Merge tag 's390-5.20-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux

+1

Documentation/s390/index.rst

··· 12 12 qeth 13 13 s390dbf 14 14 vfio-ap 15 + vfio-ap-locking 15 16 vfio-ccw 16 17 zfcpdump 17 18 common_io

+115

Documentation/s390/vfio-ap-locking.rst

··· 1 + .. SPDX-License-Identifier: GPL-2.0 2 + 3 + ====================== 4 + VFIO AP Locks Overview 5 + ====================== 6 + This document describes the locks that are pertinent to the secure operation 7 + of the vfio_ap device driver. Throughout this document, the following variables 8 + will be used to denote instances of the structures herein described: 9 + 10 + .. code-block:: c 11 + 12 + struct ap_matrix_dev *matrix_dev; 13 + struct ap_matrix_mdev *matrix_mdev; 14 + struct kvm *kvm; 15 + 16 + The Matrix Devices Lock (drivers/s390/crypto/vfio_ap_private.h) 17 + --------------------------------------------------------------- 18 + 19 + .. code-block:: c 20 + 21 + struct ap_matrix_dev { 22 + ... 23 + struct list_head mdev_list; 24 + struct mutex mdevs_lock; 25 + ... 26 + } 27 + 28 + The Matrix Devices Lock (matrix_dev->mdevs_lock) is implemented as a global 29 + mutex contained within the single object of struct ap_matrix_dev. This lock 30 + controls access to all fields contained within each matrix_mdev 31 + (matrix_dev->mdev_list). This lock must be held while reading from, writing to 32 + or using the data from a field contained within a matrix_mdev instance 33 + representing one of the vfio_ap device driver's mediated devices. 34 + 35 + The KVM Lock (include/linux/kvm_host.h) 36 + --------------------------------------- 37 + 38 + .. code-block:: c 39 + 40 + struct kvm { 41 + ... 42 + struct mutex lock; 43 + ... 44 + } 45 + 46 + The KVM Lock (kvm->lock) controls access to the state data for a KVM guest. This 47 + lock must be held by the vfio_ap device driver while one or more AP adapters, 48 + domains or control domains are being plugged into or unplugged from the guest. 49 + 50 + The KVM pointer is stored in the in the matrix_mdev instance 51 + (matrix_mdev->kvm = kvm) containing the state of the mediated device that has 52 + been attached to the KVM guest. 53 + 54 + The Guests Lock (drivers/s390/crypto/vfio_ap_private.h) 55 + ----------------------------------------------------------- 56 + 57 + .. code-block:: c 58 + 59 + struct ap_matrix_dev { 60 + ... 61 + struct list_head mdev_list; 62 + struct mutex guests_lock; 63 + ... 64 + } 65 + 66 + The Guests Lock (matrix_dev->guests_lock) controls access to the 67 + matrix_mdev instances (matrix_dev->mdev_list) that represent mediated devices 68 + that hold the state for the mediated devices that have been attached to a 69 + KVM guest. This lock must be held: 70 + 71 + 1. To control access to the KVM pointer (matrix_mdev->kvm) while the vfio_ap 72 + device driver is using it to plug/unplug AP devices passed through to the KVM 73 + guest. 74 + 75 + 2. To add matrix_mdev instances to or remove them from matrix_dev->mdev_list. 76 + This is necessary to ensure the proper locking order when the list is perused 77 + to find an ap_matrix_mdev instance for the purpose of plugging/unplugging 78 + AP devices passed through to a KVM guest. 79 + 80 + For example, when a queue device is removed from the vfio_ap device driver, 81 + if the adapter is passed through to a KVM guest, it will have to be 82 + unplugged. In order to figure out whether the adapter is passed through, 83 + the matrix_mdev object to which the queue is assigned will have to be 84 + found. The KVM pointer (matrix_mdev->kvm) can then be used to determine if 85 + the mediated device is passed through (matrix_mdev->kvm != NULL) and if so, 86 + to unplug the adapter. 87 + 88 + It is not necessary to take the Guests Lock to access the KVM pointer if the 89 + pointer is not used to plug/unplug devices passed through to the KVM guest; 90 + however, in this case, the Matrix Devices Lock (matrix_dev->mdevs_lock) must be 91 + held in order to access the KVM pointer since it is set and cleared under the 92 + protection of the Matrix Devices Lock. A case in point is the function that 93 + handles interception of the PQAP(AQIC) instruction sub-function. This handler 94 + needs to access the KVM pointer only for the purposes of setting or clearing IRQ 95 + resources, so only the matrix_dev->mdevs_lock needs to be held. 96 + 97 + The PQAP Hook Lock (arch/s390/include/asm/kvm_host.h) 98 + ----------------------------------------------------- 99 + 100 + .. code-block:: c 101 + 102 + typedef int (*crypto_hook)(struct kvm_vcpu *vcpu); 103 + 104 + struct kvm_s390_crypto { 105 + ... 106 + struct rw_semaphore pqap_hook_rwsem; 107 + crypto_hook *pqap_hook; 108 + ... 109 + }; 110 + 111 + The PQAP Hook Lock is a r/w semaphore that controls access to the function 112 + pointer of the handler ``(*kvm->arch.crypto.pqap_hook)`` to invoke when the 113 + PQAP(AQIC) instruction sub-function is intercepted by the host. The lock must be 114 + held in write mode when pqap_hook value is set, and in read mode when the 115 + pqap_hook function is called.

+353 -147

Documentation/s390/vfio-ap.rst

··· 123 123 by the hardware. 124 124 125 125 A satellite control block called the Crypto Control Block (CRYCB) is attached to 126 - our main hardware virtualization control block. The CRYCB contains three fields 127 - to identify the adapters, usage domains and control domains assigned to the KVM 128 - guest: 126 + our main hardware virtualization control block. The CRYCB contains an AP Control 127 + Block (APCB) that has three fields to identify the adapters, usage domains and 128 + control domains assigned to the KVM guest: 129 129 130 130 * The AP Mask (APM) field is a bit mask that identifies the AP adapters assigned 131 - to the KVM guest. Each bit in the mask, from left to right (i.e. from most 132 - significant to least significant bit in big endian order), corresponds to 131 + to the KVM guest. Each bit in the mask, from left to right, corresponds to 133 132 an APID from 0-255. If a bit is set, the corresponding adapter is valid for 134 133 use by the KVM guest. 135 134 136 135 * The AP Queue Mask (AQM) field is a bit mask identifying the AP usage domains 137 - assigned to the KVM guest. Each bit in the mask, from left to right (i.e. from 138 - most significant to least significant bit in big endian order), corresponds to 139 - an AP queue index (APQI) from 0-255. If a bit is set, the corresponding queue 140 - is valid for use by the KVM guest. 136 + assigned to the KVM guest. Each bit in the mask, from left to right, 137 + corresponds to an AP queue index (APQI) from 0-255. If a bit is set, the 138 + corresponding queue is valid for use by the KVM guest. 141 139 142 140 * The AP Domain Mask field is a bit mask that identifies the AP control domains 143 141 assigned to the KVM guest. The ADM bit mask controls which domains can be 144 142 changed by an AP command-request message sent to a usage domain from the 145 - guest. Each bit in the mask, from left to right (i.e. from most significant to 146 - least significant bit in big endian order), corresponds to a domain from 143 + guest. Each bit in the mask, from left to right, corresponds to a domain from 147 144 0-255. If a bit is set, the corresponding domain can be modified by an AP 148 145 command-request message sent to a usage domain. 149 146 ··· 148 151 an APQN to identify the AP queue to which an AP command-request message is to be 149 152 sent (NQAP and PQAP instructions), or from which a command-reply message is to 150 153 be received (DQAP instruction). The validity of an APQN is defined by the matrix 151 - calculated from the APM and AQM; it is the cross product of all assigned adapter 152 - numbers (APM) with all assigned queue indexes (AQM). For example, if adapters 1 153 - and 2 and usage domains 5 and 6 are assigned to a guest, the APQNs (1,5), (1,6), 154 - (2,5) and (2,6) will be valid for the guest. 154 + calculated from the APM and AQM; it is the Cartesian product of all assigned 155 + adapter numbers (APM) with all assigned queue indexes (AQM). For example, if 156 + adapters 1 and 2 and usage domains 5 and 6 are assigned to a guest, the APQNs 157 + (1,5), (1,6), (2,5) and (2,6) will be valid for the guest. 155 158 156 159 The APQNs can provide secure key functionality - i.e., a private key is stored 157 160 on the adapter card for each of its domains - so each APQN must be assigned to ··· 189 192 190 193 1. AP matrix device 191 194 2. VFIO AP device driver (vfio_ap.ko) 192 - 3. VFIO AP mediated matrix pass-through device 195 + 3. VFIO AP mediated pass-through device 193 196 194 197 The VFIO AP device driver 195 198 ------------------------- ··· 197 200 198 201 1. Provides the interfaces to secure APQNs for exclusive use of KVM guests. 199 202 200 - 2. Sets up the VFIO mediated device interfaces to manage a mediated matrix 203 + 2. Sets up the VFIO mediated device interfaces to manage a vfio_ap mediated 201 204 device and creates the sysfs interfaces for assigning adapters, usage 202 205 domains, and control domains comprising the matrix for a KVM guest. 203 206 204 - 3. Configures the APM, AQM and ADM in the CRYCB referenced by a KVM guest's 205 - SIE state description to grant the guest access to a matrix of AP devices 207 + 3. Configures the APM, AQM and ADM in the APCB contained in the CRYCB referenced 208 + by a KVM guest's SIE state description to grant the guest access to a matrix 209 + of AP devices 206 210 207 211 Reserve APQNs for exclusive use of KVM guests 208 212 --------------------------------------------- ··· 233 235 | | 8 probe | | 234 236 +--------^---------+ +--^--^------------+ 235 237 6 edit | | | 236 - apmask | +-----------------------------+ | 9 mdev create 238 + apmask | +-----------------------------+ | 11 mdev create 237 239 aqmask | | 1 modprobe | 238 240 +--------+-----+---+ +----------------+-+ +----------------+ 239 - | | | |8 create | mediated | 241 + | | | |10 create| mediated | 240 242 | admin | | VFIO device core |---------> matrix | 241 243 | + | | | device | 242 244 +------+-+---------+ +--------^---------+ +--------^-------+ ··· 244 246 | | 9 create vfio_ap-passthrough | | 245 247 | +------------------------------+ | 246 248 +-------------------------------------------------------------+ 247 - 10 assign adapter/domain/control domain 249 + 12 assign adapter/domain/control domain 248 250 249 251 The process for reserving an AP queue for use by a KVM guest is: 250 252 251 253 1. The administrator loads the vfio_ap device driver 252 254 2. The vfio-ap driver during its initialization will register a single 'matrix' 253 255 device with the device core. This will serve as the parent device for 254 - all mediated matrix devices used to configure an AP matrix for a guest. 256 + all vfio_ap mediated devices used to configure an AP matrix for a guest. 255 257 3. The /sys/devices/vfio_ap/matrix device is created by the device core 256 258 4. The vfio_ap device driver will register with the AP bus for AP queue devices 257 259 of type 10 and higher (CEX4 and newer). The driver will provide the vfio_ap ··· 267 269 default zcrypt cex4queue driver. 268 270 8. The AP bus probes the vfio_ap device driver to bind the queues reserved for 269 271 it. 270 - 9. The administrator creates a passthrough type mediated matrix device to be 272 + 9. The administrator creates a passthrough type vfio_ap mediated device to be 271 273 used by a guest 272 274 10. The administrator assigns the adapters, usage domains and control domains 273 275 to be exclusively used by a guest. 274 276 275 277 Set up the VFIO mediated device interfaces 276 278 ------------------------------------------ 277 - The VFIO AP device driver utilizes the common interface of the VFIO mediated 279 + The VFIO AP device driver utilizes the common interfaces of the VFIO mediated 278 280 device core driver to: 279 281 280 - * Register an AP mediated bus driver to add a mediated matrix device to and 282 + * Register an AP mediated bus driver to add a vfio_ap mediated device to and 281 283 remove it from a VFIO group. 282 - * Create and destroy a mediated matrix device 283 - * Add a mediated matrix device to and remove it from the AP mediated bus driver 284 - * Add a mediated matrix device to and remove it from an IOMMU group 284 + * Create and destroy a vfio_ap mediated device 285 + * Add a vfio_ap mediated device to and remove it from the AP mediated bus driver 286 + * Add a vfio_ap mediated device to and remove it from an IOMMU group 285 287 286 288 The following high-level block diagram shows the main components and interfaces 287 - of the VFIO AP mediated matrix device driver:: 289 + of the VFIO AP mediated device driver:: 288 290 289 291 +-------------+ 290 292 | | ··· 341 343 * device_api: 342 344 the mediated device type's API 343 345 * available_instances: 344 - the number of mediated matrix passthrough devices 346 + the number of vfio_ap mediated passthrough devices 345 347 that can be created 346 348 * device_api: 347 349 specifies the VFIO API ··· 349 351 This attribute group identifies the user-defined sysfs attributes of the 350 352 mediated device. When a device is registered with the VFIO mediated device 351 353 framework, the sysfs attribute files identified in the 'mdev_attr_groups' 352 - structure will be created in the mediated matrix device's directory. The 353 - sysfs attributes for a mediated matrix device are: 354 + structure will be created in the vfio_ap mediated device's directory. The 355 + sysfs attributes for a vfio_ap mediated device are: 354 356 355 357 assign_adapter / unassign_adapter: 356 358 Write-only attributes for assigning/unassigning an AP adapter to/from the 357 - mediated matrix device. To assign/unassign an adapter, the APID of the 358 - adapter is echoed to the respective attribute file. 359 + vfio_ap mediated device. To assign/unassign an adapter, the APID of the 360 + adapter is echoed into the respective attribute file. 359 361 assign_domain / unassign_domain: 360 362 Write-only attributes for assigning/unassigning an AP usage domain to/from 361 - the mediated matrix device. To assign/unassign a domain, the domain 362 - number of the usage domain is echoed to the respective attribute 363 + the vfio_ap mediated device. To assign/unassign a domain, the domain 364 + number of the usage domain is echoed into the respective attribute 363 365 file. 364 366 matrix: 365 - A read-only file for displaying the APQNs derived from the cross product 366 - of the adapter and domain numbers assigned to the mediated matrix device. 367 + A read-only file for displaying the APQNs derived from the Cartesian 368 + product of the adapter and domain numbers assigned to the vfio_ap mediated 369 + device. 370 + guest_matrix: 371 + A read-only file for displaying the APQNs derived from the Cartesian 372 + product of the adapter and domain numbers assigned to the APM and AQM 373 + fields respectively of the KVM guest's CRYCB. This may differ from the 374 + the APQNs assigned to the vfio_ap mediated device if any APQN does not 375 + reference a queue device bound to the vfio_ap device driver (i.e., the 376 + queue is not in the host's AP configuration). 367 377 assign_control_domain / unassign_control_domain: 368 378 Write-only attributes for assigning/unassigning an AP control domain 369 - to/from the mediated matrix device. To assign/unassign a control domain, 370 - the ID of the domain to be assigned/unassigned is echoed to the respective 371 - attribute file. 379 + to/from the vfio_ap mediated device. To assign/unassign a control domain, 380 + the ID of the domain to be assigned/unassigned is echoed into the 381 + respective attribute file. 372 382 control_domains: 373 383 A read-only file for displaying the control domain numbers assigned to the 374 - mediated matrix device. 384 + vfio_ap mediated device. 375 385 376 386 * functions: 377 387 ··· 389 383 * Store the reference to the KVM structure for the guest using the mdev 390 384 * Store the AP matrix configuration for the adapters, domains, and control 391 385 domains assigned via the corresponding sysfs attributes files 386 + * Store the AP matrix configuration for the adapters, domains and control 387 + domains available to a guest. A guest may not be provided access to APQNs 388 + referencing queue devices that do not exist, or are not bound to the 389 + vfio_ap device driver. 392 390 393 391 remove: 394 - deallocates the mediated matrix device's ap_matrix_mdev structure. This will 395 - be allowed only if a running guest is not using the mdev. 392 + deallocates the vfio_ap mediated device's ap_matrix_mdev structure. 393 + This will be allowed only if a running guest is not using the mdev. 396 394 397 395 * callback interfaces 398 396 399 - open: 397 + open_device: 400 398 The vfio_ap driver uses this callback to register a 401 - VFIO_GROUP_NOTIFY_SET_KVM notifier callback function for the mdev matrix 402 - device. The open is invoked when QEMU connects the VFIO iommu group 403 - for the mdev matrix device to the MDEV bus. Access to the KVM structure used 404 - to configure the KVM guest is provided via this callback. The KVM structure, 405 - is used to configure the guest's access to the AP matrix defined via the 406 - mediated matrix device's sysfs attribute files. 407 - release: 408 - unregisters the VFIO_GROUP_NOTIFY_SET_KVM notifier callback function for the 409 - mdev matrix device and deconfigures the guest's AP matrix. 399 + VFIO_GROUP_NOTIFY_SET_KVM notifier callback function for the matrix mdev 400 + devices. The open_device callback is invoked by userspace to connect the 401 + VFIO iommu group for the matrix mdev device to the MDEV bus. Access to the 402 + KVM structure used to configure the KVM guest is provided via this callback. 403 + The KVM structure, is used to configure the guest's access to the AP matrix 404 + defined via the vfio_ap mediated device's sysfs attribute files. 410 405 411 - Configure the APM, AQM and ADM in the CRYCB 412 - ------------------------------------------- 413 - Configuring the AP matrix for a KVM guest will be performed when the 406 + close_device: 407 + unregisters the VFIO_GROUP_NOTIFY_SET_KVM notifier callback function for the 408 + matrix mdev device and deconfigures the guest's AP matrix. 409 + 410 + ioctl: 411 + this callback handles the VFIO_DEVICE_GET_INFO and VFIO_DEVICE_RESET ioctls 412 + defined by the vfio framework. 413 + 414 + Configure the guest's AP resources 415 + ---------------------------------- 416 + Configuring the AP resources for a KVM guest will be performed when the 414 417 VFIO_GROUP_NOTIFY_SET_KVM notifier callback is invoked. The notifier 415 - function is called when QEMU connects to KVM. The guest's AP matrix is 416 - configured via it's CRYCB by: 418 + function is called when userspace connects to KVM. The guest's AP resources are 419 + configured via it's APCB by: 417 420 418 421 * Setting the bits in the APM corresponding to the APIDs assigned to the 419 - mediated matrix device via its 'assign_adapter' interface. 422 + vfio_ap mediated device via its 'assign_adapter' interface. 420 423 * Setting the bits in the AQM corresponding to the domains assigned to the 421 - mediated matrix device via its 'assign_domain' interface. 424 + vfio_ap mediated device via its 'assign_domain' interface. 422 425 * Setting the bits in the ADM corresponding to the domain dIDs assigned to the 423 - mediated matrix device via its 'assign_control_domains' interface. 426 + vfio_ap mediated device via its 'assign_control_domains' interface. 427 + 428 + The linux device model precludes passing a device through to a KVM guest that 429 + is not bound to the device driver facilitating its pass-through. Consequently, 430 + an APQN that does not reference a queue device bound to the vfio_ap device 431 + driver will not be assigned to a KVM guest's matrix. The AP architecture, 432 + however, does not provide a means to filter individual APQNs from the guest's 433 + matrix, so the adapters, domains and control domains assigned to vfio_ap 434 + mediated device via its sysfs 'assign_adapter', 'assign_domain' and 435 + 'assign_control_domain' interfaces will be filtered before providing the AP 436 + configuration to a guest: 437 + 438 + * The APIDs of the adapters, the APQIs of the domains and the domain numbers of 439 + the control domains assigned to the matrix mdev that are not also assigned to 440 + the host's AP configuration will be filtered. 441 + 442 + * Each APQN derived from the Cartesian product of the APIDs and APQIs assigned 443 + to the vfio_ap mdev is examined and if any one of them does not reference a 444 + queue device bound to the vfio_ap device driver, the adapter will not be 445 + plugged into the guest (i.e., the bit corresponding to its APID will not be 446 + set in the APM of the guest's APCB). 424 447 425 448 The CPU model features for AP 426 449 ----------------------------- 427 - The AP stack relies on the presence of the AP instructions as well as two 428 - facilities: The AP Facilities Test (APFT) facility; and the AP Query 429 - Configuration Information (QCI) facility. These features/facilities are made 430 - available to a KVM guest via the following CPU model features: 450 + The AP stack relies on the presence of the AP instructions as well as three 451 + facilities: The AP Facilities Test (APFT) facility; the AP Query 452 + Configuration Information (QCI) facility; and the AP Queue Interruption Control 453 + facility. These features/facilities are made available to a KVM guest via the 454 + following CPU model features: 431 455 432 456 1. ap: Indicates whether the AP instructions are installed on the guest. This 433 457 feature will be enabled by KVM only if the AP instructions are installed ··· 471 435 can be made available to the guest only if it is available on the host (i.e., 472 436 facility bit 12 is set). 473 437 438 + 4. apqi: Indicates AP Queue Interruption Control faclity is available on the 439 + guest. This facility can be made available to the guest only if it is 440 + available on the host (i.e., facility bit 65 is set). 441 + 474 442 Note: If the user chooses to specify a CPU model different than the 'host' 475 443 model to QEMU, the CPU model features and facilities need to be turned on 476 444 explicitly; for example:: 477 445 478 - /usr/bin/qemu-system-s390x ... -cpu z13,ap=on,apqci=on,apft=on 446 + /usr/bin/qemu-system-s390x ... -cpu z13,ap=on,apqci=on,apft=on,apqi=on 479 447 480 448 A guest can be precluded from using AP features/facilities by turning them off 481 449 explicitly; for example:: 482 450 483 - /usr/bin/qemu-system-s390x ... -cpu host,ap=off,apqci=off,apft=off 451 + /usr/bin/qemu-system-s390x ... -cpu host,ap=off,apqci=off,apft=off,apqi=off 484 452 485 453 Note: If the APFT facility is turned off (apft=off) for the guest, the guest 486 - will not see any AP devices. The zcrypt device drivers that register for type 10 487 - and newer AP devices - i.e., the cex4card and cex4queue device drivers - need 488 - the APFT facility to ascertain the facilities installed on a given AP device. If 489 - the APFT facility is not installed on the guest, then the probe of device 490 - drivers will fail since only type 10 and newer devices can be configured for 491 - guest use. 454 + will not see any AP devices. The zcrypt device drivers on the guest that 455 + register for type 10 and newer AP devices - i.e., the cex4card and cex4queue 456 + device drivers - need the APFT facility to ascertain the facilities installed on 457 + a given AP device. If the APFT facility is not installed on the guest, then no 458 + adapter or domain devices will get created by the AP bus running on the 459 + guest because only type 10 and newer devices can be configured for guest use. 492 460 493 461 Example 494 462 ======= ··· 511 471 05.00ab CEX5C CCA-Coproc 512 472 06 CEX5A Accelerator 513 473 06.0004 CEX5A Accelerator 514 - 06.00ab CEX5C CCA-Coproc 474 + 06.00ab CEX5A Accelerator 515 475 =========== ===== ============ 516 476 517 477 Guest2 ··· 519 479 =========== ===== ============ 520 480 CARD.DOMAIN TYPE MODE 521 481 =========== ===== ============ 522 - 05 CEX5A Accelerator 523 - 05.0047 CEX5A Accelerator 524 - 05.00ff CEX5A Accelerator 482 + 05 CEX5C CCA-Coproc 483 + 05.0047 CEX5C CCA-Coproc 484 + 05.00ff CEX5C CCA-Coproc 525 485 =========== ===== ============ 526 486 527 487 Guest3 ··· 569 529 570 530 2. Secure the AP queues to be used by the three guests so that the host can not 571 531 access them. To secure them, there are two sysfs files that specify 572 - bitmasks marking a subset of the APQN range as 'usable by the default AP 573 - queue device drivers' or 'not usable by the default device drivers' and thus 574 - available for use by the vfio_ap device driver'. The location of the sysfs 575 - files containing the masks are:: 532 + bitmasks marking a subset of the APQN range as usable only by the default AP 533 + queue device drivers. All remaining APQNs are available for use by 534 + any other device driver. The vfio_ap device driver is currently the only 535 + non-default device driver. The location of the sysfs files containing the 536 + masks are:: 576 537 577 538 /sys/bus/ap/apmask 578 539 /sys/bus/ap/aqmask 579 540 580 541 The 'apmask' is a 256-bit mask that identifies a set of AP adapter IDs 581 - (APID). Each bit in the mask, from left to right (i.e., from most significant 582 - to least significant bit in big endian order), corresponds to an APID from 583 - 0-255. If a bit is set, the APID is marked as usable only by the default AP 584 - queue device drivers; otherwise, the APID is usable by the vfio_ap 585 - device driver. 