Received: by 10.223.164.221 with SMTP id h29csp1048160wrb;
        Mon, 16 Oct 2017 17:45:19 -0700 (PDT)
X-Google-Smtp-Source: AOwi7QAC92nuy5fXDiIIJ7kG49jKESPSCduqC1Kn+xZvzQpS1C1vhbqhmT7OAcibU+VZJ89Cwh2u
X-Received: by 10.84.205.70 with SMTP id o6mr10653915plh.350.1508201119544;
        Mon, 16 Oct 2017 17:45:19 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1508201119; cv=none;
        d=google.com; s=arc-20160816;
        b=Krf6BIVQTwi7g9P5OkrDOi6wk6NuZnGMccIldeMfTzDaP5O73niDWNDTU2xr0P5VM7
         fUDLKzuQmEbVDssgX9BjiM8P9X/7DVuRETuVphjezn7CW4uXs3WbLzeaAwdch8smK0TD
         Mk//YJzDbGv7MTcHEH2KyXRq7Cqsr1LTiFToJkbao5t7ymEk+l/XnhpW4rz1z/yx0xUH
         2Lpsn+XiZnBdKtxgjveBOYjEVELx/EQbwKBX+x+93imMiVEEV1pasMpU46Q/zDphvPfR
         CbjiOLAsxYDiHo8COyWEmq8JoFKUpvQuKI+LgOxRlNkpqXyLPYIMWLigrf4QDH/NZgiQ
         1DxQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:content-language
         :content-transfer-encoding:in-reply-to:mime-version:user-agent:date
         :from:references:cc:to:subject:arc-authentication-results;
        bh=eqG7uSkJNg7JStxRkv/7nm1FNa0RqKgHKit4ZVSmAZk=;
        b=c4yHBtfaiY0VwT+hEDg6H7fF1naCGlFe265EtHiCVFuMd4ZWbQszjw3IbB/7+pkylM
         trfjRfjpKQ+p4ybuNQx+JCt9yykYVfh0gUE/9F/MXxewHzRzDJqssvz4W8C9woEMgGxr
         m2LxsxRHFCkV4m7o5G0QrXzFMHImy3yEV/t/ykbixBqMZIrK1KAdt0vqbTgHj1FAFR2U
         k2z+QHP8b2kWeb+dv8Qe+ik6dhKwk17lpgcvcH+Ra+MEK8EjyGl9+DIpQQtDmBmxovUj
         DmNWuHY7hFbtGsMn4OmHWxIXH/0DtOrJ0XW618qsWbRWfOJgrMh+fKNYv4Xbgz0pfEqd
         gqWg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id g13si5074098pfm.247.2017.10.16.17.45.05;
        Mon, 16 Oct 2017 17:45:19 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1755387AbdJPUWT (ORCPT <rfc822;lunatang2017@gmail.com>
        + 99 others); Mon, 16 Oct 2017 16:22:19 -0400
Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:45546 "EHLO
        mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1757324AbdJPUWR (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 16 Oct 2017 16:22:17 -0400
Received: from pps.filterd (m0098404.ppops.net [127.0.0.1])
        by mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v9GKMBbJ045783
        for <linux-kernel@vger.kernel.org>; Mon, 16 Oct 2017 16:22:17 -0400
Received: from e16.ny.us.ibm.com (e16.ny.us.ibm.com [129.33.205.206])
        by mx0a-001b2d01.pphosted.com with ESMTP id 2dmyv138ra-1
        (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT)
        for <linux-kernel@vger.kernel.org>; Mon, 16 Oct 2017 16:22:17 -0400
Received: from localhost
        by e16.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted
        for <linux-kernel@vger.kernel.org> from <akrowiak@linux.vnet.ibm.com>;
        Mon, 16 Oct 2017 16:22:15 -0400
Received: from b01cxnp23034.gho.pok.ibm.com (9.57.198.29)
        by e16.ny.us.ibm.com (146.89.104.203) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted;
        Mon, 16 Oct 2017 16:22:13 -0400
Received: from b01ledav001.gho.pok.ibm.com (b01ledav001.gho.pok.ibm.com [9.57.199.106])
        by b01cxnp23034.gho.pok.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v9GKMB1J41812040;
        Mon, 16 Oct 2017 20:22:11 GMT
Received: from b01ledav001.gho.pok.ibm.com (unknown [127.0.0.1])
        by IMSVA (Postfix) with ESMTP id 5B90B28041;
        Mon, 16 Oct 2017 16:22:04 -0400 (EDT)
Received: from oc8043147753.ibm.com (unknown [9.80.208.215])
        by b01ledav001.gho.pok.ibm.com (Postfix) with ESMTP id B84162803A;
