From: Tony Krowiak <akrowiak@linux.ibm.com>
To: linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org,
kvm@vger.kernel.org
Cc: freude@linux.ibm.com, borntraeger@de.ibm.com, cohuck@redhat.com,
frankja@linux.ibm.com, david@redhat.com, schwidefsky@de.ibm.com,
heiko.carstens@de.ibm.com, pmorel@linux.ibm.com,
pasic@linux.ibm.com, alex.williamson@redhat.com,
kwankhede@nvidia.com, Tony Krowiak <akrowiak@linux.ibm.com>
Subject: [PATCH 4/7] s390: vfio-ap: allow hot plug/unplug of AP resources using mdev device
Date: Thu, 11 Apr 2019 17:03:21 -0400 [thread overview]
Message-ID: <1555016604-2008-5-git-send-email-akrowiak@linux.ibm.com> (raw)
In-Reply-To: <1555016604-2008-1-git-send-email-akrowiak@linux.ibm.com>
Let's allow adapters, domains and control domains to be assigned to or
unassigned from an AP matrix mdev device while it is in use by a guest.
When an adapter, domain or control domain is assigned to or unassigned
from an mdev device while a guest is using it, the guest's CRYCB will be
updated thus giving access to the resource assigned, or taking access away
from the resource unassigned for the guest.
Signed-off-by: Tony Krowiak <akrowiak@linux.ibm.com>
---
drivers/s390/crypto/vfio_ap_ops.c | 68 +++++++++++++++++++--------------------
1 file changed, 33 insertions(+), 35 deletions(-)
diff --git a/drivers/s390/crypto/vfio_ap_ops.c b/drivers/s390/crypto/vfio_ap_ops.c
index cb3e4f7671be..cda1d216ee38 100644
--- a/drivers/s390/crypto/vfio_ap_ops.c
+++ b/drivers/s390/crypto/vfio_ap_ops.c
@@ -155,6 +155,24 @@ static int vfio_ap_mdev_verify_no_sharing(struct ap_matrix_mdev *matrix_mdev)
return 0;
}
+/*
+ * vfio_ap_mdev_update_crycb
+ *
+ * @matrix_mdev: the mediated matrix device
+ *
+ * Updates the AP matrix in the guest's CRYCB from the masks configured for the
+ * mediated matrix device via its sysfs interfaces.
+ */
+static void vfio_ap_mdev_update_crycb(struct ap_matrix_mdev *matrix_mdev)
+{
+ if (matrix_mdev->kvm) {
+ kvm_arch_crypto_set_masks(matrix_mdev->kvm,
+ matrix_mdev->matrix.apm,
+ matrix_mdev->matrix.aqm,
+ matrix_mdev->matrix.adm);
+ }
+}
+
/**
* assign_adapter_store
*
@@ -196,10 +214,6 @@ static ssize_t assign_adapter_store(struct device *dev,
struct mdev_device *mdev = mdev_from_dev(dev);
struct ap_matrix_mdev *matrix_mdev = mdev_get_drvdata(mdev);
- /* If the guest is running, disallow assignment of adapter */
- if (matrix_mdev->kvm)
- return -EBUSY;
-
ret = kstrtoul(buf, 0, &apid);
if (ret)
return ret;
@@ -214,16 +228,12 @@ static ssize_t assign_adapter_store(struct device *dev,
*/
mutex_lock(&matrix_dev->lock);
- ret = vfio_ap_mdev_verify_queues_reserved_for_apid(matrix_mdev, apid);
- if (ret)
- goto done;
-
set_bit_inv(apid, matrix_mdev->matrix.apm);
ret = ap_apqn_in_matrix_owned_by_def_drv(matrix_mdev->matrix.apm,
matrix_mdev->matrix.aqm);
- /* If any APQN is reserved for used by the default drivers */
+ /* If any APQN is owned by the default drivers */
ret = (ret == 1) ? -EADDRNOTAVAIL : ret;
if (ret)
goto error;
@@ -232,6 +242,7 @@ static ssize_t assign_adapter_store(struct device *dev,
if (ret)
goto error;
+ vfio_ap_mdev_update_crycb(matrix_mdev);
ret = count;
goto done;
@@ -270,10 +281,6 @@ static ssize_t unassign_adapter_store(struct device *dev,
struct mdev_device *mdev = mdev_from_dev(dev);
struct ap_matrix_mdev *matrix_mdev = mdev_get_drvdata(mdev);
- /* If the guest is running, disallow un-assignment of adapter */
- if (matrix_mdev->kvm)
- return -EBUSY;
-
ret = kstrtoul(buf, 0, &apid);
if (ret)
return ret;
@@ -283,6 +290,7 @@ static ssize_t unassign_adapter_store(struct device *dev,
mutex_lock(&matrix_dev->lock);
clear_bit_inv((unsigned long)apid, matrix_mdev->matrix.apm);
+ vfio_ap_mdev_update_crycb(matrix_mdev);
mutex_unlock(&matrix_dev->lock);
return count;
@@ -331,10 +339,6 @@ static ssize_t assign_domain_store(struct device *dev,
struct ap_matrix_mdev *matrix_mdev = mdev_get_drvdata(mdev);
unsigned long max_apqi = matrix_mdev->matrix.aqm_max;
- /* If the guest is running, disallow assignment of domain */
- if (matrix_mdev->kvm)
- return -EBUSY;
-
ret = kstrtoul(buf, 0, &apqi);
if (ret)
return ret;
@@ -355,12 +359,13 @@ static ssize_t assign_domain_store(struct device *dev,
ret = vfio_ap_mdev_verify_no_sharing(matrix_mdev);
if (ret)
- goto share_err;
+ goto error;
+ vfio_ap_mdev_update_crycb(matrix_mdev);
ret = count;
goto done;
-share_err:
+error:
clear_bit_inv(apqi, matrix_mdev->matrix.aqm);
done:
mutex_unlock(&matrix_dev->lock);
@@ -396,10 +401,6 @@ static ssize_t unassign_domain_store(struct device *dev,
struct mdev_device *mdev = mdev_from_dev(dev);
struct ap_matrix_mdev *matrix_mdev = mdev_get_drvdata(mdev);
- /* If the guest is running, disallow un-assignment of domain */
- if (matrix_mdev->kvm)
- return -EBUSY;
-
ret = kstrtoul(buf, 0, &apqi);
if (ret)
return ret;
@@ -409,6 +410,7 @@ static ssize_t unassign_domain_store(struct device *dev,
mutex_lock(&matrix_dev->lock);
clear_bit_inv((unsigned long)apqi, matrix_mdev->matrix.aqm);
+ vfio_ap_mdev_update_crycb(matrix_mdev);
mutex_unlock(&matrix_dev->lock);
return count;
@@ -440,10 +442,6 @@ static ssize_t assign_control_domain_store(struct device *dev,
struct mdev_device *mdev = mdev_from_dev(dev);
struct ap_matrix_mdev *matrix_mdev = mdev_get_drvdata(mdev);
- /* If the guest is running, disallow assignment of control domain */
- if (matrix_mdev->kvm)
- return -EBUSY;
-
ret = kstrtoul(buf, 0, &id);
if (ret)
return ret;
@@ -451,13 +449,16 @@ static ssize_t assign_control_domain_store(struct device *dev,
if (id > matrix_mdev->matrix.adm_max)
return -ENODEV;
- /* Set the bit in the ADM (bitmask) corresponding to the AP control
- * domain number (id). The bits in the mask, from most significant to
- * least significant, correspond to IDs 0 up to the one less than the
- * number of control domains that can be assigned.
+ /*
+ * Set the bits in the ADM (bitmask) corresponding to the AP control
+ * domain numbers in dommask. The bits in the mask, from left to right,
+ * correspond to IDs 0 up to the one less than the number of control
+ * domains that can be assigned.
+ *
*/
mutex_lock(&matrix_dev->lock);
set_bit_inv(id, matrix_mdev->matrix.adm);
+ vfio_ap_mdev_update_crycb(matrix_mdev);
mutex_unlock(&matrix_dev->lock);
return count;
@@ -490,10 +491,6 @@ static ssize_t unassign_control_domain_store(struct device *dev,
struct ap_matrix_mdev *matrix_mdev = mdev_get_drvdata(mdev);
unsigned long max_domid = matrix_mdev->matrix.adm_max;
- /* If the guest is running, disallow un-assignment of control domain */
- if (matrix_mdev->kvm)
- return -EBUSY;
-
ret = kstrtoul(buf, 0, &domid);
if (ret)
return ret;
@@ -502,6 +499,7 @@ static ssize_t unassign_control_domain_store(struct device *dev,
mutex_lock(&matrix_dev->lock);
clear_bit_inv(domid, matrix_mdev->matrix.adm);
+ vfio_ap_mdev_update_crycb(matrix_mdev);
mutex_unlock(&matrix_dev->lock);
return count;
--
2.7.4
next prev parent reply other threads:[~2019-04-11 21:04 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-11 21:03 [PATCH 0/7] s390: vfio-ap: dynamic configuration support Tony Krowiak
2019-04-11 21:03 ` [PATCH 1/7] s390: zcrypt: driver callback to indicate resource in use Tony Krowiak
2019-04-12 6:54 ` Harald Freudenberger
2019-04-12 9:43 ` Cornelia Huck
2019-04-12 19:38 ` Tony Krowiak
2019-04-15 9:50 ` Cornelia Huck
2019-04-15 16:51 ` Tony Krowiak
2019-04-15 17:02 ` Cornelia Huck
2019-04-15 18:59 ` Halil Pasic
2019-04-15 22:43 ` Tony Krowiak
2019-04-17 15:37 ` Halil Pasic
2019-04-16 7:52 ` Pierre Morel
2019-04-16 13:11 ` Tony Krowiak
2019-04-16 13:13 ` Pierre Morel
2019-04-11 21:03 ` [PATCH 2/7] s390: vfio-ap: implement in-use callback for vfio_ap driver Tony Krowiak
2019-04-11 21:03 ` [PATCH 3/7] s390: vfio-ap: allow assignment of unavailable AP resources to mdev device Tony Krowiak
2019-04-11 21:03 ` Tony Krowiak [this message]
2019-04-11 21:03 ` [PATCH 5/7] s390: vfio-ap: wait for queue empty on queue reset Tony Krowiak
2019-04-11 21:03 ` [PATCH 6/7] s390: vfio-ap: handle dynamic config/deconfig of AP adapter Tony Krowiak
2019-04-12 7:09 ` Harald Freudenberger
2019-04-15 9:54 ` Pierre Morel
2019-04-15 18:52 ` Tony Krowiak
2019-04-11 21:03 ` [PATCH 7/7] s390: vfio-ap: update documentation Tony Krowiak
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1555016604-2008-5-git-send-email-akrowiak@linux.ibm.com \
--to=akrowiak@linux.ibm.com \
--cc=alex.williamson@redhat.com \
--cc=borntraeger@de.ibm.com \
--cc=cohuck@redhat.com \
--cc=david@redhat.com \
--cc=frankja@linux.ibm.com \
--cc=freude@linux.ibm.com \
--cc=heiko.carstens@de.ibm.com \
--cc=kvm@vger.kernel.org \
--cc=kwankhede@nvidia.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=pasic@linux.ibm.com \
--cc=pmorel@linux.ibm.com \
--cc=schwidefsky@de.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).