Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp564654imm; Wed, 22 Aug 2018 08:50:36 -0700 (PDT) X-Google-Smtp-Source: ANB0VdaJAS0pt+0/gayuLwJwTW5yLDb1nKYnjFrLCiQmej+tc+3228x1+5sPSZqoAnDd6w8vcWQZ X-Received: by 2002:a62:b4f:: with SMTP id t76-v6mr6246545pfi.36.1534953036186; Wed, 22 Aug 2018 08:50:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1534953036; cv=none; d=google.com; s=arc-20160816; b=y6iOJBwA7IOVFf3SBRNyy/k6aTrrB3U3KBN8BhF33LT/PYAiwBuXV0cHEVsgsu5JpD hrYpyhcmjuCorspaCfd2vtOC5NwUGyx3izOpd4jNzTcii/dITXthFDSorHMZv3AJHvHu TipZLu5JeOev4DZV2Dt71ZOMUohi9guGB9stKl4HThrlTAw6mCdfP4FgUORTE0Wz37aj JUoPQzxpLO7bVB1d/i98eZhQsFhhR+Nca653mWvR0MX7J1AOHMlryVdm0snWUXcr01W+ kEsspZRPUtox3CxvMUWeJ5X8djtyMoc4YsR0KX2kD0gtIjfNmI10DD+68SdDRBoEElO1 8E3g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:message-id :content-language:in-reply-to:mime-version:user-agent:date:autocrypt :openpgp:from:references:cc:to:subject:arc-authentication-results; bh=a3mzfhhk1v1HrcJ8YsgdleRTR9MJKOYzR0iXZsEVfAw=; b=wzDhcHamzXwuOaV9LnFLp3wV5UroUSHtnqcMOJ6BrZCzP8TT9R0VIg4pGtzrXxFQv3 QikvDm2rD99voadI4PWlubITkBoty5FCnbBzUDAYpD2Z8ZB/M/7IE3w0O1XQbz7oKy5J pN7UP8KygCzsiJ+YOnaVVgcqwOjYCOW27SCWlrFOaN7ouaF45A6cXX9/yAsBke0F7xnC NxPTQS8urm18x1ndND7kzckGQ5tHGBvo8sMkRhXzoSAWimS9l97pxPT5aG058CppatPz 7EeGv/NGoa77TIJ/Fg+4gJmVP2FTXSdif9Dbw9lp1YkdBjanUvE4V0bW/4CH3lQyv2Yo x68w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q2-v6si1420642pgb.671.2018.08.22.08.50.21; Wed, 22 Aug 2018 08:50:36 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729362AbeHVTOD (ORCPT + 99 others); Wed, 22 Aug 2018 15:14:03 -0400 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:33848 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729024AbeHVTOD (ORCPT ); Wed, 22 Aug 2018 15:14:03 -0400 Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w7MFibqc065286 for ; Wed, 22 Aug 2018 11:48:38 -0400 Received: from e06smtp01.uk.ibm.com (e06smtp01.uk.ibm.com [195.75.94.97]) by mx0a-001b2d01.pphosted.com with ESMTP id 2m19wcb2n9-1 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 22 Aug 2018 11:48:37 -0400 Received: from localhost by e06smtp01.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Wed, 22 Aug 2018 16:48:34 +0100 Received: from b06cxnps4076.portsmouth.uk.ibm.com (9.149.109.198) by e06smtp01.uk.ibm.com (192.168.101.131) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256) Wed, 22 Aug 2018 16:48:30 +0100 Received: from d06av25.portsmouth.uk.ibm.com (d06av25.portsmouth.uk.ibm.com [9.149.105.61]) by b06cxnps4076.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id w7MFmTS036634660 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Wed, 22 Aug 2018 15:48:29 GMT Received: from d06av25.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E609311C054; Wed, 22 Aug 2018 18:48:28 +0100 (BST) Received: from d06av25.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 2B76411C069; Wed, 22 Aug 2018 18:48:28 +0100 (BST) Received: from oc7330422307.ibm.com (unknown [9.152.224.87]) by d06av25.portsmouth.uk.ibm.com (Postfix) with ESMTP; Wed, 22 Aug 2018 18:48:28 +0100 (BST) Subject: Re: [PATCH v9 12/22] s390: vfio-ap: sysfs interfaces to configure control domains To: pmorel@linux.ibm.com, Cornelia Huck , Halil Pasic Cc: Tony Krowiak , Tony Krowiak , linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, freude@de.ibm.com, schwidefsky@de.ibm.com, heiko.carstens@de.ibm.com, kwankhede@nvidia.com, bjsdjshi@linux.vnet.ibm.com, pbonzini@redhat.com, alex.williamson@redhat.com, pmorel@linux.vnet.ibm.com, alifm@linux.vnet.ibm.com, mjrosato@linux.vnet.ibm.com, jjherne@linux.vnet.ibm.com, thuth@redhat.com, pasic@linux.vnet.ibm.com, berrange@redhat.com, fiuczy@linux.vnet.ibm.com, buendgen@de.ibm.com, frankja@linux.ibm.com References: <1534196899-16987-1-git-send-email-akrowiak@linux.vnet.ibm.com> <1534196899-16987-13-git-send-email-akrowiak@linux.vnet.ibm.com> <20180820162317.08bd7d23.cohuck@redhat.com> <660de00a-c403-28c1-4df4-82a973ab3ad5@linux.ibm.com> <20180821172548.57a6c758.cohuck@redhat.com> <82a391ee-85b1-cdc7-0f9b-d37fd8ba8e47@linux.ibm.com> <20180822114250.59a250aa.cohuck@redhat.com> <8bc5f207-f913-825c-f9fc-0a2c7fd280aa@linux.ibm.com> From: Christian Borntraeger Openpgp: preference=signencrypt Autocrypt: addr=borntraeger@de.ibm.com; prefer-encrypt=mutual; keydata= xsFNBE6cPPgBEAC2VpALY0UJjGmgAmavkL/iAdqul2/F9ONz42K6NrwmT+SI9CylKHIX+fdf J34pLNJDmDVEdeb+brtpwC9JEZOLVE0nb+SR83CsAINJYKG3V1b3Kfs0hydseYKsBYqJTN2j CmUXDYq9J7uOyQQ7TNVoQejmpp5ifR4EzwIFfmYDekxRVZDJygD0wL/EzUr8Je3/j548NLyL 4Uhv6CIPf3TY3/aLVKXdxz/ntbLgMcfZsDoHgDk3lY3r1iwbWwEM2+eYRdSZaR4VD+JRD7p8 0FBadNwWnBce1fmQp3EklodGi5y7TNZ/CKdJ+jRPAAnw7SINhSd7PhJMruDAJaUlbYaIm23A +82g+IGe4z9tRGQ9TAflezVMhT5J3ccu6cpIjjvwDlbxucSmtVi5VtPAMTLmfjYp7VY2Tgr+ T92v7+V96jAfE3Zy2nq52e8RDdUo/F6faxcumdl+aLhhKLXgrozpoe2nL0Nyc2uqFjkjwXXI OBQiaqGeWtxeKJP+O8MIpjyGuHUGzvjNx5S/592TQO3phpT5IFWfMgbu4OreZ9yekDhf7Cvn /fkYsiLDz9W6Clihd/xlpm79+jlhm4E3xBPiQOPCZowmHjx57mXVAypOP2Eu+i2nyQrkapaY IdisDQfWPdNeHNOiPnPS3+GhVlPcqSJAIWnuO7Ofw1ZVOyg/jwARAQABzTRDaHJpc3RpYW4g Qm9ybnRyYWVnZXIgKElCTSkgPGJvcm50cmFlZ2VyQGRlLmlibS5jb20+wsF4BBMBAgAiBQJO nDz4AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRARe7yAtaYcfOYVD/9sqc6ZdYKD bmDIvc2/1LL0g7OgiA8pHJlYN2WHvIhUoZUIqy8Sw2EFny/nlpPVWfG290JizNS2LZ0mCeGZ 80yt0EpQNR8tLVzLSSr0GgoY0lwsKhAnx3p3AOrA8WXsPL6prLAu3yJI5D0ym4MJ6KlYVIjU ppi4NLWz7ncA2nDwiIqk8PBGxsjdc/W767zOOv7117rwhaGHgrJ2tLxoGWj0uoH3ZVhITP1z gqHXYaehPEELDV36WrSKidTarfThCWW0T3y4bH/mjvqi4ji9emp1/pOWs5/fmd4HpKW+44tD Yt4rSJRSa8lsXnZaEPaeY3nkbWPcy3vX6qafIey5d8dc8Uyaan39WslnJFNEx8cCqJrC77kI vcnl65HaW3y48DezrMDH34t3FsNrSVv5fRQ0mbEed8hbn4jguFAjPt4az1xawSp0YvhzwATJ YmZWRMa3LPx/fAxoolq9cNa0UB3D3jmikWktm+Jnp6aPeQ2Db3C0cDyxcOQY/GASYHY3KNra z8iwS7vULyq1lVhOXg1EeSm+lXQ1Ciz3ub3AhzE4c0ASqRrIHloVHBmh4favY4DEFN19Xw1p 76vBu6QjlsJGjvROW3GRKpLGogQTLslbjCdIYyp3AJq2KkoKxqdeQYm0LZXjtAwtRDbDo71C FxS7i/qfvWJv8ie7bE9A6Wsjn87BTQROnDz4ARAAmPI1e8xB0k23TsEg8O1sBCTXkV8HSEq7 JlWz7SWyM8oFkJqYAB7E1GTXV5UZcr9iurCMKGSTrSu3ermLja4+k0w71pLxws859V+3z1jr nhB3dGzVZEUhCr3EuN0t8eHSLSMyrlPL5qJ11JelnuhToT6535cLOzeTlECc51bp5Xf6/XSx SMQaIU1nDM31R13o98oRPQnvSqOeljc25aflKnVkSfqWSrZmb4b0bcWUFFUKVPfQ5Z6JEcJg Hp7qPXHW7+tJTgmI1iM/BIkDwQ8qe3Wz8R6rfupde+T70NiId1M9w5rdo0JJsjKAPePKOSDo RX1kseJsTZH88wyJ30WuqEqH9zBxif0WtPQUTjz/YgFbmZ8OkB1i+lrBCVHPdcmvathknAxS bXL7j37VmYNyVoXez11zPYm+7LA2rvzP9WxR8bPhJvHLhKGk2kZESiNFzP/E4r4Wo24GT4eh YrDo7GBHN82V4O9JxWZtjpxBBl8bH9PvGWBmOXky7/bP6h96jFu9ZYzVgIkBP3UYW+Pb1a+b w4A83/5ImPwtBrN324bNUxPPqUWNW0ftiR5b81ms/rOcDC/k/VoN1B+IHkXrcBf742VOLID4 YP+CB9GXrwuF5KyQ5zEPCAjlOqZoq1fX/xGSsumfM7d6/OR8lvUPmqHfAzW3s9n4lZOW5Jfx bbkAEQEAAcLBXwQYAQIACQUCTpw8+AIbDAAKCRARe7yAtaYcfPzbD/9WNGVf60oXezNzSVCL hfS36l/zy4iy9H9rUZFmmmlBufWOATjiGAXnn0rr/Jh6Zy9NHuvpe3tyNYZLjB9pHT6mRZX7 Z1vDxeLgMjTv983TQ2hUSlhRSc6e6kGDJyG1WnGQaqymUllCmeC/p9q5m3IRxQrd0skfdN1V AMttRwvipmnMduy5SdNayY2YbhWLQ2wS3XHJ39a7D7SQz+gUQfXgE3pf3FlwbwZhRtVR3z5u aKjxqjybS3Ojimx4NkWjidwOaUVZTqEecBV+QCzi2oDr9+XtEs0m5YGI4v+Y/kHocNBP0myd pF3OoXvcWdTb5atk+OKcc8t4TviKy1WCNujC+yBSq3OM8gbmk6NwCwqhHQzXCibMlVF9hq5a FiJb8p4QKSVyLhM8EM3HtiFqFJSV7F+h+2W0kDyzBGyE0D8z3T+L3MOj3JJJkfCwbEbTpk4f n8zMboekuNruDw1OADRMPlhoWb+g6exBWx/YN4AY9LbE2KuaScONqph5/HvJDsUldcRN3a5V RGIN40QWFVlZvkKIEkzlzqpAyGaRLhXJPv/6tpoQaCQQoSAc5Z9kM/wEd9e2zMeojcWjUXgg oWj8A/wY4UXExGBu+UCzzP/6sQRpBiPFgmqPTytrDo/gsUGqjOudLiHQcMU+uunULYQxVghC syiRa+UVlsKmx1hsEg== Date: Wed, 22 Aug 2018 17:48:28 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: Content-Language: en-US X-TM-AS-GCONF: 00 x-cbid: 18082215-4275-0000-0000-000002ADB416 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 18082215-4276-0000-0000-000037B6B9C3 Message-Id: <219b352b-d5a2-189c-e205-82e7f9ae3d64@de.ibm.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2018-08-22_08:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1807170000 definitions=main-1808220158 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 08/22/2018 05:34 PM, Pierre Morel wrote: > On 22/08/2018 17:11, Christian Borntraeger wrote: >> >> >> On 08/22/2018 01:03 PM, Pierre Morel wrote: >>>> That's interesting. >>>> >>>>> IMHO this quote is quite a half-full half-empty cup one: >>>>> * it mandates the set of usage domains is a subset of the set >>>>> of the control domains, but >>>>> * it speaks of independent controls, namely about the 'usage domain index' >>>>> and the 'control domain index list' and makes the enforcement of the rule >>>>> a job of the administrator (instead of codifying it in the controls). >>>> I'm wondering if a configuration with a usage domain that is not also a >>>> control domain is rejected outright? Anybody tried that? :) >>> >>> Yes, and no it is not. >>> We can use a queue (usage domain) to a AP card for SHA-512 or RSA without >>> having to define the queue as a control domain. >> >> Huh? My HMC allows to add a domain as >> - control only domain >> - control and usage domain. >> >> But I am not able to configure a usage-only domain for my LPAR. That seems to match >> the current code, no? >> > > Yes, it may not be configurable by the HMC but if we start a guest with no control domain it is not a problem to access the hardware through the usage domain. > > I tested this a long time ago, but tested again today to be sure on my LPAR. > > AFAIU adding a control only domain and a control and usage domain > allows say: > control and usage domain 1 > control only domain 2 > > Allow to send a message to domain 2 using queue 1 > > Allow also to send a domain modifying message to domain 1 using queue 1 > > control domain are domain which are controlled So you have changed the code to not automatically make a usage domain a control domain in the bitfield (and you could still use it as a usage domain). Correct? I think this is probably expected. the "usage implies control" seems to be a convention implemented by HMC (lpar) and z/VM but millicode offers the bits to have usage-only domains. As LPAR and z/VM will always enable any usage-domain to also be a control domain we should do the same. > It seems that the HMC enforce the LPARs to have access to their usage domain (AFAIU from Harald)