542 + (APID). Each bit in the mask, from left to right, corresponds to an APID from 543 + 0-255. If a bit is set, the APID belongs to the subset of APQNs marked as 544 + available only to the default AP queue device drivers. 586 545 587 546 The 'aqmask' is a 256-bit mask that identifies a set of AP queue indexes 588 - (APQI). Each bit in the mask, from left to right (i.e., from most significant 589 - to least significant bit in big endian order), corresponds to an APQI from 590 - 0-255. If a bit is set, the APQI is marked as usable only by the default AP 591 - queue device drivers; otherwise, the APQI is usable by the vfio_ap device 592 - driver. 547 + (APQI). Each bit in the mask, from left to right, corresponds to an APQI from 548 + 0-255. If a bit is set, the APQI belongs to the subset of APQNs marked as 549 + available only to the default AP queue device drivers. 593 550 594 - Take, for example, the following mask:: 551 + The Cartesian product of the APIDs corresponding to the bits set in the 552 + apmask and the APQIs corresponding to the bits set in the aqmask comprise 553 + the subset of APQNs that can be used only by the host default device drivers. 554 + All other APQNs are available to the non-default device drivers such as the 555 + vfio_ap driver. 595 556 596 - 0x7dffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 557 + Take, for example, the following masks:: 597 558 598 - It indicates: 559 + apmask: 560 + 0x7d00000000000000000000000000000000000000000000000000000000000000 599 561 600 - 1, 2, 3, 4, 5, and 7-255 belong to the default drivers' pool, and 0 and 6 601 - belong to the vfio_ap device driver's pool. 562 + aqmask: 563 + 0x8000000000000000000000000000000000000000000000000000000000000000 564 + 565 + The masks indicate: 566 + 567 + * Adapters 1, 2, 3, 4, 5, and 7 are available for use by the host default 568 + device drivers. 569 + 570 + * Domain 0 is available for use by the host default device drivers 571 + 572 + * The subset of APQNs available for use only by the default host device 573 + drivers are: 574 + 575 + (1,0), (2,0), (3,0), (4.0), (5,0) and (7,0) 576 + 577 + * All other APQNs are available for use by the non-default device drivers. 602 578 603 579 The APQN of each AP queue device assigned to the linux host is checked by the 604 - AP bus against the set of APQNs derived from the cross product of APIDs 605 - and APQIs marked as usable only by the default AP queue device drivers. If a 580 + AP bus against the set of APQNs derived from the Cartesian product of APIDs 581 + and APQIs marked as available to the default AP queue device drivers. If a 606 582 match is detected, only the default AP queue device drivers will be probed; 607 583 otherwise, the vfio_ap device driver will be probed. 608 584 ··· 635 579 636 580 0x4100000000000000000000000000000000000000000000000000000000000000 637 581 638 - Keep in mind that the mask reads from left to right (i.e., most 639 - significant to least significant bit in big endian order), so the mask 582 + Keep in mind that the mask reads from left to right, so the mask 640 583 above identifies device numbers 1 and 7 (01000001). 641 584 642 585 If the string is longer than the mask, the operation is terminated with ··· 681 626 default drivers pool: adapter 0-15, domain 1 682 627 alternate drivers pool: adapter 16-255, domains 0, 2-255 683 628 629 + **Note:** 630 + Changing a mask such that one or more APQNs will be taken from a vfio_ap 631 + mediated device (see below) will fail with an error (EBUSY). A message 632 + is logged to the kernel ring buffer which can be viewed with the 'dmesg' 633 + command. The output identifies each APQN flagged as 'in use' and identifies 634 + the vfio_ap mediated device to which it is assigned; for example: 635 + 636 + Userspace may not re-assign queue 05.0054 already assigned to 62177883-f1bb-47f0-914d-32a22e3a8804 637 + Userspace may not re-assign queue 04.0054 already assigned to cef03c3c-903d-4ecc-9a83-40694cb8aee4 638 + 684 639 Securing the APQNs for our example 685 640 ---------------------------------- 686 641 To secure the AP queues 05.0004, 05.0047, 05.00ab, 05.00ff, 06.0004, 06.0047, 687 642 06.00ab, and 06.00ff for use by the vfio_ap device driver, the corresponding 688 - APQNs can either be removed from the default masks:: 643 + APQNs can be removed from the default masks using either of the following 644 + commands:: 689 645 690 646 echo -5,-6 > /sys/bus/ap/apmask 691 647 ··· 749 683 750 684 /sys/devices/vfio_ap/matrix/ 751 685 --- [mdev_supported_types] 752 - ------ [vfio_ap-passthrough] (passthrough mediated matrix device type) 686 + ------ [vfio_ap-passthrough] (passthrough vfio_ap mediated device type) 753 687 --------- create 754 688 --------- [devices] 755 689 ··· 800 734 ----------------unassign_control_domain 801 735 ----------------unassign_domain 802 736 737 + Note *****: The vfio_ap mdevs do not persist across reboots unless the 738 + mdevctl tool is used to create and persist them. 739 + 803 740 4. The administrator now needs to configure the matrixes for the mediated 804 741 devices $uuid1 (for Guest1), $uuid2 (for Guest2) and $uuid3 (for Guest3). 805 742 ··· 824 755 825 756 cat matrix 826 757 758 + To display the matrix that is or will be assigned to Guest1:: 759 + 760 + cat guest_matrix 761 + 827 762 This is how the matrix is configured for Guest2:: 828 763 829 764 echo 5 > assign_adapter ··· 847 774 higher than the maximum is specified, the operation will terminate with 848 775 an error (ENODEV). 849 776 850 - * All APQNs that can be derived from the adapter ID and the IDs of 851 - the previously assigned domains must be bound to the vfio_ap device 852 - driver. If no domains have yet been assigned, then there must be at least 853 - one APQN with the specified APID bound to the vfio_ap driver. If no such 854 - APQNs are bound to the driver, the operation will terminate with an 855 - error (EADDRNOTAVAIL). 777 + Note: The maximum adapter number can be obtained via the sysfs 778 + /sys/bus/ap/ap_max_adapter_id attribute file. 856 779 857 - No APQN that can be derived from the adapter ID and the IDs of the 858 - previously assigned domains can be assigned to another mediated matrix 859 - device. If an APQN is assigned to another mediated matrix device, the 860 - operation will terminate with an error (EADDRINUSE). 780 + * Each APQN derived from the Cartesian product of the APID of the adapter 781 + being assigned and the APQIs of the domains previously assigned: 782 + 783 + - Must only be available to the vfio_ap device driver as specified in the 784 + sysfs /sys/bus/ap/apmask and /sys/bus/ap/aqmask attribute files. If even 785 + one APQN is reserved for use by the host device driver, the operation 786 + will terminate with an error (EADDRNOTAVAIL). 787 + 788 + - Must NOT be assigned to another vfio_ap mediated device. If even one APQN 789 + is assigned to another vfio_ap mediated device, the operation will 790 + terminate with an error (EBUSY). 791 + 792 + - Must NOT be assigned while the sysfs /sys/bus/ap/apmask and 793 + sys/bus/ap/aqmask attribute files are being edited or the operation may 794 + terminate with an error (EBUSY). 861 795 862 796 In order to successfully assign a domain: 863 797 ··· 873 793 higher than the maximum is specified, the operation will terminate with 874 794 an error (ENODEV). 875 795 876 - * All APQNs that can be derived from the domain ID and the IDs of 877 - the previously assigned adapters must be bound to the vfio_ap device 878 - driver. If no domains have yet been assigned, then there must be at least 879 - one APQN with the specified APQI bound to the vfio_ap driver. If no such 880 - APQNs are bound to the driver, the operation will terminate with an 881 - error (EADDRNOTAVAIL). 796 + Note: The maximum domain number can be obtained via the sysfs 797 + /sys/bus/ap/ap_max_domain_id attribute file. 882 798 883 - No APQN that can be derived from the domain ID and the IDs of the 884 - previously assigned adapters can be assigned to another mediated matrix 885 - device. If an APQN is assigned to another mediated matrix device, the 886 - operation will terminate with an error (EADDRINUSE). 799 + * Each APQN derived from the Cartesian product of the APQI of the domain 800 + being assigned and the APIDs of the adapters previously assigned: 887 801 888 - In order to successfully assign a control domain, the domain number 889 - specified must represent a value from 0 up to the maximum domain number 890 - configured for the system. If a control domain number higher than the maximum 891 - is specified, the operation will terminate with an error (ENODEV). 802 + - Must only be available to the vfio_ap device driver as specified in the 803 + sysfs /sys/bus/ap/apmask and /sys/bus/ap/aqmask attribute files. If even 804 + one APQN is reserved for use by the host device driver, the operation 805 + will terminate with an error (EADDRNOTAVAIL). 806 + 807 + - Must NOT be assigned to another vfio_ap mediated device. If even one APQN 808 + is assigned to another vfio_ap mediated device, the operation will 809 + terminate with an error (EBUSY). 810 + 811 + - Must NOT be assigned while the sysfs /sys/bus/ap/apmask and 812 + sys/bus/ap/aqmask attribute files are being edited or the operation may 813 + terminate with an error (EBUSY). 814 + 815 + In order to successfully assign a control domain: 816 + 817 + * The domain number specified must represent a value from 0 up to the maximum 818 + domain number configured for the system. If a control domain number higher 819 + than the maximum is specified, the operation will terminate with an 820 + error (ENODEV). 892 821 893 822 5. Start Guest1:: 894 823 895 - /usr/bin/qemu-system-s390x ... -cpu host,ap=on,apqci=on,apft=on \ 824 + /usr/bin/qemu-system-s390x ... -cpu host,ap=on,apqci=on,apft=on,apqi=on \ 896 825 -device vfio-ap,sysfsdev=/sys/devices/vfio_ap/matrix/$uuid1 ... 897 826 898 827 7. Start Guest2:: 899 828 900 - /usr/bin/qemu-system-s390x ... -cpu host,ap=on,apqci=on,apft=on \ 829 + /usr/bin/qemu-system-s390x ... -cpu host,ap=on,apqci=on,apft=on,apqi=on \ 901 830 -device vfio-ap,sysfsdev=/sys/devices/vfio_ap/matrix/$uuid2 ... 902 831 903 832 7. Start Guest3:: 904 833 905 - /usr/bin/qemu-system-s390x ... -cpu host,ap=on,apqci=on,apft=on \ 834 + /usr/bin/qemu-system-s390x ... -cpu host,ap=on,apqci=on,apft=on,apqi=on \ 906 835 -device vfio-ap,sysfsdev=/sys/devices/vfio_ap/matrix/$uuid3 ... 907 836 908 - When the guest is shut down, the mediated matrix devices may be removed. 837 + When the guest is shut down, the vfio_ap mediated devices may be removed. 909 838 910 - Using our example again, to remove the mediated matrix device $uuid1:: 839 + Using our example again, to remove the vfio_ap mediated device $uuid1:: 911 840 912 841 /sys/devices/vfio_ap/matrix/ 913 842 --- [mdev_supported_types] ··· 929 840 930 841 echo 1 > remove 931 842 932 - This will remove all of the mdev matrix device's sysfs structures including 933 - the mdev device itself. To recreate and reconfigure the mdev matrix device, 843 + This will remove all of the matrix mdev device's sysfs structures including 844 + the mdev device itself. To recreate and reconfigure the matrix mdev device, 934 845 all of the steps starting with step 3 will have to be performed again. Note 935 - that the remove will fail if a guest using the mdev is still running. 846 + that the remove will fail if a guest using the vfio_ap mdev is still running. 936 847 937 - It is not necessary to remove an mdev matrix device, but one may want to 848 + It is not necessary to remove a vfio_ap mdev, but one may want to 938 849 remove it if no guest will use it during the remaining lifetime of the linux 939 - host. If the mdev matrix device is removed, one may want to also reconfigure 850 + host. If the vfio_ap mdev is removed, one may want to also reconfigure 940 851 the pool of adapters and queues reserved for use by the default drivers. 852 + 853 + Hot plug/unplug support: 854 + ======================== 855 + An adapter, domain or control domain may be hot plugged into a running KVM 856 + guest by assigning it to the vfio_ap mediated device being used by the guest if 857 + the following conditions are met: 858 + 859 + * The adapter, domain or control domain must also be assigned to the host's 860 + AP configuration. 861 + 862 + * Each APQN derived from the Cartesian product comprised of the APID of the 863 + adapter being assigned and the APQIs of the domains assigned must reference a 864 + queue device bound to the vfio_ap device driver. 865 + 866 + * To hot plug a domain, each APQN derived from the Cartesian product 867 + comprised of the APQI of the domain being assigned and the APIDs of the 868 + adapters assigned must reference a queue device bound to the vfio_ap device 869 + driver. 870 + 871 + An adapter, domain or control domain may be hot unplugged from a running KVM 872 + guest by unassigning it from the vfio_ap mediated device being used by the 873 + guest. 874 + 875 + Over-provisioning of AP queues for a KVM guest: 876 + =============================================== 877 + Over-provisioning is defined herein as the assignment of adapters or domains to 878 + a vfio_ap mediated device that do not reference AP devices in the host's AP 879 + configuration. The idea here is that when the adapter or domain becomes 880 + available, it will be automatically hot-plugged into the KVM guest using 881 + the vfio_ap mediated device to which it is assigned as long as each new APQN 882 + resulting from plugging it in references a queue device bound to the vfio_ap 883 + device driver. 941 884 942 885 Limitations 943 886 =========== 944 - * The KVM/kernel interfaces do not provide a way to prevent restoring an APQN 945 - to the default drivers pool of a queue that is still assigned to a mediated 946 - device in use by a guest. It is incumbent upon the administrator to 947 - ensure there is no mediated device in use by a guest to which the APQN is 948 - assigned lest the host be given access to the private data of the AP queue 949 - device such as a private key configured specifically for the guest. 887 + Live guest migration is not supported for guests using AP devices without 888 + intervention by a system administrator. Before a KVM guest can be migrated, 889 + the vfio_ap mediated device must be removed. Unfortunately, it can not be 890 + removed manually (i.e., echo 1 > /sys/devices/vfio_ap/matrix/$UUID/remove) while 891 + the mdev is in use by a KVM guest. If the guest is being emulated by QEMU, 892 + its mdev can be hot unplugged from the guest in one of two ways: 950 893 951 - * Dynamically modifying the AP matrix for a running guest (which would amount to 952 - hot(un)plug of AP devices for the guest) is currently not supported 894 + 1. If the KVM guest was started with libvirt, you can hot unplug the mdev via 895 + the following commands: 953 896 954 - * Live guest migration is not supported for guests using AP devices. 897 + virsh detach-device <guestname> <path-to-device-xml> 898 + 899 + For example, to hot unplug mdev 62177883-f1bb-47f0-914d-32a22e3a8804 from 900 + the guest named 'my-guest': 901 + 902 + virsh detach-device my-guest ~/config/my-guest-hostdev.xml 903 + 904 + The contents of my-guest-hostdev.xml: 905 + 906 + .. code-block:: xml 907 + 908 + <hostdev mode='subsystem' type='mdev' managed='no' model='vfio-ap'> 909 + <source> 910 + <address uuid='62177883-f1bb-47f0-914d-32a22e3a8804'/> 911 + </source> 912 + </hostdev> 913 + 914 + 915 + virsh qemu-monitor-command <guest-name> --hmp "device-del <device-id>" 916 + 917 + For example, to hot unplug the vfio_ap mediated device identified on the 918 + qemu command line with 'id=hostdev0' from the guest named 'my-guest': 919 + 920 + .. code-block:: sh 921 + 922 + virsh qemu-monitor-command my-guest --hmp "device_del hostdev0" 923 + 924 + 2. A vfio_ap mediated device can be hot unplugged by attaching the qemu monitor 925 + to the guest and using the following qemu monitor command: 926 + 927 + (QEMU) device-del id=<device-id> 928 + 929 + For example, to hot unplug the vfio_ap mediated device that was specified 930 + on the qemu command line with 'id=hostdev0' when the guest was started: 931 + 932 + (QEMU) device-del id=hostdev0 933 + 934 + After live migration of the KVM guest completes, an AP configuration can be 935 + restored to the KVM guest by hot plugging a vfio_ap mediated device on the target 936 + system into the guest in one of two ways: 937 + 938 + 1. If the KVM guest was started with libvirt, you can hot plug a matrix mediated 939 + device into the guest via the following virsh commands: 940 + 941 + virsh attach-device <guestname> <path-to-device-xml> 942 + 943 + For example, to hot plug mdev 62177883-f1bb-47f0-914d-32a22e3a8804 into 944 + the guest named 'my-guest': 945 + 946 + virsh attach-device my-guest ~/config/my-guest-hostdev.xml 947 + 948 + The contents of my-guest-hostdev.xml: 949 + 950 + .. code-block:: xml 951 + 952 + <hostdev mode='subsystem' type='mdev' managed='no' model='vfio-ap'> 953 + <source> 954 + <address uuid='62177883-f1bb-47f0-914d-32a22e3a8804'/> 955 + </source> 956 + </hostdev> 957 + 958 + 959 + virsh qemu-monitor-command <guest-name> --hmp \ 960 + "device_add vfio-ap,sysfsdev=<path-to-mdev>,id=<device-id>" 961 + 962 + For example, to hot plug the vfio_ap mediated device 963 + 62177883-f1bb-47f0-914d-32a22e3a8804 into the guest named 'my-guest' with 964 + device-id hostdev0: 965 + 966 + virsh qemu-monitor-command my-guest --hmp \ 967 + "device_add vfio-ap,\ 968 + sysfsdev=/sys/devices/vfio_ap/matrix/62177883-f1bb-47f0-914d-32a22e3a8804,\ 969 + id=hostdev0" 970 + 971 + 2. A vfio_ap mediated device can be hot plugged by attaching the qemu monitor 972 + to the guest and using the following qemu monitor command: 973 + 974 + (qemu) device_add "vfio-ap,sysfsdev=<path-to-mdev>,id=<device-id>" 975 + 976 + For example, to plug the vfio_ap mediated device 977 + 62177883-f1bb-47f0-914d-32a22e3a8804 into the guest with the device-id 978 + hostdev0: 979 + 980 + (QEMU) device-add "vfio-ap,\ 981 + sysfsdev=/sys/devices/vfio_ap/matrix/62177883-f1bb-47f0-914d-32a22e3a8804,\ 982 + id=hostdev0"

+1 -1

MAINTAINERS

··· 17808 17808 L: linux-s390@vger.kernel.org 17809 17809 S: Supported 17810 17810 W: http://www.ibm.com/developerworks/linux/linux390/ 17811 - F: Documentation/s390/vfio-ap.rst 17811 + F: Documentation/s390/vfio-ap* 17812 17812 F: drivers/s390/crypto/vfio_ap* 17813 17813 17814 17814 S390 VFIO-CCW DRIVER

+6 -4

arch/s390/boot/startup.c

··· 152 152 unsigned long vmemmap_start; 153 153 unsigned long rte_size; 154 154 unsigned long pages; 155 + unsigned long vmax; 155 156 156 157 pages = ident_map_size / PAGE_SIZE; 157 158 /* vmemmap contains a multiple of PAGES_PER_SECTION struct pages */ ··· 164 163 vmalloc_size > _REGION2_SIZE || 165 164 vmemmap_start + vmemmap_size + vmalloc_size + MODULES_LEN > 166 165 _REGION2_SIZE) { 167 - MODULES_END = _REGION1_SIZE; 166 + vmax = _REGION1_SIZE; 168 167 rte_size = _REGION2_SIZE; 169 168 } else { 170 - MODULES_END = _REGION2_SIZE; 169 + vmax = _REGION2_SIZE; 171 170 rte_size = _REGION3_SIZE; 172 171 } 173 172 /* ··· 175 174 * secure storage limit, so that any vmalloc allocation 176 175 * we do could be used to back secure guest storage. 177 176 */ 178 - adjust_to_uv_max(&MODULES_END); 177 + vmax = adjust_to_uv_max(vmax); 179 178 #ifdef CONFIG_KASAN 180 179 /* force vmalloc and modules below kasan shadow */ 181 - MODULES_END = min(MODULES_END, KASAN_SHADOW_START); 180 + vmax = min(vmax, KASAN_SHADOW_START); 182 181 #endif 182 + MODULES_END = vmax; 183 183 MODULES_VADDR = MODULES_END - MODULES_LEN; 184 184 VMALLOC_END = MODULES_VADDR; 185 185

+3 -2

arch/s390/boot/uv.c

··· 57 57 } 58 58 59 59 #if IS_ENABLED(CONFIG_KVM) 60 - void adjust_to_uv_max(unsigned long *vmax) 60 + unsigned long adjust_to_uv_max(unsigned long limit) 61 61 { 62 62 if (is_prot_virt_host() && uv_info.max_sec_stor_addr) 63 - *vmax = min_t(unsigned long, *vmax, uv_info.max_sec_stor_addr); 63 + limit = min_t(unsigned long, limit, uv_info.max_sec_stor_addr); 64 + return limit; 64 65 } 65 66 66 67 static int is_prot_virt_host_capable(void)

+5 -2

arch/s390/boot/uv.h

··· 3 3 #define BOOT_UV_H 4 4 5 5 #if IS_ENABLED(CONFIG_KVM) 6 - void adjust_to_uv_max(unsigned long *vmax); 6 + unsigned long adjust_to_uv_max(unsigned long limit); 7 7 void sanitize_prot_virt_host(void); 8 8 #else 9 - static inline void adjust_to_uv_max(unsigned long *vmax) {} 9 + static inline unsigned long adjust_to_uv_max(unsigned long limit) 10 + { 11 + return limit; 12 + } 10 13 static inline void sanitize_prot_virt_host(void) {} 11 14 #endif 12 15

+1 -1

arch/s390/crypto/aes_s390.c

··· 1049 1049 return ret; 1050 1050 } 1051 1051 1052 - module_cpu_feature_match(MSA, aes_s390_init); 1052 + module_cpu_feature_match(S390_CPU_FEATURE_MSA, aes_s390_init); 1053 1053 module_exit(aes_s390_fini); 1054 1054 1055 1055 MODULE_ALIAS_CRYPTO("aes-all");

+1 -1

arch/s390/crypto/chacha-glue.c

··· 121 121 crypto_unregister_skciphers(chacha_algs, ARRAY_SIZE(chacha_algs)); 122 122 } 123 123 124 - module_cpu_feature_match(VXRS, chacha_mod_init); 124 + module_cpu_feature_match(S390_CPU_FEATURE_VXRS, chacha_mod_init); 125 125 module_exit(chacha_mod_fini); 126 126 127 127 MODULE_DESCRIPTION("ChaCha20 stream cipher");

+1 -1

arch/s390/crypto/crc32-vx.c

··· 298 298 crypto_unregister_shashes(crc32_vx_algs, ARRAY_SIZE(crc32_vx_algs)); 299 299 } 300 300 301 - module_cpu_feature_match(VXRS, crc_vx_mod_init); 301 + module_cpu_feature_match(S390_CPU_FEATURE_VXRS, crc_vx_mod_init); 302 302 module_exit(crc_vx_mod_exit); 303 303 304 304 MODULE_AUTHOR("Hendrik Brueckner <brueckner@linux.vnet.ibm.com>");

+1 -1

arch/s390/crypto/des_s390.c

··· 492 492 return ret; 493 493 } 494 494 495 - module_cpu_feature_match(MSA, des_s390_init); 495 + module_cpu_feature_match(S390_CPU_FEATURE_MSA, des_s390_init); 496 496 module_exit(des_s390_exit); 497 497 498 498 MODULE_ALIAS_CRYPTO("des");

+1 -1

arch/s390/crypto/ghash_s390.c

··· 145 145 crypto_unregister_shash(&ghash_alg); 146 146 } 147 147 148 - module_cpu_feature_match(MSA, ghash_mod_init); 148 + module_cpu_feature_match(S390_CPU_FEATURE_MSA, ghash_mod_init); 149 149 module_exit(ghash_mod_exit); 150 150 151 151 MODULE_ALIAS_CRYPTO("ghash");

+1 -1

arch/s390/crypto/prng.c

··· 907 907 } 908 908 } 909 909 910 - module_cpu_feature_match(MSA, prng_init); 910 + module_cpu_feature_match(S390_CPU_FEATURE_MSA, prng_init); 911 911 module_exit(prng_exit);

+1 -1

arch/s390/crypto/sha1_s390.c

··· 95 95 crypto_unregister_shash(&alg); 96 96 } 97 97 98 - module_cpu_feature_match(MSA, sha1_s390_init); 98 + module_cpu_feature_match(S390_CPU_FEATURE_MSA, sha1_s390_init); 99 99 module_exit(sha1_s390_fini); 100 100 101 101 MODULE_ALIAS_CRYPTO("sha1");

+1 -1

arch/s390/crypto/sha256_s390.c

··· 134 134 crypto_unregister_shash(&sha256_alg); 135 135 } 136 136 137 - module_cpu_feature_match(MSA, sha256_s390_init); 137 + module_cpu_feature_match(S390_CPU_FEATURE_MSA, sha256_s390_init); 138 138 module_exit(sha256_s390_fini); 139 139 140 140 MODULE_ALIAS_CRYPTO("sha256");

+1 -1

arch/s390/crypto/sha3_256_s390.c

··· 137 137 crypto_unregister_shash(&sha3_256_alg); 138 138 } 139 139 140 - module_cpu_feature_match(MSA, sha3_256_s390_init); 140 + module_cpu_feature_match(S390_CPU_FEATURE_MSA, sha3_256_s390_init); 141 141 module_exit(sha3_256_s390_fini); 142 142 143 143 MODULE_ALIAS_CRYPTO("sha3-256");

+1 -1

arch/s390/crypto/sha3_512_s390.c

··· 147 147 crypto_unregister_shash(&sha3_384_alg); 148 148 } 149 149 150 - module_cpu_feature_match(MSA, init); 150 + module_cpu_feature_match(S390_CPU_FEATURE_MSA, init); 151 151 module_exit(fini); 152 152 153 153 MODULE_LICENSE("GPL");

+1 -1

arch/s390/crypto/sha512_s390.c

··· 142 142 crypto_unregister_shash(&sha384_alg); 143 143 } 144 144 145 - module_cpu_feature_match(MSA, init); 145 + module_cpu_feature_match(S390_CPU_FEATURE_MSA, init); 146 146 module_exit(fini); 147 147 148 148 MODULE_LICENSE("GPL");

+8 -15

arch/s390/include/asm/cpufeature.h

··· 2 2 /* 3 3 * Module interface for CPU features 4 4 * 5 - * Copyright IBM Corp. 2015 5 + * Copyright IBM Corp. 2015, 2022 6 6 * Author(s): Hendrik Brueckner <brueckner@linux.vnet.ibm.com> 7 7 */ 8 8 9 9 #ifndef __ASM_S390_CPUFEATURE_H 10 10 #define __ASM_S390_CPUFEATURE_H 11 11 12 - #include <asm/elf.h> 12 + enum { 13 + S390_CPU_FEATURE_MSA, 14 + S390_CPU_FEATURE_VXRS, 15 + S390_CPU_FEATURE_UV, 16 + MAX_CPU_FEATURES 17 + }; 13 18 14 - /* Hardware features on Linux on z Systems are indicated by facility bits that 15 - * are mapped to the so-called machine flags. Particular machine flags are 16 - * then used to define ELF hardware capabilities; most notably hardware flags 17 - * that are essential for user space / glibc. 18 - * 19 - * Restrict the set of exposed CPU features to ELF hardware capabilities for 20 - * now. Additional machine flags can be indicated by values larger than 21 - * MAX_ELF_HWCAP_FEATURES. 22 - */ 23 - #define MAX_ELF_HWCAP_FEATURES (8 * sizeof(elf_hwcap)) 24 - #define MAX_CPU_FEATURES MAX_ELF_HWCAP_FEATURES 25 - 26 - #define cpu_feature(feat) ilog2(HWCAP_ ## feat) 19 + #define cpu_feature(feature) (feature) 27 20 28 21 int cpu_have_feature(unsigned int nr); 29 22

-14

arch/s390/include/asm/mmu.h

··· 42 42 .context.pgtable_list = LIST_HEAD_INIT(name.context.pgtable_list), \ 43 43 .context.gmap_list = LIST_HEAD_INIT(name.context.gmap_list), 44 44 45 - static inline int tprot(unsigned long addr) 46 - { 47 - int rc = -EFAULT; 48 - 49 - asm volatile( 50 - " tprot 0(%1),0\n" 51 - "0: ipm %0\n" 52 - " srl %0,28\n" 53 - "1:\n" 54 - EX_TABLE(0b,1b) 55 - : "+d" (rc) : "a" (addr) : "cc"); 56 - return rc; 57 - } 58 - 59 45 #endif

+16 -1

arch/s390/include/asm/os_info.h

··· 8 8 #ifndef _ASM_S390_OS_INFO_H 9 9 #define _ASM_S390_OS_INFO_H 10 10 11 + #include <linux/uio.h> 12 + 11 13 #define OS_INFO_VERSION_MAJOR 1 12 14 #define OS_INFO_VERSION_MINOR 1 13 15 #define OS_INFO_MAGIC 0x4f53494e464f535aULL /* OSINFOSZ */ ··· 41 39 42 40 #ifdef CONFIG_CRASH_DUMP 43 41 void *os_info_old_entry(int nr, unsigned long *size); 44 - int copy_oldmem_kernel(void *dst, unsigned long src, size_t count); 42 + size_t copy_oldmem_iter(struct iov_iter *iter, unsigned long src, size_t count); 43 + 44 + static inline int copy_oldmem_kernel(void *dst, unsigned long src, size_t count) 45 + { 46 + struct iov_iter iter; 47 + struct kvec kvec; 48 + 49 + kvec.iov_base = dst; 50 + kvec.iov_len = count; 51 + iov_iter_kvec(&iter, WRITE, &kvec, 1, count); 52 + if (copy_oldmem_iter(&iter, src, count) < count) 53 + return -EFAULT; 54 + return 0; 55 + } 45 56 #else 46 57 static inline void *os_info_old_entry(int nr, unsigned long *size) 47 58 {

+2 -2

arch/s390/include/asm/sclp.h

··· 17 17 #define EXT_SCCB_READ_CPU (3 * PAGE_SIZE) 18 18 19 19 #ifndef __ASSEMBLY__ 20 + #include <linux/uio.h> 20 21 #include <asm/chpid.h> 21 22 #include <asm/cpu.h> 22 23 ··· 147 146 int sclp_ap_configure(u32 apid); 148 147 int sclp_ap_deconfigure(u32 apid); 149 148 int sclp_pci_report(struct zpci_report_error_header *report, u32 fh, u32 fid); 150 - int memcpy_hsa_kernel(void *dest, unsigned long src, size_t count); 151 - int memcpy_hsa_user(void __user *dest, unsigned long src, size_t count); 149 + size_t memcpy_hsa_iter(struct iov_iter *iter, unsigned long src, size_t count); 152 150 void sclp_ocf_cpc_name_copy(char *dst); 153 151 154 152 static inline int sclp_get_core_info(struct sclp_core_info *info, int early)

-1

arch/s390/include/asm/uaccess.h

··· 285 285 return __clear_user(to, n); 286 286 } 287 287 288 - int copy_to_user_real(void __user *dest, unsigned long src, unsigned long count); 289 288 void *s390_kernel_write(void *dst, const void *src, size_t size); 290 289 291 290 int __noreturn __put_kernel_bad(void);

+1 -1

arch/s390/include/asm/unwind.h

··· 47 47 static inline unsigned long unwind_recover_ret_addr(struct unwind_state *state, 48 48 unsigned long ip) 49 49 { 50 - ip = ftrace_graph_ret_addr(state->task, &state->graph_idx, ip, NULL); 50 + ip = ftrace_graph_ret_addr(state->task, &state->graph_idx, ip, (void *)state->sp); 51 51 if (is_kretprobe_trampoline(ip)) 52 52 ip = kretprobe_find_ret_addr(state->task, (void *)state->sp, &state->kr_cur); 53 53 return ip;

+1 -1

arch/s390/kernel/Makefile

··· 35 35 36 36 obj-y := traps.o time.o process.o earlypgm.o early.o setup.o idle.o vtime.o 37 37 obj-y += processor.o syscall.o ptrace.o signal.o cpcmd.o ebcdic.o nmi.o 38 - obj-y += debug.o irq.o ipl.o dis.o diag.o vdso.o 38 + obj-y += debug.o irq.o ipl.o dis.o diag.o vdso.o cpufeature.o 39 39 obj-y += sysinfo.o lgr.o os_info.o machine_kexec.o 40 40 obj-y += runtime_instr.o cache.o fpu.o dumpstack.o guarded_storage.o sthyi.o 41 41 obj-y += entry.o reipl.o relocate_kernel.o kdebugfs.o alternative.o

+46

arch/s390/kernel/cpufeature.c

··· 1 + // SPDX-License-Identifier: GPL-2.0 2 + /* 3 + * Copyright IBM Corp. 2022 4 + */ 5 + 6 + #include <linux/cpufeature.h> 7 + #include <linux/bug.h> 8 + #include <asm/elf.h> 9 + 10 + enum { 11 + TYPE_HWCAP, 12 + TYPE_FACILITY, 13 + }; 14 + 15 + struct s390_cpu_feature { 16 + unsigned int type : 4; 17 + unsigned int num : 28; 18 + }; 19 + 20 + static struct s390_cpu_feature s390_cpu_features[MAX_CPU_FEATURES] = { 21 + [S390_CPU_FEATURE_MSA] = {.type = TYPE_HWCAP, .num = HWCAP_NR_MSA}, 22 + [S390_CPU_FEATURE_VXRS] = {.type = TYPE_HWCAP, .num = HWCAP_NR_VXRS}, 23 + [S390_CPU_FEATURE_UV] = {.type = TYPE_FACILITY, .num = 158}, 24 + }; 25 + 26 + /* 27 + * cpu_have_feature - Test CPU features on module initialization 28 + */ 29 + int cpu_have_feature(unsigned int num) 30 + { 31 + struct s390_cpu_feature *feature; 32 + 33 + if (WARN_ON_ONCE(num >= MAX_CPU_FEATURES)) 34 + return 0; 35 + feature = &s390_cpu_features[num]; 36 + switch (feature->type) { 37 + case TYPE_HWCAP: 38 + return !!(elf_hwcap & BIT(feature->num)); 39 + case TYPE_FACILITY: 40 + return test_facility(feature->num); 41 + default: 42 + WARN_ON_ONCE(1); 43 + return 0; 44 + } 45 + } 46 + EXPORT_SYMBOL(cpu_have_feature);

