From: Holger Dengler <dengler@linux.ibm.com>
To: Harald Freudenberger <freude@linux.ibm.com>,
ifranzki@linux.ibm.com, fcallies@linux.ibm.com
Cc: linux-s390@vger.kernel.org, herbert@gondor.apana.org.au
Subject: Re: [PATCH v1 03/20] s390/ap: Introduce ap message buffer pool
Date: Tue, 25 Feb 2025 14:52:43 +0100 [thread overview]
Message-ID: <90d1a9a3-c314-4ecc-832b-f346fcf7f94a@linux.ibm.com> (raw)
In-Reply-To: <20250223095459.43058-4-freude@linux.ibm.com>
On 23/02/2025 10:54, Harald Freudenberger wrote:
> There is a need for a do-not-allocate-memory path through the
> ap bus layer. When ap_init_apmsg() with the AP_MSG_FLAG_MEMPOOL
> xflag is called, instead of kmalloc() the ap message buffer is
> allocated from the ap_msg_pool. This pool only holds a limited
> amount of buffers: AP_MSG_POOL_MIN_ITEMS with the item size
> AP_DEFAULT_MAX_MSG_SIZE and exactly one of these items (if available)
> is returned if ap_init_apmsg() with the MEMPOOL flag is called.
> When this pool is exhausted and the MEMPOOL flag is effective,
> ap_init_apmsg() returns -ENOMEM without any attempt to allocate
> memory.
>
> The zcrypt layer may use this flag to indicate to the ap bus
> that the processing path for this message should not allocate
> memory. This is to prevent deadlocks with crypto and io for
> example with encrypted swap volumes.
See my comments below.
The rest looks good to me.
>
> Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
> ---
> drivers/s390/crypto/ap_bus.c | 59 +++++++++++++++++++++++++++-----
> drivers/s390/crypto/ap_bus.h | 3 +-
> drivers/s390/crypto/zcrypt_api.c | 10 +++---
> 3 files changed, 57 insertions(+), 15 deletions(-)
>
> diff --git a/drivers/s390/crypto/ap_bus.c b/drivers/s390/crypto/ap_bus.c
> index 4940eaf538e9..b585b5d11074 100644
> --- a/drivers/s390/crypto/ap_bus.c
> +++ b/drivers/s390/crypto/ap_bus.c
[...]
> @@ -546,16 +562,27 @@ static void ap_poll_thread_stop(void)
> #define is_card_dev(x) ((x)->parent == ap_root_device)
> #define is_queue_dev(x) ((x)->parent != ap_root_device)
>
> -/**
> +/*
What is the reason for mixing coding styles?
> * ap_init_apmsg() - Initialize ap_message.
> - * Initialize a message before using. Otherwise this might result in
> - * unexpected behaviour.
> + * Initialize struct ap_message and allocate buffer to construct
> + * the ap message.
> */
> -int ap_init_apmsg(struct ap_message *ap_msg)
> +int ap_init_apmsg(struct ap_message *ap_msg, u32 xflags)
The xflags function parameter is very confusing (here and also in all other APIs too), because it allows to set some, but not all flags in ap_msg-flags. Why not using `bool alloc`? If you will keep the more flexible interface, please add another xflags element to struct ap_message. There is nothing in common between the ap_msg->flags and xflags, beside they're both named "flags".
> {
> - unsigned int maxmsgsize = atomic_read(&ap_max_msg_size);
> + unsigned int maxmsgsize;
>
> memset(ap_msg, 0, sizeof(*ap_msg));
> +
> + if (xflags & AP_MSG_FLAG_MEMPOOL) {
> + ap_msg->msg = mempool_alloc_preallocated(ap_msg_pool);
> + if (!ap_msg->msg)
> + return -ENOMEM;
> + ap_msg->bufsize = AP_DEFAULT_MAX_MSG_SIZE;
> + ap_msg->flags |= AP_MSG_FLAG_MEMPOOL;
> + return 0;
> + }
> +
> + maxmsgsize = atomic_read(&ap_max_msg_size);
> ap_msg->msg = kmalloc(maxmsgsize, GFP_KERNEL);
> if (!ap_msg->msg)
> return -ENOMEM;
> @@ -565,14 +592,18 @@ int ap_init_apmsg(struct ap_message *ap_msg)
> }
> EXPORT_SYMBOL(ap_init_apmsg);
>
> -/**
> +/*
???
