From: Pierre Morel <pmorel@linux.vnet.ibm.com>
To: David Hildenbrand <david@redhat.com>,
Tony Krowiak <akrowiak@linux.vnet.ibm.com>,
qemu-devel@nongnu.org
Cc: qemu-s390x@nongnu.org, schwidefsky@de.ibm.com,
heiko.carstens@de.ibm.com, borntraeger@de.ibm.com,
cohuck@redhat.com, bjsdjshi@linux.vnet.ibm.com,
alifm@linux.vnet.ibm.com, mjrosato@linux.vnet.ibm.com,
jjherne@linux.vnet.ibm.com, pasic@linux.vnet.ibm.com,
eskultet@redhat.com, berrange@redhat.com,
alex.williamson@redhat.com, eric.auger@redhat.com,
pbonzini@redhat.com, peter.maydell@linaro.org, agraf@suse.de,
rth@twiddle.net
Subject: Re: [Qemu-devel] [PATCH v2 0/5] s390x: vfio-ap: guest dedicated crypto adapters
Date: Wed, 7 Mar 2018 11:22:47 +0100 [thread overview]
Message-ID: <82740dc5-7213-62b3-5b1c-37e287c31d60@linux.vnet.ibm.com> (raw)
In-Reply-To: <4b9bb4fd-d34e-9f46-5414-d6c14e9a6ce8@redhat.com>
On 06/03/2018 18:10, David Hildenbrand wrote:
>> If L2 forward devices to L3 through SIE ECA.28 but no bit is set is in
>> the CRYCB of L2,
>> L3 will not see any device.
> Exactly and this is the problem: How should L2 know that these devices
> are special and cannot be forwarded.
>
>>> This is what we call the nightmare of nested virtualization (see x86),
>>> because we have to emulate L3 instructions in L1 - but even worse, not
>>> even in L1 kernel space but in L1 user space.
>> As soon as one level begin to virtualize, all levels under it
>> must virtualize too so that L3 instructions will be handled in L2
>> which will issue instructions that will be handled in L1.
> By virtualize I assume you mean emulate? If so, yes.
>
>>> So we could never provide the AP feature reliably with the SIE feature.
>> I think we should change a little this sentence to:
>> We can not provide SIE interpretation to a guest from which
>> any guest level N-1 does not use SIE interpretation.
> Exactly, and as said, there is no way to tell a guest that it has AP but
> cannot use AP interpretation but has to intercept and handle manually.
vSIE must clear ECA28 during running of the guest if the host itself do
not have ECA28 set.
Since ECA28 set for the host means AP instructions available for the host
then we can sum it up by: vSIE should never set ECA28 in the shadow SIE
if no AP instructions available.
Pierre
>
>> Nothing bad will occur for the host, the hardware or other guests,
>> but the guest will just not get any device.
>>
>>> We want to avoid interdependence between CPU features. (because
>>> everything else makes CPU feature detection ugly - CMMA is a good
>>> example and the only exception so far)
>>>
>>>
>>> Long story even shorter:
>>>
>>> No emulated AP devices with KVM.
>>>
>> I agree with: KVM should never set bits in CRYCB for emulated devices.
> I think this is stronger: emulated AP devices should not be used with
> KVM because it can potentially lead to architectural (v)SIE conflicts.
>
> But the details are buried in some AP documentation not accessible to me.
>
> Anyhow, if the scenario I described cannot be worked around via:
>
> a) telling a guest that AP virtualization cannot be used - which doesn't
> seem to be possible
> b) provoking for selected devices a SIE exit when an AP instruction is
> executed on these devices - and this is totally fine with the documented
> AP architecture
>
> I assume we would have to live with !emualted AP devices.
>
--
Pierre Morel
Linux/KVM/QEMU in Böblingen - Germany
next prev parent reply other threads:[~2018-03-07 10:23 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-27 15:44 [Qemu-devel] [PATCH v2 0/5] s390x: vfio-ap: guest dedicated crypto adapters Tony Krowiak
2018-02-27 15:44 ` [Qemu-devel] [PATCH v2 1/5] s390: doc: detailed specifications for AP virtualization Tony Krowiak
2018-02-27 15:44 ` [Qemu-devel] [PATCH v2 2/5] s390x/ap: base Adjunct Processor (AP) object Tony Krowiak
2018-02-27 15:44 ` [Qemu-devel] [PATCH v2 3/5] s390x/vfio: ap: VFIO: linux header updates Tony Krowiak
2018-02-27 15:44 ` [Qemu-devel] [PATCH v2 4/5] s390x/vfio: ap: Introduce VFIO AP device Tony Krowiak
2018-02-27 17:04 ` Cornelia Huck
2018-02-27 19:59 ` Tony Krowiak
2018-02-27 15:44 ` [Qemu-devel] [PATCH v2 5/5] s390x/cpumodel: Set up CPU model for AP device support Tony Krowiak
2018-02-27 16:27 ` Cornelia Huck
2018-02-27 16:49 ` Halil Pasic
2018-02-27 17:56 ` David Hildenbrand
2018-02-27 18:19 ` Tony Krowiak
2018-02-27 18:14 ` Tony Krowiak
2018-02-27 17:52 ` David Hildenbrand
2018-02-27 18:14 ` Halil Pasic
2018-02-28 10:30 ` David Hildenbrand
2018-02-27 18:55 ` Tony Krowiak
2018-02-28 10:26 ` David Hildenbrand
2018-02-28 11:40 ` Cornelia Huck
2018-03-01 14:12 ` Pierre Morel
2018-03-01 14:36 ` David Hildenbrand
2018-03-01 15:49 ` Halil Pasic
2018-03-02 19:36 ` Tony Krowiak
2018-03-05 21:22 ` Tony Krowiak
2018-03-06 17:15 ` David Hildenbrand
2018-03-07 10:09 ` Pierre Morel
2018-03-07 14:41 ` Cornelia Huck
2018-03-07 16:40 ` Pierre Morel
2018-03-08 14:05 ` Tony Krowiak
2018-03-02 16:07 ` Tony Krowiak
2018-02-27 15:54 ` [Qemu-devel] [PATCH v2 0/5] s390x: vfio-ap: guest dedicated crypto adapters no-reply
2018-03-06 10:01 ` David Hildenbrand
2018-03-06 16:53 ` Pierre Morel
2018-03-06 17:10 ` David Hildenbrand
2018-03-07 10:22 ` Pierre Morel [this message]
2018-03-07 14:27 ` Christian Borntraeger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=82740dc5-7213-62b3-5b1c-37e287c31d60@linux.vnet.ibm.com \
--to=pmorel@linux.vnet.ibm.com \
--cc=agraf@suse.de \
--cc=akrowiak@linux.vnet.ibm.com \
--cc=alex.williamson@redhat.com \
--cc=alifm@linux.vnet.ibm.com \
--cc=berrange@redhat.com \
--cc=bjsdjshi@linux.vnet.ibm.com \
--cc=borntraeger@de.ibm.com \
--cc=cohuck@redhat.com \
--cc=david@redhat.com \
--cc=eric.auger@redhat.com \
--cc=eskultet@redhat.com \
--cc=heiko.carstens@de.ibm.com \
--cc=jjherne@linux.vnet.ibm.com \
--cc=mjrosato@linux.vnet.ibm.com \
--cc=pasic@linux.vnet.ibm.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu-s390x@nongnu.org \
--cc=rth@twiddle.net \
--cc=schwidefsky@de.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).