[PATCH] check for s390 crypto facility availablility

[PATCH] check for s390 crypto facility availablility

[Jan Glauber]

Hi Herbert,

here is a small patch for the s390 crypto detection.

[PATCH] respect STFL bit for s390 crypto

From: <jang@linux.vnet.ibm.com>

For all s390 in-kernel crypto algorithms we check at module
load time whether the CPACF facility bit is on. If the facility
is not enabled we bail out.

Signed-off-by: <jang@linux.vnet.ibm.com>

--- ./arch/s390/crypto/crypt_s390.h.stfle
+++ ./arch/s390/crypto/crypt_s390.h
@@ -294,6 +294,10 @@ static inline int crypt_s390_func_availa
 	unsigned char status[16];
 	int ret;
 
+	/* check if CPACF facility (bit 17) is available */
+	if (!(stfl() & 1ULL << (31 - 17)))
+		return 0;
+
 	switch (func & CRYPT_S390_OP_MASK) {
 	case CRYPT_S390_KM:
 		ret = crypt_s390_km(KM_QUERY, &status, NULL, NULL, 0);

Re: [PATCH] check for s390 crypto facility availablility

[Herbert Xu]

On Thu, Jul 10, 2008 at 03:00:43PM +0000, Jan Glauber wrote:
> 
> here is a small patch for the s390 crypto detection.
> 
> [PATCH] respect STFL bit for s390 crypto
> 
> From: <jang@linux.vnet.ibm.com>
> 
> For all s390 in-kernel crypto algorithms we check at module
> load time whether the CPACF facility bit is on. If the facility
> is not enabled we bail out.
> 
> Signed-off-by: <jang@linux.vnet.ibm.com>

Thanks Jan, the patch looks harmless enough.

> --- ./arch/s390/crypto/crypt_s390.h.stfle
> +++ ./arch/s390/crypto/crypt_s390.h
> @@ -294,6 +294,10 @@ static inline int crypt_s390_func_availa
>  	unsigned char status[16];
>  	int ret;
>  
> +	/* check if CPACF facility (bit 17) is available */
> +	if (!(stfl() & 1ULL << (31 - 17)))
> +		return 0;

However, the patch description doesn't exactly tell me what
happens without this check.  I mean, does the machine go up
in flames if the check would have bailed :)

That leads to my next question, is this something that must
go into 2.6.26 or can it wait?

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] check for s390 crypto facility availablility

[Jan Glauber]

On Fri, 2008-07-11 at 20:29 +0800, Herbert Xu wrote: 
> On Thu, Jul 10, 2008 at 03:00:43PM +0000, Jan Glauber wrote:
> > 
> > here is a small patch for the s390 crypto detection.
> > 
> > [PATCH] respect STFL bit for s390 crypto
> > 
> > From: <jang@linux.vnet.ibm.com>
> > 
> > For all s390 in-kernel crypto algorithms we check at module
> > load time whether the CPACF facility bit is on. If the facility
> > is not enabled we bail out.
> > 
> > Signed-off-by: <jang@linux.vnet.ibm.com>
> 
> Thanks Jan, the patch looks harmless enough.
> 
> > --- ./arch/s390/crypto/crypt_s390.h.stfle
> > +++ ./arch/s390/crypto/crypt_s390.h
> > @@ -294,6 +294,10 @@ static inline int crypt_s390_func_availa
> >  	unsigned char status[16];
> >  	int ret;
> >  
> > +	/* check if CPACF facility (bit 17) is available */
> > +	if (!(stfl() & 1ULL << (31 - 17)))
> > +		return 0;
> 
> However, the patch description doesn't exactly tell me what
> happens without this check.  I mean, does the machine go up
> in flames if the check would have bailed :)

I see ;- Will resend it with a hopefully better description.

> That leads to my next question, is this something that must
> go into 2.6.26 or can it wait?

It can clearly wait for 2.6.27.

> Cheers,

thanks, Jan

Re: [PATCH] check for s390 crypto facility availablility

[Jan Glauber]

[PATCH] respect STFL bit for s390 crypto

From: <jang@linux.vnet.ibm.com>

Bevore issuing any s390 crypto operation check whether the
CPACF facility is enabled in the facility list. That way a
virtualization layer can prevent usage of the CPACF facility
regardless of the availability of the crypto instructions.

Signed-off-by: <jang@linux.vnet.ibm.com>

--- ./arch/s390/crypto/crypt_s390.h.stfle
+++ ./arch/s390/crypto/crypt_s390.h
@@ -294,6 +294,10 @@ static inline int crypt_s390_func_availa
 	unsigned char status[16];
 	int ret;
 
+	/* check if CPACF facility (bit 17) is available */
+	if (!(stfl() & 1ULL << (31 - 17)))
+		return 0;
+
 	switch (func & CRYPT_S390_OP_MASK) {
 	case CRYPT_S390_KM:
 		ret = crypt_s390_km(KM_QUERY, &status, NULL, NULL, 0);

Re: [PATCH] check for s390 crypto facility availablility

[Herbert Xu]

On Fri, Jul 11, 2008 at 06:34:40PM +0000, Jan Glauber wrote:
> [PATCH] respect STFL bit for s390 crypto
> 
> From: <jang@linux.vnet.ibm.com>
> 
> Bevore issuing any s390 crypto operation check whether the
> CPACF facility is enabled in the facility list. That way a
> virtualization layer can prevent usage of the CPACF facility
> regardless of the availability of the crypto instructions.
> 
> Signed-off-by: <jang@linux.vnet.ibm.com>

Applied to cryptodev-2.6.  Thank you!
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt