From: Halil Pasic <pasic@linux.ibm.com>
To: Cornelia Huck <cohuck@redhat.com>
Cc: Vasily Gorbik <gor@linux.ibm.com>,
linux-s390@vger.kernel.org, Thomas Huth <thuth@redhat.com>,
Claudio Imbrenda <imbrenda@linux.ibm.com>,
kvm@vger.kernel.org, Sebastian Ott <sebott@linux.ibm.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
Farhan Ali <alifm@linux.ibm.com>,
Eric Farman <farman@linux.ibm.com>,
virtualization@lists.linux-foundation.org,
Christoph Hellwig <hch@infradead.org>,
Martin Schwidefsky <schwidefsky@de.ibm.com>,
Viktor Mihajlovski <mihajlov@linux.ibm.com>,
Janosch Frank <frankja@linux.ibm.com>
Subject: Re: [PATCH 00/10] s390: virtio: support protected virtualization
Date: Sat, 4 May 2019 15:58:12 +0200 [thread overview]
Message-ID: <20190504155812.1f7e55c0.pasic@linux.ibm.com> (raw)
In-Reply-To: <20190503115511.17a1f6d1.cohuck@redhat.com>
On Fri, 3 May 2019 11:55:11 +0200
Cornelia Huck <cohuck@redhat.com> wrote:
> On Fri, 26 Apr 2019 20:32:35 +0200
> Halil Pasic <pasic@linux.ibm.com> wrote:
>
> > Enhanced virtualization protection technology may require the use of
> > bounce buffers for I/O. While support for this was built into the virtio
> > core, virtio-ccw wasn't changed accordingly.
> >
> > Some background on technology (not part of this series) and the
> > terminology used.
> >
> > * Protected Virtualization (PV):
> >
> > Protected Virtualization guarantees, that non-shared memory of a guest
> > that operates in PV mode private to that guest. I.e. any attempts by the
> > hypervisor or other guests to access it will result in an exception. If
> > supported by the environment (machine, KVM, guest VM) a guest can decide
> > to change into PV mode by doing the appropriate ultravisor calls. Unlike
> > some other enhanced virtualization protection technology,
>
> I think that sentence misses its second part?
>
I wanted to kill the whole sentence, but killed only a part of
it. :( Sorry. If any, the sentence had only significance for judging how
well inherited some names fit.
> >
> > * Ultravisor:
> >
> > A hardware/firmware entity that manages PV guests, and polices access to
> > their memory. A PV guest prospect needs to interact with the ultravisor,
> > to enter PV mode, and potentially to share pages (for I/O which should
> > be encrypted by the guest). A guest interacts with the ultravisor via so
> > called ultravisor calls. A hypervisor needs to interact with the
> > ultravisor to facilitate interpretation, emulation and swapping. A
> > hypervisor interacts with the ultravisor via ultravisor calls and via
> > the SIE state description. Generally the ultravisor sanitizes hypervisor
> > inputs so that the guest can not be corrupted (except for denial of
> > service.
> >
> >
> > What needs to be done
> > =====================
> >
> > Thus what needs to be done to bring virtio-ccw up to speed with respect
> > to protected virtualization is:
> > * use some 'new' common virtio stuff
>
> Doing this makes sense regardless of the protected virtualization use
> case, and I think we should go ahead and merge those patches for 5.2.
>
I agree.
> > * make sure that virtio-ccw specific stuff uses shared memory when
> > talking to the hypervisor (except control/communication blocks like ORB,
> > these are handled by the ultravisor)
>
> TBH, I'm still a bit hazy on what needs to use shared memory and what
> doesn't.
>
It is all in the code :). To have complete and definitive answers here
we would need some sort of public UV architecture.
> > * make sure the DMA API does what is necessary to talk through shared
> > memory if we are a protected virtualization guest.
> > * make sure the common IO layer plays along as well (airqs, sense).
> >
> >
> > Important notes
> > ================
> >
> > * This patch set is based on Martins features branch
> > (git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux.git branch
> > 'features').
> >
> > * Documentation is still very sketchy. I'm committed to improving this,
> > but I'm currently hampered by some dependencies currently.
>
> I understand, but I think this really needs more doc; also for people
> who want to understand the code in the future.
>
> Unfortunately lack of doc also hampers others in reviewing this :/
>
I'm not sure how much can we do on the doc front. Without a complete
architecture, one basically needs to trust the guys with access to the
architecture.
Many thanks for your feedback. Regards,
Halil
[..]
prev parent reply other threads:[~2019-05-04 13:58 UTC|newest]
Thread overview: 88+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-26 18:32 [PATCH 00/10] s390: virtio: support protected virtualization Halil Pasic
2019-04-26 18:32 ` [PATCH 01/10] virtio/s390: use vring_create_virtqueue Halil Pasic
[not found] ` <20190503111724.70c6ec37.cohuck@redhat.com>
2019-05-03 20:04 ` Michael S. Tsirkin
2019-05-04 14:03 ` Halil Pasic
2019-05-05 11:15 ` Cornelia Huck
2019-05-07 13:58 ` Christian Borntraeger
2019-05-08 20:12 ` Halil Pasic
2019-05-10 14:07 ` Cornelia Huck
2019-05-12 16:47 ` Michael S. Tsirkin
2019-05-13 9:52 ` Cornelia Huck
2019-05-13 12:27 ` Michael Mueller
2019-05-13 12:29 ` Cornelia Huck
2019-04-26 18:32 ` [PATCH 02/10] virtio/s390: DMA support for virtio-ccw Halil Pasic
2019-04-26 18:32 ` [PATCH 03/10] virtio/s390: enable packed ring Halil Pasic
[not found] ` <20190503114450.2512b121.cohuck@redhat.com>
2019-05-05 15:13 ` Thomas Huth
2019-04-26 18:32 ` [PATCH 04/10] s390/mm: force swiotlb for protected virtualization Halil Pasic
2019-04-26 19:27 ` Christoph Hellwig
2019-04-29 13:59 ` Halil Pasic
2019-04-29 14:05 ` Christian Borntraeger
2019-05-13 12:50 ` Michael Mueller
2019-05-08 13:15 ` Claudio Imbrenda
2019-05-09 22:34 ` Halil Pasic
2019-05-15 14:15 ` Michael Mueller
[not found] ` <ad23f5e7-dc78-04af-c892-47bbc65134c6@linux.ibm.com>
2019-05-09 18:05 ` Jason J. Herne
2019-05-10 7:49 ` Claudio Imbrenda
2019-04-26 18:32 ` [PATCH 05/10] s390/cio: introduce DMA pools to cio Halil Pasic
2019-05-08 13:18 ` Sebastian Ott
2019-05-08 21:22 ` Halil Pasic
2019-05-09 8:40 ` Sebastian Ott
2019-05-09 10:11 ` Cornelia Huck
2019-05-09 22:11 ` Halil Pasic
2019-05-10 14:10 ` Cornelia Huck
2019-05-12 18:22 ` Halil Pasic
2019-05-13 13:29 ` Cornelia Huck
2019-05-15 17:12 ` Halil Pasic
2019-05-16 6:13 ` Cornelia Huck
2019-05-16 13:59 ` Sebastian Ott
2019-05-20 12:13 ` Halil Pasic
2019-05-21 8:46 ` Michael Mueller
2019-05-22 12:07 ` Sebastian Ott
2019-05-22 22:12 ` Halil Pasic
2019-05-23 15:17 ` Halil Pasic
2019-04-26 18:32 ` [PATCH 06/10] s390/cio: add basic protected virtualization support Halil Pasic
2019-05-08 13:46 ` Sebastian Ott
2019-05-08 13:54 ` Christoph Hellwig
2019-05-08 21:08 ` Halil Pasic
2019-05-09 8:52 ` Sebastian Ott
2019-05-08 14:23 ` Pierre Morel
2019-05-13 9:41 ` Cornelia Huck
2019-05-14 14:47 ` Jason J. Herne
2019-05-15 21:08 ` Halil Pasic
2019-05-16 6:32 ` Cornelia Huck
2019-05-16 13:42 ` Halil Pasic
2019-05-16 13:54 ` Cornelia Huck
2019-05-15 20:51 ` Halil Pasic
2019-05-16 6:29 ` Cornelia Huck
2019-05-18 18:11 ` Halil Pasic
2019-05-20 10:21 ` Cornelia Huck
2019-05-20 12:34 ` Halil Pasic
2019-05-20 13:43 ` Cornelia Huck
2019-04-26 18:32 ` [PATCH 07/10] s390/airq: use DMA memory for adapter interrupts Halil Pasic
2019-05-08 13:58 ` Sebastian Ott
2019-05-09 11:37 ` Cornelia Huck
2019-05-13 12:59 ` Cornelia Huck
2019-04-26 18:32 ` [PATCH 08/10] virtio/s390: add indirection to indicators access Halil Pasic
2019-05-08 14:31 ` Pierre Morel
2019-05-09 12:01 ` Pierre Morel
2019-05-09 18:26 ` Halil Pasic
2019-05-10 7:43 ` Pierre Morel
2019-05-10 11:54 ` Halil Pasic
2019-05-10 15:36 ` Pierre Morel
2019-05-13 10:15 ` Cornelia Huck
2019-05-16 15:24 ` Pierre Morel
2019-04-26 18:32 ` [PATCH 09/10] virtio/s390: use DMA memory for ccw I/O and classic notifiers Halil Pasic
2019-05-08 14:46 ` Pierre Morel
2019-05-09 13:30 ` Pierre Morel
2019-05-09 18:30 ` Halil Pasic
2019-05-13 13:54 ` Cornelia Huck
2019-04-26 18:32 ` [PATCH 10/10] virtio/s390: make airq summary indicators DMA Halil Pasic
2019-05-08 15:11 ` Pierre Morel
2019-05-15 13:33 ` Michael Mueller
2019-05-15 17:23 ` Halil Pasic
2019-05-13 12:20 ` Cornelia Huck
2019-05-15 13:43 ` Michael Mueller
2019-05-15 13:50 ` Cornelia Huck
2019-05-15 17:18 ` Halil Pasic
[not found] ` <20190503115511.17a1f6d1.cohuck@redhat.com>
2019-05-03 13:33 ` [PATCH 00/10] s390: virtio: support protected virtualization Cornelia Huck
2019-05-04 13:58 ` Halil Pasic [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190504155812.1f7e55c0.pasic@linux.ibm.com \
--to=pasic@linux.ibm.com \
--cc=alifm@linux.ibm.com \
--cc=cohuck@redhat.com \
--cc=farman@linux.ibm.com \
--cc=frankja@linux.ibm.com \
--cc=gor@linux.ibm.com \
--cc=hch@infradead.org \
--cc=imbrenda@linux.ibm.com \
--cc=kvm@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=mihajlov@linux.ibm.com \
--cc=mst@redhat.com \
--cc=schwidefsky@de.ibm.com \
--cc=sebott@linux.ibm.com \
--cc=thuth@redhat.com \
--cc=virtualization@lists.linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).