From: Harald Freudenberger <freude@linux.ibm.com>
To: dengler@linux.ibm.com, ifranzki@linux.ibm.com, fcallies@linux.ibm.com
Cc: linux-s390@vger.kernel.org, herbert@gondor.apana.org.au
Subject: [PATCH v1 00/20] AP bus/zcrypt/pkey/paes no-mem-alloc patches
Date: Sun, 23 Feb 2025 10:54:39 +0100 [thread overview]
Message-ID: <20250223095459.43058-1-freude@linux.ibm.com> (raw)
This series of patches has the goal to open up a do-not-allocate
memory path from the callers of the pkey in-kernel api down to
the crypto cards and back.
The asynch in-kernel cipher implementations (and the s390 PAES
cipher implementations are one of them) may be called in a
context where memory allocations which trigger IO is not acceptable.
So this patch series reworks the AP bus code, the zcrypt layer,
the pkey layer and the pkey handlers to respect this situation
by processing a new parameter xflags (execution hints flags).
There is a flag PKEY_XFLAG_NOMEMALLOC which tells the code to
not allocate memory which may lead to IO operations.
To reach this goal, the actual code changes have been differed.
The zcrypt misc functions which need memory for cprb build
use a pre allocated memory pool for this purpose. The findcard()
functions have one temp memory area preallocated and protected
with a mutex. Some smaller data is not allocated any more but went
to the stack instead. The AP bus also uses a pre-allocated
memory pool for building AP message requests.
Note that the PAES implementation still needs to get reworked
to run the protected key derivation in a real asynchronous way.
However, this rework of AP bus, zcrypt and pkey is the base work
required before reconsidering the PAES implementation.
The patch series starts bottom (AP bus) and goes up the call
chain (PKEY). At any time in the patch stack it should compile.
For easier review I tried to have one logic code change by
each patch and thus keep the patches "small". For the upstream
version I intend to fold them together into only a few commits.
Harald Freudenberger (20):
s390/ap: Move response_type struct into ap_msg struct
s390/ap/zcrypt: Rework AP message buffer allocation
s390/ap: Introduce ap message buffer pool
s390/zcrypt: Rework zcrypt layer to support new flag NOMEMALLOC
s390/zcrypt: Introduce cprb mempool for cca misc functions
s390/zcrypt: Introduce cprb mempool for ep11 misc functions
s390/zcrypt: New zcrypt function zcrypt_device_status_mask_ext2
s390/zcrypt: Introduce pre-allocated device status array for cca misc
s390/zcrypt: Introduce pre-allocated device status array for ep11 misc
s390/zcrypt/pkey: Rework cca findcard() implementation and callers
s390/zcrypt/pkey: Rework ep11 findcard() implementation and callers
s390/zcrypt: Rework cca misc functions kmallocs to use the cprb
mempool
s390/zcrypt: Add small mempool for cca info list entries
s390/zcrypt: Locate ep11_domain_query_info onto the stack instead of
kmalloc
s390/zcrypt: Rework ep11 misc functions to use cprb mempool
s390/zcrypt: Add small mempool for ep11 card info list entries
s390/pkey: Rework CCA pkey handler to use stack for small memory
allocs
s390/pkey: Rework EP11 pkey handler to use stack for small memory
allocs
s390/zcrypt/pkey: Provide and pass xflags within pkey and zcrypt
layers
s390/pkey/crypto: Introduce xflags param for pkey in-kernel API
arch/s390/crypto/paes_s390.c | 2 +-
arch/s390/include/asm/pkey.h | 13 +-
drivers/s390/crypto/ap_bus.c | 71 +++++
drivers/s390/crypto/ap_bus.h | 34 +--
drivers/s390/crypto/pkey_api.c | 50 ++--
drivers/s390/crypto/pkey_base.c | 34 ++-
drivers/s390/crypto/pkey_base.h | 37 ++-
drivers/s390/crypto/pkey_cca.c | 121 ++++----
drivers/s390/crypto/pkey_ep11.c | 106 +++----
drivers/s390/crypto/pkey_pckmo.c | 9 +-
drivers/s390/crypto/pkey_sysfs.c | 4 +-
drivers/s390/crypto/pkey_uv.c | 16 +-
drivers/s390/crypto/zcrypt_api.c | 151 +++++++---
drivers/s390/crypto/zcrypt_api.h | 18 +-
drivers/s390/crypto/zcrypt_ccamisc.c | 343 +++++++++++++++-------
drivers/s390/crypto/zcrypt_ccamisc.h | 41 +--
drivers/s390/crypto/zcrypt_cex4.c | 16 +-
drivers/s390/crypto/zcrypt_ep11misc.c | 385 ++++++++++++++++---------
drivers/s390/crypto/zcrypt_ep11misc.h | 28 +-
drivers/s390/crypto/zcrypt_msgtype50.c | 36 ++-
drivers/s390/crypto/zcrypt_msgtype6.c | 119 ++++----
21 files changed, 988 insertions(+), 646 deletions(-)
--
2.43.0
next reply other threads:[~2025-02-23 9:55 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-23 9:54 Harald Freudenberger [this message]
2025-02-23 9:54 ` [PATCH v1 01/20] s390/ap: Move response_type struct into ap_msg struct Harald Freudenberger
2025-02-24 15:23 ` Holger Dengler
2025-02-25 7:39 ` Holger Dengler
2025-02-25 8:56 ` Harald Freudenberger
2025-02-25 9:22 ` Holger Dengler
2025-02-23 9:54 ` [PATCH v1 02/20] s390/ap/zcrypt: Rework AP message buffer allocation Harald Freudenberger
2025-02-25 8:12 ` Holger Dengler
2025-02-23 9:54 ` [PATCH v1 03/20] s390/ap: Introduce ap message buffer pool Harald Freudenberger
2025-02-25 13:52 ` Holger Dengler
2025-02-23 9:54 ` [PATCH v1 04/20] s390/zcrypt: Rework zcrypt layer to support new flag NOMEMALLOC Harald Freudenberger
2025-02-27 8:21 ` Holger Dengler
2025-02-23 9:54 ` [PATCH v1 05/20] s390/zcrypt: Introduce cprb mempool for cca misc functions Harald Freudenberger
2025-03-03 8:07 ` Holger Dengler
2025-02-23 9:54 ` [PATCH v1 06/20] s390/zcrypt: Introduce cprb mempool for ep11 " Harald Freudenberger
2025-03-03 8:29 ` Holger Dengler
2025-02-23 9:54 ` [PATCH v1 07/20] s390/zcrypt: New zcrypt function zcrypt_device_status_mask_ext2 Harald Freudenberger
2025-02-27 11:34 ` Holger Dengler
2025-02-23 9:54 ` [PATCH v1 08/20] s390/zcrypt: Introduce pre-allocated device status array for cca misc Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 09/20] s390/zcrypt: Introduce pre-allocated device status array for ep11 misc Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 10/20] s390/zcrypt/pkey: Rework cca findcard() implementation and callers Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 11/20] s390/zcrypt/pkey: Rework ep11 " Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 12/20] s390/zcrypt: Rework cca misc functions kmallocs to use the cprb mempool Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 13/20] s390/zcrypt: Add small mempool for cca info list entries Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 14/20] s390/zcrypt: Locate ep11_domain_query_info onto the stack instead of kmalloc Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 15/20] s390/zcrypt: Rework ep11 misc functions to use cprb mempool Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 16/20] s390/zcrypt: Add small mempool for ep11 card info list entries Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 17/20] s390/pkey: Rework CCA pkey handler to use stack for small memory allocs Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 18/20] s390/pkey: Rework EP11 " Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 19/20] s390/zcrypt/pkey: Provide and pass xflags within pkey and zcrypt layers Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 20/20] s390/pkey/crypto: Introduce xflags param for pkey in-kernel API Harald Freudenberger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250223095459.43058-1-freude@linux.ibm.com \
--to=freude@linux.ibm.com \
--cc=dengler@linux.ibm.com \
--cc=fcallies@linux.ibm.com \
--cc=herbert@gondor.apana.org.au \
--cc=ifranzki@linux.ibm.com \
--cc=linux-s390@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox