From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:55046) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e9C5P-0004ya-VI for qemu-devel@nongnu.org; Mon, 30 Oct 2017 11:34:59 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1e9C5K-0007IF-L3 for qemu-devel@nongnu.org; Mon, 30 Oct 2017 11:34:47 -0400 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:39424 helo=mx0a-001b2d01.pphosted.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1e9C5K-0007GO-Cx for qemu-devel@nongnu.org; Mon, 30 Oct 2017 11:34:42 -0400 Received: from pps.filterd (m0098413.ppops.net [127.0.0.1]) by mx0b-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id v9UFY5SM003297 for ; Mon, 30 Oct 2017 11:34:38 -0400 Received: from e33.co.us.ibm.com (e33.co.us.ibm.com [32.97.110.151]) by mx0b-001b2d01.pphosted.com with ESMTP id 2dx64pk5u1-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Mon, 30 Oct 2017 11:34:37 -0400 Received: from localhost by e33.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Mon, 30 Oct 2017 09:34:37 -0600 References: <1507916344-3896-1-git-send-email-akrowiak@linux.vnet.ibm.com> <20171029121122.122412ca.cohuck@redhat.com> From: Tony Krowiak Date: Mon, 30 Oct 2017 11:34:25 -0400 MIME-Version: 1.0 In-Reply-To: Content-Language: en-US Message-Id: <950a0a3b-f02d-bc9d-3edd-c381075f4e2d@linux.vnet.ibm.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [RFC 00/19] KVM: s390/crypto/vfio: guest dedicated crypto adapters List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Christian Borntraeger , Cornelia Huck Cc: linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, freude@de.ibm.com, schwidefsky@de.ibm.com, heiko.carstens@de.ibm.com, kwankhede@nvidia.com, bjsdjshi@linux.vnet.ibm.com, pbonzini@redhat.com, alex.williamson@redhat.com, pmorel@linux.vnet.ibm.com, alifm@linux.vnet.ibm.com, mjrosato@linux.vnet.ibm.com, qemu-s390x@nongnu.org, jjherne@linux.vnet.ibm.com, thuth@redhat.com, pasic@linux.vnet.ibm.com, qemu-devel , Erik Skultety , "Daniel P. Berrange" On 10/30/2017 04:57 AM, Christian Borntraeger wrote: > adding qemu devel and add Daniel and Erik from libvirt to keep them in the loop. > > On 10/29/2017 12:11 PM, Cornelia Huck wrote: >> On Fri, 13 Oct 2017 13:38:45 -0400 >> Tony Krowiak wrote: >> >>> Tony Krowiak (19): >>> KVM: s390: SIE considerations for AP Queue virtualization >>> KVM: s390: refactor crypto initialization >>> s390/zcrypt: new AP matrix bus >>> s390/zcrypt: create an AP matrix device on the AP matrix bus >>> s390/zcrypt: base implementation of AP matrix device driver >>> s390/zcrypt: register matrix device with VFIO mediated device >>> framework >>> KVM: s390: introduce AP matrix configuration interface >>> s390/zcrypt: support for assigning adapters to matrix mdev >>> s390/zcrypt: validate adapter assignment >>> s390/zcrypt: sysfs interfaces supporting AP domain assignment >>> s390/zcrypt: validate domain assignment >>> s390/zcrypt: sysfs support for control domain assignment >>> s390/zcrypt: validate control domain assignment >>> KVM: s390: Connect the AP mediated matrix device to KVM >>> s390/zcrypt: introduce ioctl access to VFIO AP Matrix driver >>> KVM: s390: interface to configure KVM guest's AP matrix >>> KVM: s390: validate input to AP matrix config interface >>> KVM: s390: New ioctl to configure KVM guest's AP matrix >>> s390/facilities: enable AP facilities needed by guest >> I'll try to summarize all of this in my own words, both to make sure I >> understand the design correctly and to give others a different view on >> this. >> >> [I'm completely disregarding control domains here.] >> >> On s390, we have cryptographic coprocessor cards, which are modeled on >> Linux as devices on the AP bus. There's also a concept called domains, >> which means an individual queue of a crypto device is basically a >> (card,domain) tuple. We model this something like the following >> (assuming we have access to cards 3 and 4 and domains 1 and 2): >> >> AP -> card3 -> queue (3,1) >> -> queue (3,2) >> -> card4 -> queue (4,1) >> -> queue (4,2) >> >> (The AP bus is a bit different for backwards compat.) >> >> If we want to virtualize this, we can use a feature provided by the >> hardware. We basically attach a satellite control block to our main >> hardware virtualization control block and the hardware takes care of >> (mostly) everything. >> >> For this control block, we don't specify explicit tuples, but a list of >> cards and a list of domains. The guest will get access to the cross >> product. >> >> Because of this, we need to take care that the lists provided to >> different guests don't overlap; i.e., we need to enforce sane >> configurations. Otherwise, one guest may get access to things like >> secret keys for another guest. >> >> The idea of this patch set is to introduce a new device, the matrix >> device. This matrix device hangs off a different root and acts as the >> node where mdev devices hang off. >> >> If you now want to give the tuples (4,1) and (4,2), you need to do the >> following: >> >> - Unbind the (4,1) and (4,2) tuples from their ap bus driver. >> - Bind the (4,1) and (4,2) tuples to the ap matrix driver. >> - Create the mediated device. >> - Assign card 4 and domains 1 and 2. >> >> QEMU will now simply consume the mediated device and things should work. >> > This is probably the shortest possible summary I can imagine. > Tony can you double check if it matches your understanding as well? > Yes, this is a concise summary of the patch set.