        Mon, 16 Oct 2017 16:22:02 -0400 (EDT)
Subject: Re: [RFC 16/19] KVM: s390: interface to configure KVM guest's AP
 matrix
To:     linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org,
        kvm@vger.kernel.org
Cc:     freude@de.ibm.com, schwidefsky@de.ibm.com,
        heiko.carstens@de.ibm.com, borntraeger@de.ibm.com,
        cohuck@redhat.com, kwankhede@nvidia.com,
        bjsdjshi@linux.vnet.ibm.com, pbonzini@redhat.com,
        alex.williamson@redhat.com, pmorel@linux.vnet.ibm.com,
        alifm@linux.vnet.ibm.com, mjrosato@linux.vnet.ibm.com,
        qemu-s390x@nongnu.org, jjherne@linux.vnet.ibm.com,
        thuth@redhat.com, pasic@linux.vnet.ibm.com
References: <1507916344-3896-1-git-send-email-akrowiak@linux.vnet.ibm.com>
 <1507916344-3896-17-git-send-email-akrowiak@linux.vnet.ibm.com>
From:   Tony Krowiak <akrowiak@linux.vnet.ibm.com>
Date:   Mon, 16 Oct 2017 16:22:09 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.2.0
MIME-Version: 1.0
In-Reply-To: <1507916344-3896-17-git-send-email-akrowiak@linux.vnet.ibm.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-US
X-TM-AS-GCONF: 00
x-cbid: 17101620-0024-0000-0000-000002E39F6C
X-IBM-SpamModules-Scores: 
X-IBM-SpamModules-Versions: BY=3.00007900; HX=3.00000241; KW=3.00000007;
 PH=3.00000004; SC=3.00000236; SDB=6.00932089; UDB=6.00469349; IPR=6.00712380;
 BA=6.00005641; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000;
 ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00017564; XFM=3.00000015;
 UTC=2017-10-16 20:22:15
X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused
x-cbparentid: 17101620-0025-0000-0000-000045C012B1
Message-Id: <b07e83ff-b19a-cacf-0322-c37af0f67f81@linux.vnet.ibm.com>
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2017-10-16_06:,,
 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0
 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam
 adjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000
 definitions=main-1710160284
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 10/13/2017 01:39 PM, Tony Krowiak wrote:
> Provides an interface to assign AP adapters, usage domains
> and control domains to a KVM guest.
>
> A KVM guest is started by executing the Start Interpretive Execution (SIE)
> instruction. The SIE state description is a control block that contains the
> state information for a KVM guest and is supplied as input to the SIE
> instruction. The SIE state description contains a field that references
> a Crypto Control Block (CRYCB). The CRYCB contains three bitmask fields
> identifying the adapters, usage domains and control domains assigned to the
> KVM guest:
>
> * The AP Adapter Matrix (APM) field identifies the AP adapters assigned to
>    the KVM guest
>
> * The AP Queue Matrix (AQM) field identifies the usage domains assigned to
>    the KVM guest
>
> * The AP Domain matrix (ADM) field identifies the control domains
>    assigned to the KVM guest.
>
> Each adapter, usage domain and control domain are identified by a number
> from 0 to 255. The bits in each mask, from left to right, correspond to
> the numbers 0-255. When a bit is set, the corresponding adapter,
> usage domain or control domain will be assigned to the KVM guest.
>
> This patch will set the bits in the APM, AQM and ADM fields of the
> CRYCB referenced by the KVM guest's SIE state description. The process
> used is:
There is a step missing here and is also missing from the code.
By architectural convention, all bits set in the ADM must also
be set in the AQM, but the ADM may have bits set that are not
set in the AQM. In other words, all usage domains are control
domains, but some control domains may not be usage usage domains.
So, the ADM contained in the CRYCB will be set with the bits
resulting from the logical OR of the ADM and AQM configured for
the mediated AP matrix device via its sysfs attributes files.
>
> 1. Perform a logical AND of the AP matrix masks configured for the
>     mediated AP matrix device via its sysfs attributes files with
>     the matrix masks assigned to the LPAR in which the host linux
>     system is running to create the effective masks, EAPM, EAQM and
>     EADM.
>
> 2. Set the APM, AQM and ADM in the CRYCB from the EAPM, EAQM and
>     EADM calculated in step 1.
>
> Signed-off-by: Tony Krowiak <akrowiak@linux.vnet.ibm.com>
> ---
>   arch/s390/include/asm/ap-config.h |    7 ++
>   arch/s390/kvm/ap-config.c         |  144 +++++++++++++++++++++++++++++++++++++
>   2 files changed, 151 insertions(+), 0 deletions(-)
>
> diff --git a/arch/s390/include/asm/ap-config.h b/arch/s390/include/asm/ap-config.h
> index 3064215..866f008 100644
> --- a/arch/s390/include/asm/ap-config.h
> +++ b/arch/s390/include/asm/ap-config.h
> @@ -10,16 +10,23 @@
>   #define _ASM_KVM_AP_CONFIG_H_
>
>   #include <linux/types.h>
> +#include <linux/kvm_host.h>
>
>   #define AP_MATRIX_MAX_MASK_BITS		256
>   #define AP_MATRIX_MASK_INDICES		(AP_MATRIX_MAX_MASK_BITS / \
>   					(sizeof(u64) * 8))
>   #define AP_MATRIX_MAX_MASK_BYTES	(AP_MATRIX_MASK_INDICES * sizeof(u64))
>
> +#define AP_MATRIX_MASK_TYPE_ADAPTER	"adapter"
> +#define AP_MATRIX_MASK_TYPE_DOMAIN	"domain"
> +#define AP_MATRIX_MASK_TYPE_CONTROL	"control domain"
> +
>   struct ap_config_masks {
>   	u64 apm[AP_MATRIX_MASK_INDICES];
>   	u64 aqm[AP_MATRIX_MASK_INDICES];
>   	u64 adm[AP_MATRIX_MASK_INDICES];
>   };
>
> +extern int ap_config_matrix(struct kvm *kvm, struct ap_config_masks *masks);
> +
>   #endif /* _ASM_KVM_AP_CONFIG_H_ */
> diff --git a/arch/s390/kvm/ap-config.c b/arch/s390/kvm/ap-config.c
> index 84fdf43..dc79798 100644
> --- a/arch/s390/kvm/ap-config.c
> +++ b/arch/s390/kvm/ap-config.c
> @@ -7,3 +7,147 @@
>    */
>
>   #include <asm/ap-config.h>
> +#include <asm/ap.h>
> +#include <linux/bitops.h>
> +
> +static inline int is_format2_crycb(struct kvm *kvm)
> +{
> +	int fmt2_mask = kvm->arch.crypto.crycbd & CRYCB_FORMAT2;
> +
> +	return (fmt2_mask == CRYCB_FORMAT2);
> +}
> +
> +static inline u64 *ap_config_get_crycb_apm(struct kvm *kvm)
> +{
> +	u64 *apm;
> +
> +	if (is_format2_crycb(kvm))
> +		apm = kvm->arch.crypto.crycb->apcb1.apm;
> +	else
> +		apm = kvm->arch.crypto.crycb->apcb0.apm;
> +
> +	return apm;
> +}
> +
> +static inline u64 *ap_config_get_crycb_aqm(struct kvm *kvm)
> +{
> +	u64 *aqm;
> +
> +	if (is_format2_crycb(kvm))
> +		aqm = kvm->arch.crypto.crycb->apcb1.aqm;
> +	else
> +		aqm = kvm->arch.crypto.crycb->apcb0.aqm;
> +
