On Tue, 3 Apr 2018 09:17:59 -0400 Tony Krowiak <akrowiak@xxxxxxxxxxxxxxxxxx> wrote: > On 04/03/2018 07:07 AM, Cornelia Huck wrote: > > On Wed, 14 Mar 2018 14:25:47 -0400 > > Tony Krowiak <akrowiak@xxxxxxxxxxxxxxxxxx> wrote: > > > >> Provides interfaces to assign AP adapters, usage domains > >> and control domains to a KVM guest. > >> > >> A KVM guest is started by executing the Start Interpretive Execution (SIE) > >> instruction. The SIE state description is a control block that contains the > >> state information for a KVM guest and is supplied as input to the SIE > >> instruction. The SIE state description has a satellite structure called the > >> Crypto Control Block (CRYCB). The CRYCB contains three bitmask fields > >> identifying the adapters, queues (domains) and control domains assigned to > >> the KVM guest: > >> > >> * The AP Adapter Mask (APM) field identifies the AP adapters assigned to > >> the KVM guest > >> > >> * The AP Queue Mask (AQM) field identifies the AP queues assigned to > >> the KVM guest. Each AP queue is connected to a usage domain within > >> an AP adapter. > >> > >> * The AP Domain Mask (ADM) field identifies the control domains > >> assigned to the KVM guest. > >> > >> Each adapter, queue (usage domain) and control domain are identified by > >> a number from 0 to 255. The bits in each mask, from most significant to > >> least significant bit, correspond to the numbers 0-255. When a bit is > >> set, the corresponding adapter, queue (usage domain) or control domain > >> is assigned to the KVM guest. > >> > >> This patch will set the bits in the APM, AQM and ADM fields of the > >> CRYCB referenced by the KVM guest's SIE state description. The process > >> used is: > >> > >> 1. Verify that the bits to be set do not exceed the maximum bit > >> number for the given mask. > >> > >> 2. Verify that the APQNs that can be derived from the intersection > >> of the bits set in the APM and AQM fields of the KVM guest's CRYCB > >> are not assigned to any other KVM guest running on the same linux > >> host. > >> > >> 3. Set the APM, AQM and ADM in the CRYCB according to the matrix > >> configured for the mediated matrix device via its sysfs > >> adapter, domain and control domain attribute files respectively. > >> > >> Signed-off-by: Tony Krowiak <akrowiak@xxxxxxxxxxxxxxxxxx> > >> --- > >> arch/s390/include/asm/kvm-ap.h | 36 +++++ > >> arch/s390/kvm/kvm-ap.c | 268 +++++++++++++++++++++++++++++++++ > >> drivers/s390/crypto/vfio_ap_ops.c | 19 +++ > >> drivers/s390/crypto/vfio_ap_private.h | 4 + > >> 4 files changed, 327 insertions(+), 0 deletions(-) > >> > >> diff --git a/arch/s390/kvm/kvm-ap.c b/arch/s390/kvm/kvm-ap.c > >> index a2c6ad2..eb365e2 100644 > >> --- a/arch/s390/kvm/kvm-ap.c > >> +++ b/arch/s390/kvm/kvm-ap.c > >> @@ -8,9 +8,129 @@ > >> > >> #include <asm/kvm-ap.h> > >> #include <asm/ap.h> > >> +#include <linux/bitops.h> > >> > >> #include "kvm-s390.h" > >> > >> +static inline void kvm_ap_clear_crycb_masks(struct kvm *kvm) > >> +{ > >> + int crycb_fmt = kvm->arch.crypto.crycbd & CRYCB_FORMAT_MASK; > >> + > >> + if (crycb_fmt == CRYCB_FORMAT2) > >> + memset(&kvm->arch.crypto.crycb->apcb1, 0, > >> + sizeof(kvm->arch.crypto.crycb->apcb1)); > >> + else > >> + memset(&kvm->arch.crypto.crycb->apcb0, 0, > >> + sizeof(kvm->arch.crypto.crycb->apcb0)); > >> +} > > Should that rather be a switch/case? If there's a CRYCB_FORMAT3 in the > > future, I'd think that it's more likely that it uses apcb1 and not > > apcb0. Can't comment further without the architecture, obviously. > Maybe we should just clear both structures without regard to the CRYCB > format. Yes; but my concern applies to the other checks for CRYCB_FORMAT2 as well (snipped).