> * ap_release_apmsg() - Release ap_message.
> - * Releases all memory used internal within the ap_message struct
> - * Currently this is the message and private field.
> + * Cleanup struct ap_message and release all memory held.
> */
> void ap_release_apmsg(struct ap_message *ap_msg)
> {
> - kfree_sensitive(ap_msg->msg);
> + if (ap_msg->flags & AP_MSG_FLAG_MEMPOOL) {
> + memzero_explicit(ap_msg->msg, ap_msg->bufsize);
> + mempool_free(ap_msg->msg, ap_msg_pool);
> + } else {
> + kfree_sensitive(ap_msg->msg);
> + }
> }
> EXPORT_SYMBOL(ap_release_apmsg);
>
[...]
--
Mit freundlichen Grüßen / Kind regards
Holger Dengler
--
IBM Systems, Linux on IBM Z Development
dengler@linux.ibm.com
next prev parent reply other threads:[~2025-02-25 13:52 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-23 9:54 [PATCH v1 00/20] AP bus/zcrypt/pkey/paes no-mem-alloc patches Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 01/20] s390/ap: Move response_type struct into ap_msg struct Harald Freudenberger
2025-02-24 15:23 ` Holger Dengler
2025-02-25 7:39 ` Holger Dengler
2025-02-25 8:56 ` Harald Freudenberger
2025-02-25 9:22 ` Holger Dengler
2025-02-23 9:54 ` [PATCH v1 02/20] s390/ap/zcrypt: Rework AP message buffer allocation Harald Freudenberger
2025-02-25 8:12 ` Holger Dengler
2025-02-23 9:54 ` [PATCH v1 03/20] s390/ap: Introduce ap message buffer pool Harald Freudenberger
2025-02-25 13:52 ` Holger Dengler [this message]
2025-02-23 9:54 ` [PATCH v1 04/20] s390/zcrypt: Rework zcrypt layer to support new flag NOMEMALLOC Harald Freudenberger
2025-02-27 8:21 ` Holger Dengler
2025-02-23 9:54 ` [PATCH v1 05/20] s390/zcrypt: Introduce cprb mempool for cca misc functions Harald Freudenberger
2025-03-03 8:07 ` Holger Dengler
2025-02-23 9:54 ` [PATCH v1 06/20] s390/zcrypt: Introduce cprb mempool for ep11 " Harald Freudenberger
2025-03-03 8:29 ` Holger Dengler
2025-02-23 9:54 ` [PATCH v1 07/20] s390/zcrypt: New zcrypt function zcrypt_device_status_mask_ext2 Harald Freudenberger
2025-02-27 11:34 ` Holger Dengler
2025-02-23 9:54 ` [PATCH v1 08/20] s390/zcrypt: Introduce pre-allocated device status array for cca misc Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 09/20] s390/zcrypt: Introduce pre-allocated device status array for ep11 misc Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 10/20] s390/zcrypt/pkey: Rework cca findcard() implementation and callers Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 11/20] s390/zcrypt/pkey: Rework ep11 " Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 12/20] s390/zcrypt: Rework cca misc functions kmallocs to use the cprb mempool Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 13/20] s390/zcrypt: Add small mempool for cca info list entries Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 14/20] s390/zcrypt: Locate ep11_domain_query_info onto the stack instead of kmalloc Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 15/20] s390/zcrypt: Rework ep11 misc functions to use cprb mempool Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 16/20] s390/zcrypt: Add small mempool for ep11 card info list entries Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 17/20] s390/pkey: Rework CCA pkey handler to use stack for small memory allocs Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 18/20] s390/pkey: Rework EP11 " Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 19/20] s390/zcrypt/pkey: Provide and pass xflags within pkey and zcrypt layers Harald Freudenberger
2025-02-23 9:54 ` [PATCH v1 20/20] s390/pkey/crypto: Introduce xflags param for pkey in-kernel API Harald Freudenberger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=90d1a9a3-c314-4ecc-832b-f346fcf7f94a@linux.ibm.com \
--to=dengler@linux.ibm.com \
--cc=fcallies@linux.ibm.com \
--cc=freude@linux.ibm.com \
--cc=herbert@gondor.apana.org.au \
--cc=ifranzki@linux.ibm.com \
--cc=linux-s390@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox