From: Halil Pasic <pasic@linux.ibm.com> To: Cornelia Huck <cohuck@redhat.com> Cc: kvm@vger.kernel.org, linux-s390@vger.kernel.org, Martin Schwidefsky <schwidefsky@de.ibm.com>, Sebastian Ott <sebott@linux.ibm.com>, virtualization@lists.linux-foundation.org, "Michael S. Tsirkin" <mst@redhat.com>, Christoph Hellwig <hch@infradead.org>, Thomas Huth <thuth@redhat.com>, Christian Borntraeger <borntraeger@de.ibm.com>, Viktor Mihajlovski <mihajlov@linux.ibm.com>, Vasily Gorbik <gor@linux.ibm.com>, Janosch Frank <frankja@linux.ibm.com>, Claudio Imbrenda <imbrenda@linux.ibm.com>, Farhan Ali <alifm@linux.ibm.com>, Eric Farman <farman@linux.ibm.com> Subject: Re: [PATCH 00/10] s390: virtio: support protected virtualization Date: Sat, 4 May 2019 15:58:12 +0200 [thread overview] Message-ID: <20190504155812.1f7e55c0.pasic@linux.ibm.com> (raw) In-Reply-To: <20190503115511.17a1f6d1.cohuck@redhat.com> On Fri, 3 May 2019 11:55:11 +0200 Cornelia Huck <cohuck@redhat.com> wrote: > On Fri, 26 Apr 2019 20:32:35 +0200 > Halil Pasic <pasic@linux.ibm.com> wrote: > > > Enhanced virtualization protection technology may require the use of > > bounce buffers for I/O. While support for this was built into the virtio > > core, virtio-ccw wasn't changed accordingly. > > > > Some background on technology (not part of this series) and the > > terminology used. > > > > * Protected Virtualization (PV): > > > > Protected Virtualization guarantees, that non-shared memory of a guest > > that operates in PV mode private to that guest. I.e. any attempts by the > > hypervisor or other guests to access it will result in an exception. If > > supported by the environment (machine, KVM, guest VM) a guest can decide > > to change into PV mode by doing the appropriate ultravisor calls. Unlike > > some other enhanced virtualization protection technology, > > I think that sentence misses its second part? > I wanted to kill the whole sentence, but killed only a part of it. :( Sorry. If any, the sentence had only significance for judging how well inherited some names fit. > > > > * Ultravisor: > > > > A hardware/firmware entity that manages PV guests, and polices access to > > their memory. A PV guest prospect needs to interact with the ultravisor, > > to enter PV mode, and potentially to share pages (for I/O which should > > be encrypted by the guest). A guest interacts with the ultravisor via so > > called ultravisor calls. A hypervisor needs to interact with the > > ultravisor to facilitate interpretation, emulation and swapping. A > > hypervisor interacts with the ultravisor via ultravisor calls and via > > the SIE state description. Generally the ultravisor sanitizes hypervisor > > inputs so that the guest can not be corrupted (except for denial of > > service. > > > > > > What needs to be done > > ===================== > > > > Thus what needs to be done to bring virtio-ccw up to speed with respect > > to protected virtualization is: > > * use some 'new' common virtio stuff > > Doing this makes sense regardless of the protected virtualization use > case, and I think we should go ahead and merge those patches for 5.2. > I agree. > > * make sure that virtio-ccw specific stuff uses shared memory when > > talking to the hypervisor (except control/communication blocks like ORB, > > these are handled by the ultravisor) > > TBH, I'm still a bit hazy on what needs to use shared memory and what > doesn't. > It is all in the code :). To have complete and definitive answers here we would need some sort of public UV architecture. > > * make sure the DMA API does what is necessary to talk through shared > > memory if we are a protected virtualization guest. > > * make sure the common IO layer plays along as well (airqs, sense). > > > > > > Important notes > > ================ > > > > * This patch set is based on Martins features branch > > (git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux.git branch > > 'features'). > > > > * Documentation is still very sketchy. I'm committed to improving this, > > but I'm currently hampered by some dependencies currently. > > I understand, but I think this really needs more doc; also for people > who want to understand the code in the future. > > Unfortunately lack of doc also hampers others in reviewing this :/ > I'm not sure how much can we do on the doc front. Without a complete architecture, one basically needs to trust the guys with access to the architecture. Many thanks for your feedback. Regards, Halil [..]
