From: Cornelia Huck <cohuck@redhat.com>
To: Tony Krowiak <akrowiak@linux.ibm.com>
Cc: Pierre Morel <pmorel@linux.ibm.com>,
Tony Krowiak <akrowiak@linux.vnet.ibm.com>,
linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org,
kvm@vger.kernel.org, freude@de.ibm.com, schwidefsky@de.ibm.com,
heiko.carstens@de.ibm.com, borntraeger@de.ibm.com,
kwankhede@nvidia.com, bjsdjshi@linux.vnet.ibm.com,
pbonzini@redhat.com, alex.williamson@redhat.com,
pmorel@linux.vnet.ibm.com, alifm@linux.vnet.ibm.com,
mjrosato@linux.vnet.ibm.com, jjherne@linux.vnet.ibm.com,
thuth@redhat.com, pasic@linux.vnet.ibm.com, berrange@redhat.com,
fiuczy@linux.vnet.ibm.com, buendgen@de.ibm.com,
frankja@linux.ibm.com
Subject: Re: [PATCH v8 17/22] s390: vfio-ap: zeroize the AP queues.
Date: Mon, 13 Aug 2018 08:57:55 +0200 [thread overview]
Message-ID: <20180813085755.6ad962fb.cohuck@redhat.com> (raw)
In-Reply-To: <14983b58-f53b-8bd9-179e-29b9a69c21d8@linux.ibm.com>
On Fri, 10 Aug 2018 12:24:47 -0400
Tony Krowiak <akrowiak@linux.ibm.com> wrote:
> On 08/10/2018 07:16 AM, Cornelia Huck wrote:
> > On Fri, 10 Aug 2018 12:49:08 +0200
> > Pierre Morel <pmorel@linux.ibm.com> wrote:
> >
> >> On 10/08/2018 11:14, Cornelia Huck wrote:
> >>> On Wed, 8 Aug 2018 10:44:27 -0400
> >>> Tony Krowiak <akrowiak@linux.vnet.ibm.com> wrote:
> >>>
> >>>> From: Tony Krowiak <akrowiak@linux.ibm.com>
> >>>>
> >>>> Let's call PAPQ(ZAPQ) to zeroize a queue:
> >>>>
> >>>> * For each queue configured for a mediated matrix device
> >>>> when it is released.
> >>>>
> >>>> Zeroizing a queue resets the queue, clears all pending
> >>>> messages for the queue entries and disables adapter interruptions
> >>>> associated with the queue.
> >>>>
> >>>> Signed-off-by: Tony Krowiak <akrowiak@linux.ibm.com>
> >>>> Reviewed-by: Halil Pasic <pasic@linux.ibm.com>
> >>>> Tested-by: Michael Mueller <mimu@linux.ibm.com>
> >>>> Tested-by: Farhan Ali <alifm@linux.ibm.com>
> >>>> Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
> >>>> ---
> >>>> drivers/s390/crypto/vfio_ap_ops.c | 29 ++++++++++++++++++++++++++++-
> >>>> drivers/s390/crypto/vfio_ap_private.h | 25 +++++++++++++++++++++++++
> >>>> 2 files changed, 53 insertions(+), 1 deletions(-)
> >>>>
> >>>> @@ -788,7 +812,10 @@ static void vfio_ap_mdev_release(struct mdev_device *mdev)
> >>>> {
> >>>> struct ap_matrix_mdev *matrix_mdev = mdev_get_drvdata(mdev);
> >>>>
> >>>> - kvm_arch_crypto_clear_masks(matrix_mdev->kvm);
> >>>> + if (matrix_mdev->kvm)
> >>>> + kvm_arch_crypto_clear_masks(matrix_mdev->kvm);
> >>> Confused. Why is the check for matrix_mdev->kvm added here?
> >> When using the KVM notifier we can get two notifications:
> >> -> KVM is here / is comming
> >> -> KVM is not here / disappearing
> >>
> >> In the first case we initialize matrix_mdev->kvm with a pointer to KVM
> >> In the second case we nullify the pointer.
> >>
> >> During the open of the mediated device, the guest should have been started
> >> or we refuse to start.
> >>
> >> During the close of the mediated device, the guest should be there, but
> >> we have no certitude that the guest did not disappear before the VFIO
> >> file being closed.
> >> Since we do not allow multiple guests using the same mediated device
> >> this case should not happen with QEMU. But I am not sure that
> >> a rogue user program could not stop KVM before closing the VFIO
> >> mediated device.
> > I'm not sure why the check is introduced in this patch, though. But
> > maybe I just need weekend :)
>
> Good catch, it belongs in patch 15 where the function is introduced.
> Is that the only reason for your objection?
Yes, this is what confused me. Moving this to patch 15 sounds like a
good idea :)
>
> >
> >> Maybe Alex can confirm this point, if not we can remove the test.
>
>
next prev parent reply other threads:[~2018-08-13 6:57 UTC|newest]
Thread overview: 62+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-08-08 14:44 [PATCH v8 00/22] vfio-ap: guest dedicated crypto adapters Tony Krowiak
2018-08-08 14:44 ` [PATCH v8 01/22] s390/zcrypt: Add ZAPQ inline function Tony Krowiak
2018-08-08 14:44 ` [PATCH v8 02/22] s390/zcrypt: Review inline assembler constraints Tony Krowiak
2018-08-08 14:44 ` [PATCH v8 03/22] s390/zcrypt: Show load of cards and queues in sysfs Tony Krowiak
2018-08-08 14:44 ` [PATCH v8 04/22] s390/zcrypt: Integrate ap_asm.h into include/asm/ap.h Tony Krowiak
2018-08-09 9:06 ` Cornelia Huck
2018-08-09 9:17 ` Harald Freudenberger
2018-08-09 13:45 ` Harald Freudenberger
2018-08-09 13:45 ` Harald Freudenberger
2018-08-09 16:06 ` Tony Krowiak
2018-08-10 8:49 ` Cornelia Huck
2018-08-10 9:37 ` Harald Freudenberger
2018-08-10 15:53 ` Tony Krowiak
2018-08-10 15:50 ` Tony Krowiak
2018-08-09 15:18 ` Tony Krowiak
2018-08-09 15:43 ` Heiko Carstens
2018-08-09 16:55 ` Tony Krowiak
2018-08-13 9:24 ` Harald Freudenberger
2018-08-13 9:24 ` Harald Freudenberger
2018-08-13 9:34 ` Cornelia Huck
2018-08-08 14:44 ` [PATCH v8 05/22] KVM: s390: vsie: simulate VCPU SIE entry/exit Tony Krowiak
2018-08-08 14:44 ` [PATCH v8 06/22] KVM: s390: introduce and use KVM_REQ_VSIE_RESTART Tony Krowiak
2018-08-08 14:44 ` [PATCH v8 07/22] KVM: s390: refactor crypto initialization Tony Krowiak
2018-08-09 5:58 ` Janosch Frank
2018-08-10 16:13 ` Tony Krowiak
2018-08-09 8:25 ` David Hildenbrand
2018-08-09 19:54 ` Tony Krowiak
2018-08-08 14:44 ` [PATCH v8 08/22] s390: vfio-ap: base implementation of VFIO AP device driver Tony Krowiak
2018-08-09 10:12 ` Cornelia Huck
2018-08-08 14:44 ` [PATCH v8 09/22] s390: vfio-ap: register matrix device with VFIO mdev framework Tony Krowiak
2018-08-09 11:06 ` Cornelia Huck
2018-08-09 16:27 ` Pierre Morel
2018-08-10 8:59 ` Cornelia Huck
2018-08-08 14:44 ` [PATCH v8 10/22] s390: vfio-ap: sysfs interfaces to configure adapters Tony Krowiak
2018-08-08 14:44 ` [PATCH v8 11/22] s390: vfio-ap: sysfs interfaces to configure domains Tony Krowiak
2018-08-08 14:44 ` [PATCH v8 12/22] s390: vfio-ap: sysfs interfaces to configure control domains Tony Krowiak
2018-08-08 14:44 ` [PATCH v8 13/22] s390: vfio-ap: sysfs interface to view matrix mdev matrix Tony Krowiak
2018-08-08 14:44 ` [PATCH v8 14/22] KVM: s390: interfaces to clear CRYCB masks Tony Krowiak
2018-08-08 14:44 ` [PATCH v8 15/22] s390: vfio-ap: implement mediated device open callback Tony Krowiak
2018-08-08 14:44 ` [PATCH v8 16/22] s390: vfio-ap: implement VFIO_DEVICE_GET_INFO ioctl Tony Krowiak
2018-08-08 14:44 ` [PATCH v8 17/22] s390: vfio-ap: zeroize the AP queues Tony Krowiak
2018-08-10 9:14 ` Cornelia Huck
2018-08-10 10:49 ` Pierre Morel
2018-08-10 11:16 ` Cornelia Huck
2018-08-10 16:24 ` Tony Krowiak
2018-08-13 6:57 ` Cornelia Huck [this message]
2018-08-08 14:44 ` [PATCH v8 18/22] s390: vfio-ap: implement VFIO_DEVICE_RESET ioctl Tony Krowiak
2018-08-08 14:44 ` [PATCH v8 19/22] KVM: s390: Clear Crypto Control Block when using vSIE Tony Krowiak
2018-08-09 8:10 ` David Hildenbrand
2018-08-09 8:50 ` Pierre Morel
2018-08-09 8:57 ` Pierre Morel
2018-08-08 14:44 ` [PATCH v8 20/22] KVM: s390: Handling of Cypto control block in VSIE Tony Krowiak
2018-08-09 6:20 ` Janosch Frank
2018-08-09 7:33 ` Pierre Morel
2018-08-08 14:44 ` [PATCH v8 21/22] KVM: s390: CPU model support for AP virtualization Tony Krowiak
2018-08-09 8:17 ` David Hildenbrand
2018-08-09 8:34 ` Harald Freudenberger
2018-08-09 20:27 ` Tony Krowiak
2018-08-08 14:44 ` [PATCH v8 22/22] s390: doc: detailed specifications " Tony Krowiak
2018-08-08 15:06 ` [PATCH v8 00/22] vfio-ap: guest dedicated crypto adapters Janosch Frank
2018-08-08 16:25 ` Cornelia Huck
2018-08-08 22:52 ` Tony Krowiak
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180813085755.6ad962fb.cohuck@redhat.com \
--to=cohuck@redhat.com \
--cc=akrowiak@linux.ibm.com \
--cc=akrowiak@linux.vnet.ibm.com \
--cc=alex.williamson@redhat.com \
--cc=alifm@linux.vnet.ibm.com \
--cc=berrange@redhat.com \
--cc=bjsdjshi@linux.vnet.ibm.com \
--cc=borntraeger@de.ibm.com \
--cc=buendgen@de.ibm.com \
--cc=fiuczy@linux.vnet.ibm.com \
--cc=frankja@linux.ibm.com \
--cc=freude@de.ibm.com \
--cc=heiko.carstens@de.ibm.com \
--cc=jjherne@linux.vnet.ibm.com \
--cc=kvm@vger.kernel.org \
--cc=kwankhede@nvidia.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=mjrosato@linux.vnet.ibm.com \
--cc=pasic@linux.vnet.ibm.com \
--cc=pbonzini@redhat.com \
--cc=pmorel@linux.ibm.com \
--cc=pmorel@linux.vnet.ibm.com \
--cc=schwidefsky@de.ibm.com \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.