From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751471AbdKVNsB (ORCPT ); Wed, 22 Nov 2017 08:48:01 -0500 Received: from mx1.redhat.com ([209.132.183.28]:57316 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751258AbdKVNr7 (ORCPT ); Wed, 22 Nov 2017 08:47:59 -0500 Date: Wed, 22 Nov 2017 14:47:50 +0100 From: Cornelia Huck To: Tony Krowiak Cc: Pierre Morel , linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, freude@de.ibm.com, schwidefsky@de.ibm.com, heiko.carstens@de.ibm.com, borntraeger@de.ibm.com, kwankhede@nvidia.com, bjsdjshi@linux.vnet.ibm.com, pbonzini@redhat.com, alex.williamson@redhat.com, alifm@linux.vnet.ibm.com, mjrosato@linux.vnet.ibm.com, qemu-s390x@nongnu.org, jjherne@linux.vnet.ibm.com, thuth@redhat.com, pasic@linux.vnet.ibm.com Subject: Re: [RFC 00/19] KVM: s390/crypto/vfio: guest dedicated crypto adapters Message-ID: <20171122144750.1ceffe41.cohuck@redhat.com> In-Reply-To: References: <1507916344-3896-1-git-send-email-akrowiak@linux.vnet.ibm.com> <5baf5f90-6cac-3c09-7b66-1bc8b30b8093@linux.vnet.ibm.com> <20171114145722.4ab850a5.cohuck@redhat.com> <8a492b07-3d3b-f4cf-e139-7de345ea8188@linux.vnet.ibm.com> <20171116180308.289e5eed.cohuck@redhat.com> <1476b0a4-a2a3-2c48-107a-ab7b39b0e93e@linux.vnet.ibm.com> <0b40cee7-78d3-f96b-ab46-1f40b31251cb@linux.vnet.ibm.com> <20171117110742.1d416435.cohuck@redhat.com> <20171120181345.3fbda311.cohuck@redhat.com> Organization: Red Hat GmbH MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Wed, 22 Nov 2017 13:47:59 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 21 Nov 2017 11:08:01 -0500 Tony Krowiak wrote: > I am not quite sure what you are asking, but I'll attempt to answer > what I think you're asking. A new type of mediated matrix device > will be introduced to configure a virtual matrix for a guest that > provides the interfaces to map a virtual adapter/domain ID to one > or more real adapter/domain IDs. If by virtualization facility, > you are talking about the VFIO AP matrix driver, then yes, > the driver will handle ioctl requests based on the type of the > mediated matrix device through which the request was submitted: > > If the request is to configure the KVM guest's matrix: > > * If the mediated matrix device type is passthrough: > * Do validation of matrix > * Configure the APM, AQM and ADM in the KVM guest's CRYCB > according to the configuration specified via the mediated > device's sysfs attribute files. > * If the mediated matrix device type is virtual: > * Do validation of matrix > * No need to configure CRYCB since all instructions will be > intercepted Ok, so we would have two distinct paths here... > > If the request is to execute an intercepted AP instruction: > > * If the mediated matrix device type is passthrough: > * Forward the instruction to the AP device and return the > result to QEMU. > > * If the mediated matrix device type is virtual: > > * Retrieve all of the real APQNs mapped to the virtual > adapter and domain IDs configured in the mediated matrix > device's sysfs attribute files > * If there is more than one APQN mapping, then determine > which would be best to use - algorithm TBD > * Forward the instruction to the AP device and return the > result. ...and two distinct paths for most instructions here as well. > > Of course, these are just preliminary ideas at this time. > I've only prototyped the sysfs configuration interfaces. No > back end prototyping has been undertaken yet. If the ideas do > not pan out, however; I think virtualization can be introduced > as an independent design. Yes, let's cross that bridge when we get to it.