WARNING: multiple messages have this Message-ID (diff)
From: Halil Pasic <pasic@linux.ibm.com> To: Cornelia Huck <cohuck@redhat.com> Cc: Vasily Gorbik <gor@linux.ibm.com>, linux-s390@vger.kernel.org, Thomas Huth <thuth@redhat.com>, Claudio Imbrenda <imbrenda@linux.ibm.com>, kvm@vger.kernel.org, Sebastian Ott <sebott@linux.ibm.com>, "Michael S. Tsirkin" <mst@redhat.com>, Farhan Ali <alifm@linux.ibm.com>, Eric Farman <farman@linux.ibm.com>, virtualization@lists.linux-foundation.org, Christoph Hellwig <hch@infradead.org>, Martin Schwidefsky <schwidefsky@de.ibm.com>, Viktor Mihajlovski <mihajlov@linux.ibm.com>, Janosch Frank <frankja@linux.ibm.com> Subject: Re: [PATCH 00/10] s390: virtio: support protected virtualization Date: Sat, 4 May 2019 15:58:12 +0200 [thread overview] Message-ID: <20190504155812.1f7e55c0.pasic@linux.ibm.com> (raw) In-Reply-To: <20190503115511.17a1f6d1.cohuck@redhat.com> On Fri, 3 May 2019 11:55:11 +0200 Cornelia Huck <cohuck@redhat.com> wrote: > On Fri, 26 Apr 2019 20:32:35 +0200 > Halil Pasic <pasic@linux.ibm.com> wrote: > > > Enhanced virtualization protection technology may require the use of > > bounce buffers for I/O. While support for this was built into the virtio > > core, virtio-ccw wasn't changed accordingly. > > > > Some background on technology (not part of this series) and the > > terminology used. > > > > * Protected Virtualization (PV): > > > > Protected Virtualization guarantees, that non-shared memory of a guest > > that operates in PV mode private to that guest. I.e. any attempts by the > > hypervisor or other guests to access it will result in an exception. If > > supported by the environment (machine, KVM, guest VM) a guest can decide > > to change into PV mode by doing the appropriate ultravisor calls. Unlike > > some other enhanced virtualization protection technology, > > I think that sentence misses its second part? > I wanted to kill the whole sentence, but killed only a part of it. :( Sorry. If any, the sentence had only significance for judging how well inherited some names fit. > > > > * Ultravisor: > > > > A hardware/firmware entity that manages PV guests, and polices access to > > their memory. A PV guest prospect needs to interact with the ultravisor, > > to enter PV mode, and potentially to share pages (for I/O which should > > be encrypted by the guest). A guest interacts with the ultravisor via so > > called ultravisor calls. A hypervisor needs to interact with the > > ultravisor to facilitate interpretation, emulation and swapping. A > > hypervisor interacts with the ultravisor via ultravisor calls and via > > the SIE state description. Generally the ultravisor sanitizes hypervisor > > inputs so that the guest can not be corrupted (except for denial of > > service. > > > > > > What needs to be done > > ===================== > > > > Thus what needs to be done to bring virtio-ccw up to speed with respect > > to protected virtualization is: > > * use some 'new' common virtio stuff > > Doing this makes sense regardless of the protected virtualization use > case, and I think we should go ahead and merge those patches for 5.2. > I agree. > > * make sure that virtio-ccw specific stuff uses shared memory when > > talking to the hypervisor (except control/communication blocks like ORB, > > these are handled by the ultravisor) > > TBH, I'm still a bit hazy on what needs to use shared memory and what > doesn't. > It is all in the code :). To have complete and definitive answers here we would need some sort of public UV architecture. > > * make sure the DMA API does what is necessary to talk through shared > > memory if we are a protected virtualization guest. > > * make sure the common IO layer plays along as well (airqs, sense). > > > > > > Important notes > > ================ > > > > * This patch set is based on Martins features branch > > (git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux.git branch > > 'features'). > > > > * Documentation is still very sketchy. I'm committed to improving this, > > but I'm currently hampered by some dependencies currently. > > I understand, but I think this really needs more doc; also for people > who want to understand the code in the future. > > Unfortunately lack of doc also hampers others in reviewing this :/ > I'm not sure how much can we do on the doc front. Without a complete architecture, one basically needs to trust the guys with access to the architecture. Many thanks for your feedback. Regards, Halil [..]
next prev parent reply other threads:[~2019-05-04 13:58 UTC|newest] Thread overview: 182+ messages / expand[flat|nested] mbox.gz Atom feed top 2019-04-26 18:32 [PATCH 00/10] s390: virtio: support protected virtualization Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-04-26 18:32 ` [PATCH 01/10] virtio/s390: use vring_create_virtqueue Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-05-03 9:17 ` Cornelia Huck 2019-05-03 20:04 ` Michael S. Tsirkin 2019-05-03 20:04 ` Michael S. Tsirkin 2019-05-04 14:03 ` Halil Pasic 2019-05-04 14:03 ` Halil Pasic 2019-05-05 11:15 ` Cornelia Huck 2019-05-05 11:15 ` Cornelia Huck 2019-05-07 13:58 ` Christian Borntraeger 2019-05-07 13:58 ` Christian Borntraeger 2019-05-08 20:12 ` Halil Pasic 2019-05-08 20:12 ` Halil Pasic 2019-05-10 14:07 ` Cornelia Huck 2019-05-10 14:07 ` Cornelia Huck 2019-05-12 16:47 ` Michael S. Tsirkin 2019-05-12 16:47 ` Michael S. Tsirkin 2019-05-13 9:52 ` Cornelia Huck 2019-05-13 9:52 ` Cornelia Huck 2019-05-13 12:27 ` Michael Mueller 2019-05-13 12:27 ` Michael Mueller 2019-05-13 12:29 ` Cornelia Huck 2019-05-13 12:29 ` Cornelia Huck 2019-04-26 18:32 ` [PATCH 02/10] virtio/s390: DMA support for virtio-ccw Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-05-03 9:31 ` Cornelia Huck 2019-04-26 18:32 ` [PATCH 03/10] virtio/s390: enable packed ring Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-05-03 9:44 ` Cornelia Huck 2019-05-05 15:13 ` Thomas Huth 2019-05-05 15:13 ` Thomas Huth 2019-04-26 18:32 ` [PATCH 04/10] s390/mm: force swiotlb for protected virtualization Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-04-26 19:27 ` Christoph Hellwig 2019-04-26 19:27 ` Christoph Hellwig 2019-04-29 13:59 ` Halil Pasic 2019-04-29 13:59 ` Halil Pasic 2019-04-29 14:05 ` Christian Borntraeger 2019-04-29 14:05 ` Christian Borntraeger 2019-05-13 12:50 ` Michael Mueller 2019-05-13 12:50 ` Michael Mueller 2019-05-08 13:15 ` Claudio Imbrenda 2019-05-08 13:15 ` Claudio Imbrenda 2019-05-09 22:34 ` Halil Pasic 2019-05-09 22:34 ` Halil Pasic 2019-05-15 14:15 ` Michael Mueller 2019-05-15 14:15 ` Michael Mueller [not found] ` <ad23f5e7-dc78-04af-c892-47bbc65134c6@linux.ibm.com> 2019-05-09 18:05 ` Jason J. Herne 2019-05-09 18:05 ` Jason J. Herne 2019-05-09 18:05 ` Jason J. Herne 2019-05-10 7:49 ` Claudio Imbrenda 2019-05-10 7:49 ` Claudio Imbrenda 2019-04-26 18:32 ` [PATCH 05/10] s390/cio: introduce DMA pools to cio Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-05-08 13:18 ` Sebastian Ott 2019-05-08 13:18 ` Sebastian Ott 2019-05-08 21:22 ` Halil Pasic 2019-05-08 21:22 ` Halil Pasic 2019-05-09 8:40 ` Sebastian Ott 2019-05-09 8:40 ` Sebastian Ott 2019-05-09 10:11 ` Cornelia Huck 2019-05-09 10:11 ` Cornelia Huck 2019-05-09 22:11 ` Halil Pasic 2019-05-09 22:11 ` Halil Pasic 2019-05-10 14:10 ` Cornelia Huck 2019-05-10 14:10 ` Cornelia Huck 2019-05-12 18:22 ` Halil Pasic 2019-05-12 18:22 ` Halil Pasic 2019-05-13 13:29 ` Cornelia Huck 2019-05-13 13:29 ` Cornelia Huck 2019-05-15 17:12 ` Halil Pasic 2019-05-15 17:12 ` Halil Pasic 2019-05-16 6:13 ` Cornelia Huck 2019-05-16 6:13 ` Cornelia Huck 2019-05-16 13:59 ` Sebastian Ott 2019-05-16 13:59 ` Sebastian Ott 2019-05-20 12:13 ` Halil Pasic 2019-05-20 12:13 ` Halil Pasic 2019-05-21 8:46 ` Michael Mueller 2019-05-21 8:46 ` Michael Mueller 2019-05-22 12:07 ` Sebastian Ott 2019-05-22 12:07 ` Sebastian Ott 2019-05-22 22:12 ` Halil Pasic 2019-05-22 22:12 ` Halil Pasic 2019-05-23 15:17 ` Halil Pasic 2019-05-23 15:17 ` Halil Pasic 2019-04-26 18:32 ` [PATCH 06/10] s390/cio: add basic protected virtualization support Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-05-08 13:46 ` Sebastian Ott 2019-05-08 13:46 ` Sebastian Ott 2019-05-08 13:54 ` Christoph Hellwig 2019-05-08 13:54 ` Christoph Hellwig 2019-05-08 21:08 ` Halil Pasic 2019-05-08 21:08 ` Halil Pasic 2019-05-09 8:52 ` Sebastian Ott 2019-05-09 8:52 ` Sebastian Ott 2019-05-08 14:23 ` Pierre Morel 2019-05-08 14:23 ` Pierre Morel 2019-05-13 9:41 ` Cornelia Huck 2019-05-13 9:41 ` Cornelia Huck 2019-05-14 14:47 ` Jason J. Herne 2019-05-14 14:47 ` Jason J. Herne 2019-05-15 21:08 ` Halil Pasic 2019-05-15 21:08 ` Halil Pasic 2019-05-16 6:32 ` Cornelia Huck 2019-05-16 6:32 ` Cornelia Huck 2019-05-16 13:42 ` Halil Pasic 2019-05-16 13:42 ` Halil Pasic 2019-05-16 13:54 ` Cornelia Huck 2019-05-16 13:54 ` Cornelia Huck 2019-05-15 20:51 ` Halil Pasic 2019-05-15 20:51 ` Halil Pasic 2019-05-16 6:29 ` Cornelia Huck 2019-05-16 6:29 ` Cornelia Huck 2019-05-18 18:11 ` Halil Pasic 2019-05-18 18:11 ` Halil Pasic 2019-05-20 10:21 ` Cornelia Huck 2019-05-20 10:21 ` Cornelia Huck 2019-05-20 12:34 ` Halil Pasic 2019-05-20 12:34 ` Halil Pasic 2019-05-20 13:43 ` Cornelia Huck 2019-05-20 13:43 ` Cornelia Huck 2019-04-26 18:32 ` [PATCH 07/10] s390/airq: use DMA memory for adapter interrupts Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-05-08 13:58 ` Sebastian Ott 2019-05-08 13:58 ` Sebastian Ott 2019-05-09 11:37 ` Cornelia Huck 2019-05-09 11:37 ` Cornelia Huck 2019-05-13 12:59 ` Cornelia Huck 2019-05-13 12:59 ` Cornelia Huck 2019-04-26 18:32 ` [PATCH 08/10] virtio/s390: add indirection to indicators access Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-05-08 14:31 ` Pierre Morel 2019-05-08 14:31 ` Pierre Morel 2019-05-09 12:01 ` Pierre Morel 2019-05-09 12:01 ` Pierre Morel 2019-05-09 18:26 ` Halil Pasic 2019-05-09 18:26 ` Halil Pasic 2019-05-10 7:43 ` Pierre Morel 2019-05-10 7:43 ` Pierre Morel 2019-05-10 11:54 ` Halil Pasic 2019-05-10 11:54 ` Halil Pasic 2019-05-10 15:36 ` Pierre Morel 2019-05-10 15:36 ` Pierre Morel 2019-05-13 10:15 ` Cornelia Huck 2019-05-13 10:15 ` Cornelia Huck 2019-05-16 15:24 ` Pierre Morel 2019-05-16 15:24 ` Pierre Morel 2019-04-26 18:32 ` [PATCH 09/10] virtio/s390: use DMA memory for ccw I/O and classic notifiers Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-05-08 14:46 ` Pierre Morel 2019-05-08 14:46 ` Pierre Morel 2019-05-09 13:30 ` Pierre Morel 2019-05-09 13:30 ` Pierre Morel 2019-05-09 18:30 ` Halil Pasic 2019-05-09 18:30 ` Halil Pasic 2019-05-13 13:54 ` Cornelia Huck 2019-05-13 13:54 ` Cornelia Huck 2019-04-26 18:32 ` [PATCH 10/10] virtio/s390: make airq summary indicators DMA Halil Pasic 2019-04-26 18:32 ` Halil Pasic 2019-05-08 15:11 ` Pierre Morel 2019-05-08 15:11 ` Pierre Morel 2019-05-15 13:33 ` Michael Mueller 2019-05-15 13:33 ` Michael Mueller 2019-05-15 17:23 ` Halil Pasic 2019-05-15 17:23 ` Halil Pasic 2019-05-13 12:20 ` Cornelia Huck 2019-05-13 12:20 ` Cornelia Huck 2019-05-15 13:43 ` Michael Mueller 2019-05-15 13:43 ` Michael Mueller 2019-05-15 13:50 ` Cornelia Huck 2019-05-15 13:50 ` Cornelia Huck 2019-05-15 17:18 ` Halil Pasic 2019-05-15 17:18 ` Halil Pasic 2019-05-03 9:55 ` [PATCH 00/10] s390: virtio: support protected virtualization Cornelia Huck 2019-05-03 10:03 ` Juergen Gross 2019-05-03 13:33 ` Cornelia Huck 2019-05-03 13:33 ` Cornelia Huck 2019-05-04 13:58 ` Halil Pasic [this message] 2019-05-04 13:58 ` Halil Pasic
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20190504155812.1f7e55c0.pasic@linux.ibm.com \ --to=pasic@linux.ibm.com \ --cc=alifm@linux.ibm.com \ --cc=borntraeger@de.ibm.com \ --cc=cohuck@redhat.com \ --cc=farman@linux.ibm.com \ --cc=frankja@linux.ibm.com \ --cc=gor@linux.ibm.com \ --cc=hch@infradead.org \ --cc=imbrenda@linux.ibm.com \ --cc=kvm@vger.kernel.org \ --cc=linux-s390@vger.kernel.org \ --cc=mihajlov@linux.ibm.com \ --cc=mst@redhat.com \ --cc=schwidefsky@de.ibm.com \ --cc=sebott@linux.ibm.com \ --cc=thuth@redhat.com \ --cc=virtualization@lists.linux-foundation.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.