+30 -90

arch/s390/kernel/crash_dump.c

··· 53 53 }; 54 54 55 55 static LIST_HEAD(dump_save_areas); 56 + static DEFINE_MUTEX(memcpy_real_mutex); 57 + static char memcpy_real_buf[PAGE_SIZE]; 56 58 57 59 /* 58 60 * Allocate a save area ··· 65 63 66 64 sa = memblock_alloc(sizeof(*sa), 8); 67 65 if (!sa) 68 - panic("Failed to allocate save area\n"); 66 + return NULL; 69 67 70 68 if (is_boot_cpu) 71 69 list_add(&sa->list, &dump_save_areas); ··· 116 114 memcpy(sa->vxrs_high, vxrs + 16, 16 * sizeof(__vector128)); 117 115 } 118 116 119 - /* 120 - * Return physical address for virtual address 121 - */ 122 - static inline void *load_real_addr(void *addr) 117 + static size_t copy_to_iter_real(struct iov_iter *iter, unsigned long src, size_t count) 123 118 { 124 - unsigned long real_addr; 119 + size_t len, copied, res = 0; 125 120 126 - asm volatile( 127 - " lra %0,0(%1)\n" 128 - " jz 0f\n" 129 - " la %0,0\n" 130 - "0:" 131 - : "=a" (real_addr) : "a" (addr) : "cc"); 132 - return (void *)real_addr; 121 + mutex_lock(&memcpy_real_mutex); 122 + while (count) { 123 + len = min(PAGE_SIZE, count); 124 + if (memcpy_real(memcpy_real_buf, src, len)) 125 + break; 126 + copied = copy_to_iter(memcpy_real_buf, len, iter); 127 + count -= copied; 128 + src += copied; 129 + res += copied; 130 + if (copied < len) 131 + break; 132 + } 133 + mutex_unlock(&memcpy_real_mutex); 134 + return res; 133 135 } 134 136 135 - /* 136 - * Copy memory of the old, dumped system to a kernel space virtual address 137 - */ 138 - int copy_oldmem_kernel(void *dst, unsigned long src, size_t count) 137 + size_t copy_oldmem_iter(struct iov_iter *iter, unsigned long src, size_t count) 139 138 { 140 - unsigned long len; 141 - void *ra; 142 - int rc; 139 + size_t len, copied, res = 0; 143 140 144 141 while (count) { 145 142 if (!oldmem_data.start && src < sclp.hsa_size) { 146 143 /* Copy from zfcp/nvme dump HSA area */ 147 144 len = min(count, sclp.hsa_size - src); 148 - rc = memcpy_hsa_kernel(dst, src, len); 149 - if (rc) 150 - return rc; 145 + copied = memcpy_hsa_iter(iter, src, len); 151 146 } else { 152 147 /* Check for swapped kdump oldmem areas */ 153 148 if (oldmem_data.start && src - oldmem_data.start < oldmem_data.size) { ··· 156 157 } else { 157 158 len = count; 158 159 } 159 - if (is_vmalloc_or_module_addr(dst)) { 160 - ra = load_real_addr(dst); 161 - len = min(PAGE_SIZE - offset_in_page(ra), len); 162 - } else { 163 - ra = dst; 164 - } 165 - if (memcpy_real(ra, src, len)) 166 - return -EFAULT; 160 + copied = copy_to_iter_real(iter, src, len); 167 161 } 168 - dst += len; 169 - src += len; 170 - count -= len; 162 + count -= copied; 163 + src += copied; 164 + res += copied; 165 + if (copied < len) 166 + break; 171 167 } 172 - return 0; 173 - } 174 - 175 - /* 176 - * Copy memory of the old, dumped system to a user space virtual address 177 - */ 178 - static int copy_oldmem_user(void __user *dst, unsigned long src, size_t count) 179 - { 180 - unsigned long len; 181 - int rc; 182 - 183 - while (count) { 184 - if (!oldmem_data.start && src < sclp.hsa_size) { 185 - /* Copy from zfcp/nvme dump HSA area */ 186 - len = min(count, sclp.hsa_size - src); 187 - rc = memcpy_hsa_user(dst, src, len); 188 - if (rc) 189 - return rc; 190 - } else { 191 - /* Check for swapped kdump oldmem areas */ 192 - if (oldmem_data.start && src - oldmem_data.start < oldmem_data.size) { 193 - src -= oldmem_data.start; 194 - len = min(count, oldmem_data.size - src); 195 - } else if (oldmem_data.start && src < oldmem_data.size) { 196 - len = min(count, oldmem_data.size - src); 197 - src += oldmem_data.start; 198 - } else { 199 - len = count; 200 - } 201 - rc = copy_to_user_real(dst, src, count); 202 - if (rc) 203 - return rc; 204 - } 205 - dst += len; 206 - src += len; 207 - count -= len; 208 - } 209 - return 0; 168 + return res; 210 169 } 211 170 212 171 /* ··· 174 217 unsigned long offset) 175 218 { 176 219 unsigned long src; 177 - int rc; 178 220 179 - if (!(iter_is_iovec(iter) || iov_iter_is_kvec(iter))) 180 - return -EINVAL; 181 - /* Multi-segment iterators are not supported */ 182 - if (iter->nr_segs > 1) 183 - return -EINVAL; 184 - if (!csize) 185 - return 0; 186 221 src = pfn_to_phys(pfn) + offset; 187 - 188 - /* XXX: pass the iov_iter down to a common function */ 189 - if (iter_is_iovec(iter)) 190 - rc = copy_oldmem_user(iter->iov->iov_base, src, csize); 191 - else 192 - rc = copy_oldmem_kernel(iter->kvec->iov_base, src, csize); 193 - if (rc < 0) 194 - return rc; 195 - iov_iter_advance(iter, csize); 196 - return csize; 222 + return copy_oldmem_iter(iter, src, csize); 197 223 } 198 224 199 225 /*

+5 -3

arch/s390/kernel/nmi.c

··· 11 11 #include <linux/kernel_stat.h> 12 12 #include <linux/init.h> 13 13 #include <linux/errno.h> 14 + #include <linux/entry-common.h> 14 15 #include <linux/hardirq.h> 15 16 #include <linux/log2.h> 16 17 #include <linux/kprobes.h> ··· 398 397 static unsigned long long last_ipd; 399 398 struct mcck_struct *mcck; 400 399 unsigned long long tmp; 400 + irqentry_state_t irq_state; 401 401 union mci mci; 402 402 unsigned long mcck_dam_code; 403 403 int mcck_pending = 0; 404 404 405 - nmi_enter(); 405 + irq_state = irqentry_nmi_enter(regs); 406 406 407 407 if (user_mode(regs)) 408 408 update_timer_mcck(); ··· 506 504 clear_cpu_flag(CIF_MCCK_GUEST); 507 505 508 506 if (user_mode(regs) && mcck_pending) { 509 - nmi_exit(); 507 + irqentry_nmi_exit(regs, irq_state); 510 508 return 1; 511 509 } 512 510 513 511 if (mcck_pending) 514 512 schedule_mcck_handler(); 515 513 516 - nmi_exit(); 514 + irqentry_nmi_exit(regs, irq_state); 517 515 return 0; 518 516 } 519 517 NOKPROBE_SYMBOL(s390_do_machine_check);

-10

arch/s390/kernel/processor.c

··· 8 8 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt 9 9 10 10 #include <linux/stop_machine.h> 11 - #include <linux/cpufeature.h> 12 11 #include <linux/bitops.h> 13 12 #include <linux/kernel.h> 14 13 #include <linux/random.h> ··· 94 95 BUG_ON(current->mm); 95 96 enter_lazy_tlb(&init_mm, current); 96 97 } 97 - 98 - /* 99 - * cpu_have_feature - Test CPU features on module initialization 100 - */ 101 - int cpu_have_feature(unsigned int num) 102 - { 103 - return elf_hwcap & (1UL << num); 104 - } 105 - EXPORT_SYMBOL(cpu_have_feature); 106 98 107 99 static void show_facilities(struct seq_file *m) 108 100 {

+6 -7

arch/s390/kernel/setup.c

··· 474 474 lc->restart_data = 0; 475 475 lc->restart_source = -1U; 476 476 477 - mcck_stack = (unsigned long)memblock_alloc(THREAD_SIZE, THREAD_SIZE); 478 - if (!mcck_stack) 479 - panic("%s: Failed to allocate %lu bytes align=0x%lx\n", 480 - __func__, THREAD_SIZE, THREAD_SIZE); 481 - lc->mcck_stack = mcck_stack + STACK_INIT_OFFSET; 482 - 483 - /* Setup absolute zero lowcore */ 484 477 put_abs_lowcore(restart_stack, lc->restart_stack); 485 478 put_abs_lowcore(restart_fn, lc->restart_fn); 486 479 put_abs_lowcore(restart_data, lc->restart_data); 487 480 put_abs_lowcore(restart_source, lc->restart_source); 488 481 put_abs_lowcore(restart_psw, lc->restart_psw); 482 + 483 + mcck_stack = (unsigned long)memblock_alloc(THREAD_SIZE, THREAD_SIZE); 484 + if (!mcck_stack) 485 + panic("%s: Failed to allocate %lu bytes align=0x%lx\n", 486 + __func__, THREAD_SIZE, THREAD_SIZE); 487 + lc->mcck_stack = mcck_stack + STACK_INIT_OFFSET; 489 488 490 489 lc->spinlock_lockval = arch_spin_lockval(0); 491 490 lc->spinlock_index = 0;

-26

arch/s390/mm/maccess.c

··· 172 172 } 173 173 174 174 /* 175 - * Copy memory from kernel (real) to user (virtual) 176 - */ 177 - int copy_to_user_real(void __user *dest, unsigned long src, unsigned long count) 178 - { 179 - int offs = 0, size, rc; 180 - char *buf; 181 - 182 - buf = (char *) __get_free_page(GFP_KERNEL); 183 - if (!buf) 184 - return -ENOMEM; 185 - rc = -EFAULT; 186 - while (offs < count) { 187 - size = min(PAGE_SIZE, count - offs); 188 - if (memcpy_real(buf, src + offs, size)) 189 - goto out; 190 - if (copy_to_user(dest + offs, buf, size)) 191 - goto out; 192 - offs += size; 193 - } 194 - rc = 0; 195 - out: 196 - free_page((unsigned long) buf); 197 - return rc; 198 - } 199 - 200 - /* 201 175 * Check if physical address is within prefix or zero page 202 176 */ 203 177 static int is_swapped(phys_addr_t addr)

+1 -1

drivers/char/hw_random/s390-trng.c

··· 252 252 trng_debug_exit(); 253 253 } 254 254 255 - module_cpu_feature_match(MSA, trng_init); 255 + module_cpu_feature_match(S390_CPU_FEATURE_MSA, trng_init); 256 256 module_exit(trng_exit);

+1 -1

drivers/s390/char/Kconfig

··· 89 89 Management Console (HMC) drive CD/DVD-ROM. It is available as a 90 90 module, called 'hmcdrv', and also as kernel built-in. There is one 91 91 optional parameter for this module: cachesize=N, which modifies the 92 - transfer cache size from it's default value 0.5MB to N bytes. If N 92 + transfer cache size from its default value 0.5MB to N bytes. If N 93 93 is zero, then no caching is performed. 94 94 95 95 config SCLP_OFB

+1 -1

drivers/s390/char/tape_34xx.c

··· 548 548 case 0x2e: 549 549 /* 550 550 * Not capable. This indicates either that the drive fails 551 - * reading the format id mark or that that format specified 551 + * reading the format id mark or that format specified 552 552 * is not supported by the drive. 553 553 */ 554 554 dev_warn (&device->cdev->dev, "The tape unit cannot process "

+2 -3

drivers/s390/char/uvdevice.c

··· 27 27 #include <linux/stddef.h> 28 28 #include <linux/vmalloc.h> 29 29 #include <linux/slab.h> 30 + #include <linux/cpufeature.h> 30 31 31 32 #include <asm/uvdevice.h> 32 33 #include <asm/uv.h> ··· 245 244 246 245 static int __init uvio_dev_init(void) 247 246 { 248 - if (!test_facility(158)) 249 - return -ENXIO; 250 247 return misc_register(&uvio_dev_miscdev); 251 248 } 252 249 253 - module_init(uvio_dev_init); 250 + module_cpu_feature_match(S390_CPU_FEATURE_UV, uvio_dev_init); 254 251 module_exit(uvio_dev_exit); 255 252 256 253 MODULE_AUTHOR("IBM Corporation");

+26 -29

drivers/s390/char/zcore.c

··· 17 17 #include <linux/debugfs.h> 18 18 #include <linux/panic_notifier.h> 19 19 #include <linux/reboot.h> 20 + #include <linux/uio.h> 20 21 21 22 #include <asm/asm-offsets.h> 22 23 #include <asm/ipl.h> ··· 51 50 static struct dentry *zcore_hsa_file; 52 51 static struct ipl_parameter_block *zcore_ipl_block; 53 52 53 + static DEFINE_MUTEX(hsa_buf_mutex); 54 54 static char hsa_buf[PAGE_SIZE] __aligned(PAGE_SIZE); 55 55 56 56 /* 57 - * Copy memory from HSA to user memory (not reentrant): 57 + * Copy memory from HSA to iterator (not reentrant): 58 58 * 59 - * @dest: User buffer where memory should be copied to 59 + * @iter: Iterator where memory should be copied to 60 60 * @src: Start address within HSA where data should be copied 61 61 * @count: Size of buffer, which should be copied 62 62 */ 63 - int memcpy_hsa_user(void __user *dest, unsigned long src, size_t count) 63 + size_t memcpy_hsa_iter(struct iov_iter *iter, unsigned long src, size_t count) 64 64 { 65 - unsigned long offset, bytes; 65 + size_t bytes, copied, res = 0; 66 + unsigned long offset; 66 67 67 68 if (!hsa_available) 68 - return -ENODATA; 69 + return 0; 69 70 71 + mutex_lock(&hsa_buf_mutex); 70 72 while (count) { 71 73 if (sclp_sdias_copy(hsa_buf, src / PAGE_SIZE + 2, 1)) { 72 74 TRACE("sclp_sdias_copy() failed\n"); 73 - return -EIO; 75 + break; 74 76 } 75 77 offset = src % PAGE_SIZE; 76 78 bytes = min(PAGE_SIZE - offset, count); 77 - if (copy_to_user(dest, hsa_buf + offset, bytes)) 78 - return -EFAULT; 79 - src += bytes; 80 - dest += bytes; 81 - count -= bytes; 79 + copied = copy_to_iter(hsa_buf + offset, bytes, iter); 80 + count -= copied; 81 + src += copied; 82 + res += copied; 83 + if (copied < bytes) 84 + break; 82 85 } 83 - return 0; 86 + mutex_unlock(&hsa_buf_mutex); 87 + return res; 84 88 } 85 89 86 90 /* ··· 95 89 * @src: Start address within HSA where data should be copied 96 90 * @count: Size of buffer, which should be copied 97 91 */ 98 - int memcpy_hsa_kernel(void *dest, unsigned long src, size_t count) 92 + static inline int memcpy_hsa_kernel(void *dst, unsigned long src, size_t count) 99 93 { 100 - unsigned long offset, bytes; 94 + struct iov_iter iter; 95 + struct kvec kvec; 101 96 102 - if (!hsa_available) 103 - return -ENODATA; 104 - 105 - while (count) { 106 - if (sclp_sdias_copy(hsa_buf, src / PAGE_SIZE + 2, 1)) { 107 - TRACE("sclp_sdias_copy() failed\n"); 108 - return -EIO; 109 - } 110 - offset = src % PAGE_SIZE; 111 - bytes = min(PAGE_SIZE - offset, count); 112 - memcpy(dest, hsa_buf + offset, bytes); 113 - src += bytes; 114 - dest += bytes; 115 - count -= bytes; 116 - } 97 + kvec.iov_base = dst; 98 + kvec.iov_len = count; 99 + iov_iter_kvec(&iter, WRITE, &kvec, 1, count); 100 + if (memcpy_hsa_iter(&iter, src, count) < count) 101 + return -EIO; 117 102 return 0; 118 103 } 119 104

