Hi Herbert,
here is a small patch for the s390 crypto detection.
[PATCH] respect STFL bit for s390 crypto
From: <[email protected]>
For all s390 in-kernel crypto algorithms we check at module
load time whether the CPACF facility bit is on. If the facility
is not enabled we bail out.
Signed-off-by: <[email protected]>
--- ./arch/s390/crypto/crypt_s390.h.stfle
+++ ./arch/s390/crypto/crypt_s390.h
@@ -294,6 +294,10 @@ static inline int crypt_s390_func_availa
unsigned char status[16];
int ret;
+ /* check if CPACF facility (bit 17) is available */
+ if (!(stfl() & 1ULL << (31 - 17)))
+ return 0;
+
switch (func & CRYPT_S390_OP_MASK) {
case CRYPT_S390_KM:
ret = crypt_s390_km(KM_QUERY, &status, NULL, NULL, 0);
On Thu, Jul 10, 2008 at 03:00:43PM +0000, Jan Glauber wrote:
>
> here is a small patch for the s390 crypto detection.
>
> [PATCH] respect STFL bit for s390 crypto
>
> From: <[email protected]>
>
> For all s390 in-kernel crypto algorithms we check at module
> load time whether the CPACF facility bit is on. If the facility
> is not enabled we bail out.
>
> Signed-off-by: <[email protected]>
Thanks Jan, the patch looks harmless enough.
> --- ./arch/s390/crypto/crypt_s390.h.stfle
> +++ ./arch/s390/crypto/crypt_s390.h
> @@ -294,6 +294,10 @@ static inline int crypt_s390_func_availa
> unsigned char status[16];
> int ret;
>
> + /* check if CPACF facility (bit 17) is available */
> + if (!(stfl() & 1ULL << (31 - 17)))
> + return 0;
However, the patch description doesn't exactly tell me what
happens without this check. I mean, does the machine go up
in flames if the check would have bailed :)
That leads to my next question, is this something that must
go into 2.6.26 or can it wait?
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
[PATCH] respect STFL bit for s390 crypto
From: <[email protected]>
Bevore issuing any s390 crypto operation check whether the
CPACF facility is enabled in the facility list. That way a
virtualization layer can prevent usage of the CPACF facility
regardless of the availability of the crypto instructions.
Signed-off-by: <[email protected]>
--- ./arch/s390/crypto/crypt_s390.h.stfle
+++ ./arch/s390/crypto/crypt_s390.h
@@ -294,6 +294,10 @@ static inline int crypt_s390_func_availa
unsigned char status[16];
int ret;
+ /* check if CPACF facility (bit 17) is available */
+ if (!(stfl() & 1ULL << (31 - 17)))
+ return 0;
+
switch (func & CRYPT_S390_OP_MASK) {
case CRYPT_S390_KM:
ret = crypt_s390_km(KM_QUERY, &status, NULL, NULL, 0);
On Fri, 2008-07-11 at 20:29 +0800, Herbert Xu wrote:
> On Thu, Jul 10, 2008 at 03:00:43PM +0000, Jan Glauber wrote:
> >
> > here is a small patch for the s390 crypto detection.
> >
> > [PATCH] respect STFL bit for s390 crypto
> >
> > From: <[email protected]>
> >
> > For all s390 in-kernel crypto algorithms we check at module
> > load time whether the CPACF facility bit is on. If the facility
> > is not enabled we bail out.
> >
> > Signed-off-by: <[email protected]>
>
> Thanks Jan, the patch looks harmless enough.
>
> > --- ./arch/s390/crypto/crypt_s390.h.stfle
> > +++ ./arch/s390/crypto/crypt_s390.h
> > @@ -294,6 +294,10 @@ static inline int crypt_s390_func_availa
> > unsigned char status[16];
> > int ret;
> >
> > + /* check if CPACF facility (bit 17) is available */
> > + if (!(stfl() & 1ULL << (31 - 17)))
> > + return 0;
>
> However, the patch description doesn't exactly tell me what
> happens without this check. I mean, does the machine go up
> in flames if the check would have bailed :)
I see ;- Will resend it with a hopefully better description.
> That leads to my next question, is this something that must
> go into 2.6.26 or can it wait?
It can clearly wait for 2.6.27.
> Cheers,
thanks, Jan
On Fri, Jul 11, 2008 at 06:34:40PM +0000, Jan Glauber wrote:
> [PATCH] respect STFL bit for s390 crypto
>
> From: <[email protected]>
>
> Bevore issuing any s390 crypto operation check whether the
> CPACF facility is enabled in the facility list. That way a
> virtualization layer can prevent usage of the CPACF facility
> regardless of the availability of the crypto instructions.
>
> Signed-off-by: <[email protected]>
Applied to cryptodev-2.6. Thank you!
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt