -0400 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:41732 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752761AbeEPNND (ORCPT ); Wed, 16 May 2018 09:13:03 -0400 Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w4GD95IZ083977 for ; Wed, 16 May 2018 09:13:03 -0400 Received: from e36.co.us.ibm.com (e36.co.us.ibm.com [32.97.110.154]) by mx0a-001b2d01.pphosted.com with ESMTP id 2j0n28gw54-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 16 May 2018 09:13:02 -0400 Received: from localhost by e36.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Wed, 16 May 2018 07:13:01 -0600 Received: from b03cxnp08028.gho.boulder.ibm.com (9.17.130.20) by e36.co.us.ibm.com (192.168.1.136) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Wed, 16 May 2018 07:12:56 -0600 Received: from b03ledav002.gho.boulder.ibm.com (b03ledav002.gho.boulder.ibm.com [9.17.130.233]) by b03cxnp08028.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id w4GDCrlu9372102 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Wed, 16 May 2018 06:12:53 -0700 Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 81720136049; Wed, 16 May 2018 07:12:53 -0600 (MDT) Received: from oc8043147753.ibm.com (unknown [9.80.200.126]) by b03ledav002.gho.boulder.ibm.com (Postfix) with ESMTP id 94229136040; Wed, 16 May 2018 07:12:50 -0600 (MDT) Subject: Re: [PATCH v5 06/13] KVM: s390: interfaces to manage guest's AP matrix To: pmorel@linux.ibm.com, linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: freude@de.ibm.com, schwidefsky@de.ibm.com, heiko.carstens@de.ibm.com, borntraeger@de.ibm.com, cohuck@redhat.com, kwankhede@nvidia.com, bjsdjshi@linux.vnet.ibm.com, pbonzini@redhat.com, alex.williamson@redhat.com, pmorel@linux.vnet.ibm.com, alifm@linux.vnet.ibm.com, mjrosato@linux.vnet.ibm.com, jjherne@linux.vnet.ibm.com, thuth@redhat.com, pasic@linux.vnet.ibm.com, berrange@redhat.com, fiuczy@linux.vnet.ibm.com, buendgen@de.ibm.com References: <1525705912-12815-1-git-send-email-akrowiak@linux.vnet.ibm.com> <1525705912-12815-7-git-send-email-akrowiak@linux.vnet.ibm.com> From: Tony Krowiak Date: Wed, 16 May 2018 09:12:48 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-TM-AS-GCONF: 00 x-cbid: 18051613-0020-0000-0000-00000DF1A225 X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00009034; HX=3.00000241; KW=3.00000007; PH=3.00000004; SC=3.00000260; SDB=6.01033136; UDB=6.00528235; IPR=6.00812268; MB=3.00021145; MTD=3.00000008; XFM=3.00000015; UTC=2018-05-16 13:12:59 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 18051613-0021-0000-0000-000061670681 Message-Id: <13331f80-8821-6de3-ca29-7a3ea869e4f1@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2018-05-16_05:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1709140000 definitions=main-1805160135 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 05/16/2018 03:48 AM, Pierre Morel wrote: > On 15/05/2018 18:07, Tony Krowiak wrote: >> On 05/15/2018 10:55 AM, Pierre Morel wrote: >>> On 07/05/2018 17:11, Tony Krowiak wrote: >>>> Provides interfaces to manage the AP adapters, usage domains >>>> and control domains assigned to a KVM guest. >>>> >>>> The guest's SIE state description has a satellite structure called the >>>> Crypto Control Block (CRYCB) containing three bitmask fields >>>> identifying the adapters, queues (domains) and control domains >>>> assigned to the KVM guest: >>>> > ...snip... >>>> +} >>> >>> This function (ap_validate_queue_sharing) only verifies that VM >>> don't share queues. >>> What about the queues used by a host application? >> >> How can that be verified from this function? I suppose I could put a >> check in here to >> verify that the queues are reserved by the vfio_ap device driver, but >> that would >> be redundant because an AP queue can not be assigned to a mediated >> matrix device >> via its sysfs attributes unless it is reserved by the vfio_ap device >> driver (see >> patches 7, 8 and 9). >> >>> >>> >>> I understand that you want to implement these checks within KVM but >>> this is >>> related to which queue devices are bound to the matrix and which one >>> are not. >> >> See my comments above and below about AP queue assignment to the >> mediated matrix >> device. The one verification we can't do when the devices are >> assigned is whether >> another guest is using the queue because assignment occurs before the >> guest using >> the queue is started in which case we have no access to KVM. It makes >> no sense to >> do so at assignment time anyway because it doesn't matter until the >> guest using >> the mediated matrix device is started, so that check is done in KVM. >> >>> >>> >>> I think that this should be related somehow to the bounded queue >>> devices and >>> therefor implemented inside the matrix driver. >> >> As I stated above, when an AP queue is assigned to the mediated >> matrix device via >> its sysfs attributes, a check is done to verify that it is bound to >> the vfio_ap >> device driver (see patches 7, 8 and 9). If not, then assignment will >> be rejected; >> therefore, it will not be possible to configure a CRYCB with AP >> queues that are >> not bound to the device driver. > > This patch and te followed patches take care that the queues are bound > to the > matrix driver when they are assigned to the matrix using the sysfs > entries. > > But they do not take care that the queue can not be unbound before you > start > the guest, and they are not in the path if the admin decide to unbind > a queue > at some later time. That is a good point. I need to put a check in the device driver at the time the mediated device fd is opened to verify that the queues being configured in the guest's CRYCB are bound to the driver. > > >> >>> >>> >>> Regards, >>> >>> Pierre >>> >> >