> +	return aqm;
> +}
> +
> +static inline u64 *ap_config_get_crycb_adm(struct kvm *kvm)
> +{
> +	u64 *adm;
> +
> +	if (is_format2_crycb(kvm))
> +		adm = kvm->arch.crypto.crycb->apcb1.adm;
> +	else
> +		adm = kvm->arch.crypto.crycb->apcb0.adm;
> +
> +	return adm;
> +}
> +
> +static void ap_config_set_crycb_masks(struct kvm *kvm,
> +				    struct ap_config_masks *masks)
> +{
> +	size_t i;
> +	size_t masksz;
> +	u64 *mask = ap_config_get_crycb_apm(kvm);
> +
> +	masksz = (is_format2_crycb(kvm)) ? APCB1_MASK_SIZE : APCB0_MASK_SIZE;
> +
> +	for (i = 0; i < masksz; i++)
> +		mask[i] = masks->apm[i];
> +
> +	mask = ap_config_get_crycb_aqm(kvm);
> +
> +	for (i = 0; i < masksz; i++)
> +		mask[i] = masks->aqm[i];
> +
> +	mask = ap_config_get_crycb_adm(kvm);
> +
> +	for (i = 0; i < masksz; i++)
> +		mask[i] = masks->adm[i];
> +}
> +
> +static int ap_config_set_emask(const char *mask_type, unsigned long *mask,
> +			       unsigned long *cfgmask)
> +{
> +	unsigned long id;
> +	unsigned long nbits = AP_MATRIX_MAX_MASK_BITS;
> +
> +	id = find_first_bit_inv(mask, nbits);
> +	while (id < nbits) {
> +		if (!test_bit_inv(id, cfgmask)) {
> +			clear_bit_inv(id, mask);
> +			pr_err("%s: %s %02lx is not installed on the host system",
> +			       __func__, mask_type, id);
> +			return -ENODEV;
> +		}
> +
> +		id = find_next_bit_inv(mask, nbits, id + 1);
> +	}
> +
> +	return 0;
> +}
> +
> +static int ap_config_get_emasks(struct ap_config_masks *masks)
> +{
> +	int ret;
> +	struct ap_config_info config;
> +
> +	ret = ap_query_configuration(&config);
> +	if (ret) {
> +		if (ret == -EOPNOTSUPP) {
> +			pr_err("%s: Query AP configuration not supported",
> +			       __func__);
> +
> +			return ret;
> +		}
> +
> +		pr_err("%s: Query AP configuration failed with rc=%d",
> +		       __func__, ret);
> +
> +		return ret;
> +	}
> +
> +	ret = ap_config_set_emask(AP_MATRIX_MASK_TYPE_ADAPTER,
> +				  (unsigned long *)masks->apm,
> +				  (unsigned long *)config.apm);
> +	if (ret)
> +		return ret;
> +
> +	ret = ap_config_set_emask(AP_MATRIX_MASK_TYPE_DOMAIN,
> +				  (unsigned long *)masks->aqm,
> +				  (unsigned long *)config.aqm);
> +	if (ret)
> +		return ret;
> +
> +	ret = ap_config_set_emask(AP_MATRIX_MASK_TYPE_CONTROL,
> +				  (unsigned long *)masks->adm,
> +				  (unsigned long *)config.adm);
> +	if (ret)
> +		return ret;
> +
> +	return 0;
> +}
> +
> +int ap_config_matrix(struct kvm *kvm, struct ap_config_masks *masks)
> +{
> +	int ret;
> +
For the reasons stated earlier in this response, we need to do a
logical OR of the bits in the ADM with those in the AQM here:

size_t i;

for (i = 0; i < AP_MATRIX_MASK_INDICES; i++)
     masks->adm[i] |= masks->aqm[i];
> +	ret = ap_config_get_emasks(masks);
> +	if (ret)
> +		return ret;
> +
> +	ap_config_set_crycb_masks(kvm, masks);
> +
> +	return 0;
> +}
> +EXPORT_SYMBOL(ap_config_matrix);



From 1581165185282263751@xxx Fri Oct 13 17:43:47 +0000 2017
X-GM-THRID: 1581165185282263751
X-Gmail-Labels: Inbox,Category Forums