+23 -8

drivers/s390/crypto/ap_bus.c

··· 838 838 bus_for_each_dev(&ap_bus_type, NULL, NULL, __ap_revise_reserved); 839 839 } 840 840 841 + /** 842 + * ap_owned_by_def_drv: indicates whether an AP adapter is reserved for the 843 + * default host driver or not. 844 + * @card: the APID of the adapter card to check 845 + * @queue: the APQI of the queue to check 846 + * 847 + * Note: the ap_perms_mutex must be locked by the caller of this function. 848 + * 849 + * Return: an int specifying whether the AP adapter is reserved for the host (1) 850 + * or not (0). 851 + */ 841 852 int ap_owned_by_def_drv(int card, int queue) 842 853 { 843 854 int rc = 0; ··· 856 845 if (card < 0 || card >= AP_DEVICES || queue < 0 || queue >= AP_DOMAINS) 857 846 return -EINVAL; 858 847 859 - mutex_lock(&ap_perms_mutex); 860 - 861 848 if (test_bit_inv(card, ap_perms.apm) && 862 849 test_bit_inv(queue, ap_perms.aqm)) 863 850 rc = 1; 864 - 865 - mutex_unlock(&ap_perms_mutex); 866 851 867 852 return rc; 868 853 } 869 854 EXPORT_SYMBOL(ap_owned_by_def_drv); 870 855 856 + /** 857 + * ap_apqn_in_matrix_owned_by_def_drv: indicates whether every APQN contained in 858 + * a set is reserved for the host drivers 859 + * or not. 860 + * @apm: a bitmap specifying a set of APIDs comprising the APQNs to check 861 + * @aqm: a bitmap specifying a set of APQIs comprising the APQNs to check 862 + * 863 + * Note: the ap_perms_mutex must be locked by the caller of this function. 864 + * 865 + * Return: an int specifying whether each APQN is reserved for the host (1) or 866 + * not (0) 867 + */ 871 868 int ap_apqn_in_matrix_owned_by_def_drv(unsigned long *apm, 872 869 unsigned long *aqm) 873 870 { 874 871 int card, queue, rc = 0; 875 - 876 - mutex_lock(&ap_perms_mutex); 877 872 878 873 for (card = 0; !rc && card < AP_DEVICES; card++) 879 874 if (test_bit_inv(card, apm) && ··· 888 871 if (test_bit_inv(queue, aqm) && 889 872 test_bit_inv(queue, ap_perms.aqm)) 890 873 rc = 1; 891 - 892 - mutex_unlock(&ap_perms_mutex); 893 874 894 875 return rc; 895 876 }

+1 -1

drivers/s390/crypto/pkey_api.c

··· 2115 2115 pkey_debug_exit(); 2116 2116 } 2117 2117 2118 - module_cpu_feature_match(MSA, pkey_init); 2118 + module_cpu_feature_match(S390_CPU_FEATURE_MSA, pkey_init); 2119 2119 module_exit(pkey_exit);

+7 -117

drivers/s390/crypto/vfio_ap_drv.c

··· 18 18 19 19 #define VFIO_AP_ROOT_NAME "vfio_ap" 20 20 #define VFIO_AP_DEV_NAME "matrix" 21 - #define AP_QUEUE_ASSIGNED "assigned" 22 - #define AP_QUEUE_UNASSIGNED "unassigned" 23 - #define AP_QUEUE_IN_USE "in use" 24 21 25 22 MODULE_AUTHOR("IBM Corporation"); 26 23 MODULE_DESCRIPTION("VFIO AP device driver, Copyright IBM Corp. 2018"); ··· 43 46 { /* end of sibling */ }, 44 47 }; 45 48 46 - static struct ap_matrix_mdev *vfio_ap_mdev_for_queue(struct vfio_ap_queue *q) 47 - { 48 - struct ap_matrix_mdev *matrix_mdev; 49 - unsigned long apid = AP_QID_CARD(q->apqn); 50 - unsigned long apqi = AP_QID_QUEUE(q->apqn); 51 - 52 - list_for_each_entry(matrix_mdev, &matrix_dev->mdev_list, node) { 53 - if (test_bit_inv(apid, matrix_mdev->matrix.apm) && 54 - test_bit_inv(apqi, matrix_mdev->matrix.aqm)) 55 - return matrix_mdev; 56 - } 57 - 58 - return NULL; 59 - } 60 - 61 - static ssize_t status_show(struct device *dev, 62 - struct device_attribute *attr, 63 - char *buf) 64 - { 65 - ssize_t nchars = 0; 66 - struct vfio_ap_queue *q; 67 - struct ap_matrix_mdev *matrix_mdev; 68 - struct ap_device *apdev = to_ap_dev(dev); 69 - 70 - mutex_lock(&matrix_dev->lock); 71 - q = dev_get_drvdata(&apdev->device); 72 - matrix_mdev = vfio_ap_mdev_for_queue(q); 73 - 74 - if (matrix_mdev) { 75 - if (matrix_mdev->kvm) 76 - nchars = scnprintf(buf, PAGE_SIZE, "%s\n", 77 - AP_QUEUE_IN_USE); 78 - else 79 - nchars = scnprintf(buf, PAGE_SIZE, "%s\n", 80 - AP_QUEUE_ASSIGNED); 81 - } else { 82 - nchars = scnprintf(buf, PAGE_SIZE, "%s\n", 83 - AP_QUEUE_UNASSIGNED); 84 - } 85 - 86 - mutex_unlock(&matrix_dev->lock); 87 - 88 - return nchars; 89 - } 90 - 91 - static DEVICE_ATTR_RO(status); 92 - 93 - static struct attribute *vfio_queue_attrs[] = { 94 - &dev_attr_status.attr, 95 - NULL, 96 - }; 97 - 98 - static const struct attribute_group vfio_queue_attr_group = { 99 - .attrs = vfio_queue_attrs, 100 - }; 101 - 102 - /** 103 - * vfio_ap_queue_dev_probe: Allocate a vfio_ap_queue structure and associate it 104 - * with the device as driver_data. 105 - * 106 - * @apdev: the AP device being probed 107 - * 108 - * Return: returns 0 if the probe succeeded; otherwise, returns an error if 109 - * storage could not be allocated for a vfio_ap_queue object or the 110 - * sysfs 'status' attribute could not be created for the queue device. 111 - */ 112 - static int vfio_ap_queue_dev_probe(struct ap_device *apdev) 113 - { 114 - int ret; 115 - struct vfio_ap_queue *q; 116 - 117 - q = kzalloc(sizeof(*q), GFP_KERNEL); 118 - if (!q) 119 - return -ENOMEM; 120 - 121 - mutex_lock(&matrix_dev->lock); 122 - dev_set_drvdata(&apdev->device, q); 123 - q->apqn = to_ap_queue(&apdev->device)->qid; 124 - q->saved_isc = VFIO_AP_ISC_INVALID; 125 - 126 - ret = sysfs_create_group(&apdev->device.kobj, &vfio_queue_attr_group); 127 - if (ret) { 128 - dev_set_drvdata(&apdev->device, NULL); 129 - kfree(q); 130 - } 131 - 132 - mutex_unlock(&matrix_dev->lock); 133 - 134 - return ret; 135 - } 136 - 137 - /** 138 - * vfio_ap_queue_dev_remove: Free the associated vfio_ap_queue structure. 139 - * 140 - * @apdev: the AP device being removed 141 - * 142 - * Takes the matrix lock to avoid actions on this device while doing the remove. 143 - */ 144 - static void vfio_ap_queue_dev_remove(struct ap_device *apdev) 145 - { 146 - struct vfio_ap_queue *q; 147 - 148 - mutex_lock(&matrix_dev->lock); 149 - sysfs_remove_group(&apdev->device.kobj, &vfio_queue_attr_group); 150 - q = dev_get_drvdata(&apdev->device); 151 - vfio_ap_mdev_reset_queue(q, 1); 152 - dev_set_drvdata(&apdev->device, NULL); 153 - kfree(q); 154 - mutex_unlock(&matrix_dev->lock); 155 - } 156 - 157 49 static struct ap_driver vfio_ap_drv = { 158 - .probe = vfio_ap_queue_dev_probe, 159 - .remove = vfio_ap_queue_dev_remove, 50 + .probe = vfio_ap_mdev_probe_queue, 51 + .remove = vfio_ap_mdev_remove_queue, 52 + .in_use = vfio_ap_mdev_resource_in_use, 53 + .on_config_changed = vfio_ap_on_cfg_changed, 54 + .on_scan_complete = vfio_ap_on_scan_complete, 160 55 .ids = ap_queue_ids, 161 56 }; 162 57 ··· 101 212 goto matrix_alloc_err; 102 213 } 103 214 104 - mutex_init(&matrix_dev->lock); 215 + mutex_init(&matrix_dev->mdevs_lock); 105 216 INIT_LIST_HEAD(&matrix_dev->mdev_list); 217 + mutex_init(&matrix_dev->guests_lock); 106 218 107 219 dev_set_name(&matrix_dev->device, "%s", VFIO_AP_DEV_NAME); 108 220 matrix_dev->device.parent = root_device;

+1129 -318

drivers/s390/crypto/vfio_ap_ops.c

··· 26 26 #define VFIO_AP_MDEV_TYPE_HWVIRT "passthrough" 27 27 #define VFIO_AP_MDEV_NAME_HWVIRT "VFIO AP Passthrough Device" 28 28 29 - static int vfio_ap_mdev_reset_queues(struct ap_matrix_mdev *matrix_mdev); 29 + #define AP_QUEUE_ASSIGNED "assigned" 30 + #define AP_QUEUE_UNASSIGNED "unassigned" 31 + #define AP_QUEUE_IN_USE "in use" 32 + 33 + static int vfio_ap_mdev_reset_queues(struct ap_queue_table *qtable); 30 34 static struct vfio_ap_queue *vfio_ap_find_queue(int apqn); 31 35 static const struct vfio_device_ops vfio_ap_matrix_dev_ops; 36 + static int vfio_ap_mdev_reset_queue(struct vfio_ap_queue *q, unsigned int retry); 32 37 33 - static int match_apqn(struct device *dev, const void *data) 38 + /** 39 + * get_update_locks_for_kvm: Acquire the locks required to dynamically update a 40 + * KVM guest's APCB in the proper order. 41 + * 42 + * @kvm: a pointer to a struct kvm object containing the KVM guest's APCB. 43 + * 44 + * The proper locking order is: 45 + * 1. matrix_dev->guests_lock: required to use the KVM pointer to update a KVM 46 + * guest's APCB. 47 + * 2. kvm->lock: required to update a guest's APCB 48 + * 3. matrix_dev->mdevs_lock: required to access data stored in a matrix_mdev 49 + * 50 + * Note: If @kvm is NULL, the KVM lock will not be taken. 51 + */ 52 + static inline void get_update_locks_for_kvm(struct kvm *kvm) 34 53 { 35 - struct vfio_ap_queue *q = dev_get_drvdata(dev); 36 - 37 - return (q->apqn == *(int *)(data)) ? 1 : 0; 54 + mutex_lock(&matrix_dev->guests_lock); 55 + if (kvm) 56 + mutex_lock(&kvm->lock); 57 + mutex_lock(&matrix_dev->mdevs_lock); 38 58 } 39 59 40 60 /** 41 - * vfio_ap_get_queue - retrieve a queue with a specific APQN from a list 42 - * @matrix_mdev: the associated mediated matrix 43 - * @apqn: The queue APQN 61 + * release_update_locks_for_kvm: Release the locks used to dynamically update a 62 + * KVM guest's APCB in the proper order. 44 63 * 45 - * Retrieve a queue with a specific APQN from the list of the 46 - * devices of the vfio_ap_drv. 47 - * Verify that the APID and the APQI are set in the matrix. 64 + * @kvm: a pointer to a struct kvm object containing the KVM guest's APCB. 48 65 * 49 - * Return: the pointer to the associated vfio_ap_queue 66 + * The proper unlocking order is: 67 + * 1. matrix_dev->mdevs_lock 68 + * 2. kvm->lock 69 + * 3. matrix_dev->guests_lock 70 + * 71 + * Note: If @kvm is NULL, the KVM lock will not be released. 50 72 */ 51 - static struct vfio_ap_queue *vfio_ap_get_queue( 73 + static inline void release_update_locks_for_kvm(struct kvm *kvm) 74 + { 75 + mutex_unlock(&matrix_dev->mdevs_lock); 76 + if (kvm) 77 + mutex_unlock(&kvm->lock); 78 + mutex_unlock(&matrix_dev->guests_lock); 79 + } 80 + 81 + /** 82 + * get_update_locks_for_mdev: Acquire the locks required to dynamically update a 83 + * KVM guest's APCB in the proper order. 84 + * 85 + * @matrix_mdev: a pointer to a struct ap_matrix_mdev object containing the AP 86 + * configuration data to use to update a KVM guest's APCB. 87 + * 88 + * The proper locking order is: 89 + * 1. matrix_dev->guests_lock: required to use the KVM pointer to update a KVM 90 + * guest's APCB. 91 + * 2. matrix_mdev->kvm->lock: required to update a guest's APCB 92 + * 3. matrix_dev->mdevs_lock: required to access data stored in a matrix_mdev 93 + * 94 + * Note: If @matrix_mdev is NULL or is not attached to a KVM guest, the KVM 95 + * lock will not be taken. 96 + */ 97 + static inline void get_update_locks_for_mdev(struct ap_matrix_mdev *matrix_mdev) 98 + { 99 + mutex_lock(&matrix_dev->guests_lock); 100 + if (matrix_mdev && matrix_mdev->kvm) 101 + mutex_lock(&matrix_mdev->kvm->lock); 102 + mutex_lock(&matrix_dev->mdevs_lock); 103 + } 104 + 105 + /** 106 + * release_update_locks_for_mdev: Release the locks used to dynamically update a 107 + * KVM guest's APCB in the proper order. 108 + * 109 + * @matrix_mdev: a pointer to a struct ap_matrix_mdev object containing the AP 110 + * configuration data to use to update a KVM guest's APCB. 111 + * 112 + * The proper unlocking order is: 113 + * 1. matrix_dev->mdevs_lock 114 + * 2. matrix_mdev->kvm->lock 115 + * 3. matrix_dev->guests_lock 116 + * 117 + * Note: If @matrix_mdev is NULL or is not attached to a KVM guest, the KVM 118 + * lock will not be released. 119 + */ 120 + static inline void release_update_locks_for_mdev(struct ap_matrix_mdev *matrix_mdev) 121 + { 122 + mutex_unlock(&matrix_dev->mdevs_lock); 123 + if (matrix_mdev && matrix_mdev->kvm) 124 + mutex_unlock(&matrix_mdev->kvm->lock); 125 + mutex_unlock(&matrix_dev->guests_lock); 126 + } 127 + 128 + /** 129 + * get_update_locks_by_apqn: Find the mdev to which an APQN is assigned and 130 + * acquire the locks required to update the APCB of 131 + * the KVM guest to which the mdev is attached. 132 + * 133 + * @apqn: the APQN of a queue device. 134 + * 135 + * The proper locking order is: 136 + * 1. matrix_dev->guests_lock: required to use the KVM pointer to update a KVM 137 + * guest's APCB. 138 + * 2. matrix_mdev->kvm->lock: required to update a guest's APCB 139 + * 3. matrix_dev->mdevs_lock: required to access data stored in a matrix_mdev 140 + * 141 + * Note: If @apqn is not assigned to a matrix_mdev, the matrix_mdev->kvm->lock 142 + * will not be taken. 143 + * 144 + * Return: the ap_matrix_mdev object to which @apqn is assigned or NULL if @apqn 145 + * is not assigned to an ap_matrix_mdev. 146 + */ 147 + static struct ap_matrix_mdev *get_update_locks_by_apqn(int apqn) 148 + { 149 + struct ap_matrix_mdev *matrix_mdev; 150 + 151 + mutex_lock(&matrix_dev->guests_lock); 152 + 153 + list_for_each_entry(matrix_mdev, &matrix_dev->mdev_list, node) { 154 + if (test_bit_inv(AP_QID_CARD(apqn), matrix_mdev->matrix.apm) && 155 + test_bit_inv(AP_QID_QUEUE(apqn), matrix_mdev->matrix.aqm)) { 156 + if (matrix_mdev->kvm) 157 + mutex_lock(&matrix_mdev->kvm->lock); 158 + 159 + mutex_lock(&matrix_dev->mdevs_lock); 160 + 161 + return matrix_mdev; 162 + } 163 + } 164 + 165 + mutex_lock(&matrix_dev->mdevs_lock); 166 + 167 + return NULL; 168 + } 169 + 170 + /** 171 + * get_update_locks_for_queue: get the locks required to update the APCB of the 172 + * KVM guest to which the matrix mdev linked to a 173 + * vfio_ap_queue object is attached. 174 + * 175 + * @q: a pointer to a vfio_ap_queue object. 176 + * 177 + * The proper locking order is: 178 + * 1. q->matrix_dev->guests_lock: required to use the KVM pointer to update a 179 + * KVM guest's APCB. 180 + * 2. q->matrix_mdev->kvm->lock: required to update a guest's APCB 181 + * 3. matrix_dev->mdevs_lock: required to access data stored in matrix_mdev 182 + * 183 + * Note: if @queue is not linked to an ap_matrix_mdev object, the KVM lock 184 + * will not be taken. 185 + */ 186 + static inline void get_update_locks_for_queue(struct vfio_ap_queue *q) 187 + { 188 + mutex_lock(&matrix_dev->guests_lock); 189 + if (q->matrix_mdev && q->matrix_mdev->kvm) 190 + mutex_lock(&q->matrix_mdev->kvm->lock); 191 + mutex_lock(&matrix_dev->mdevs_lock); 192 + } 193 + 194 + /** 195 + * vfio_ap_mdev_get_queue - retrieve a queue with a specific APQN from a 196 + * hash table of queues assigned to a matrix mdev 197 + * @matrix_mdev: the matrix mdev 198 + * @apqn: The APQN of a queue device 199 + * 200 + * Return: the pointer to the vfio_ap_queue struct representing the queue or 201 + * NULL if the queue is not assigned to @matrix_mdev 202 + */ 203 + static struct vfio_ap_queue *vfio_ap_mdev_get_queue( 52 204 struct ap_matrix_mdev *matrix_mdev, 53 205 int apqn) 54 206 { 55 207 struct vfio_ap_queue *q; 56 208 57 - if (!test_bit_inv(AP_QID_CARD(apqn), matrix_mdev->matrix.apm)) 58 - return NULL; 59 - if (!test_bit_inv(AP_QID_QUEUE(apqn), matrix_mdev->matrix.aqm)) 60 - return NULL; 209 + hash_for_each_possible(matrix_mdev->qtable.queues, q, mdev_qnode, 210 + apqn) { 211 + if (q && q->apqn == apqn) 212 + return q; 213 + } 61 214 62 - q = vfio_ap_find_queue(apqn); 63 - if (q) 64 - q->matrix_mdev = matrix_mdev; 65 - 66 - return q; 215 + return NULL; 67 216 } 68 217 69 218 /** ··· 329 180 status.response_code); 330 181 end_free: 331 182 vfio_ap_free_aqic_resources(q); 332 - q->matrix_mdev = NULL; 333 183 return status; 334 184 } 335 185 ··· 547 399 return -EOPNOTSUPP; 548 400 } 549 401 550 - mutex_lock(&matrix_dev->lock); 402 + mutex_lock(&matrix_dev->mdevs_lock); 403 + 551 404 if (!vcpu->kvm->arch.crypto.pqap_hook) { 552 405 VFIO_AP_DBF_WARN("%s: PQAP(AQIC) hook not registered with the vfio_ap driver: apqn=0x%04x\n", 553 406 __func__, apqn); 407 + 554 408 goto out_unlock; 555 409 } 556 410 ··· 568 418 goto out_unlock; 569 419 } 570 420 571 - q = vfio_ap_get_queue(matrix_mdev, apqn); 421 + q = vfio_ap_mdev_get_queue(matrix_mdev, apqn); 572 422 if (!q) { 573 423 VFIO_AP_DBF_WARN("%s: Queue %02x.%04x not bound to the vfio_ap driver\n", 574 424 __func__, AP_QID_CARD(apqn), ··· 587 437 out_unlock: 588 438 memcpy(&vcpu->run->s.regs.gprs[1], &qstatus, sizeof(qstatus)); 589 439 vcpu->run->s.regs.gprs[1] >>= 32; 590 - mutex_unlock(&matrix_dev->lock); 440 + mutex_unlock(&matrix_dev->mdevs_lock); 591 441 return 0; 592 442 } 593 443 ··· 597 447 matrix->apm_max = info->apxa ? info->Na : 63; 598 448 matrix->aqm_max = info->apxa ? info->Nd : 15; 599 449 matrix->adm_max = info->apxa ? info->Nd : 15; 450 + } 451 + 452 + static void vfio_ap_mdev_update_guest_apcb(struct ap_matrix_mdev *matrix_mdev) 453 + { 454 + if (matrix_mdev->kvm) 455 + kvm_arch_crypto_set_masks(matrix_mdev->kvm, 456 + matrix_mdev->shadow_apcb.apm, 457 + matrix_mdev->shadow_apcb.aqm, 458 + matrix_mdev->shadow_apcb.adm); 459 + } 460 + 461 + static bool vfio_ap_mdev_filter_cdoms(struct ap_matrix_mdev *matrix_mdev) 462 + { 463 + DECLARE_BITMAP(prev_shadow_adm, AP_DOMAINS); 464 + 465 + bitmap_copy(prev_shadow_adm, matrix_mdev->shadow_apcb.adm, AP_DOMAINS); 466 + bitmap_and(matrix_mdev->shadow_apcb.adm, matrix_mdev->matrix.adm, 467 + (unsigned long *)matrix_dev->info.adm, AP_DOMAINS); 468 + 469 + return !bitmap_equal(prev_shadow_adm, matrix_mdev->shadow_apcb.adm, 470 + AP_DOMAINS); 471 + } 472 + 473 + /* 474 + * vfio_ap_mdev_filter_matrix - filter the APQNs assigned to the matrix mdev 475 + * to ensure no queue devices are passed through to 476 + * the guest that are not bound to the vfio_ap 477 + * device driver. 478 + * 479 + * @matrix_mdev: the matrix mdev whose matrix is to be filtered. 480 + * 481 + * Note: If an APQN referencing a queue device that is not bound to the vfio_ap 482 + * driver, its APID will be filtered from the guest's APCB. The matrix 483 + * structure precludes filtering an individual APQN, so its APID will be 484 + * filtered. 485 + * 486 + * Return: a boolean value indicating whether the KVM guest's APCB was changed 487 + * by the filtering or not. 488 + */ 489 + static bool vfio_ap_mdev_filter_matrix(unsigned long *apm, unsigned long *aqm, 490 + struct ap_matrix_mdev *matrix_mdev) 491 + { 492 + unsigned long apid, apqi, apqn; 493 + DECLARE_BITMAP(prev_shadow_apm, AP_DEVICES); 494 + DECLARE_BITMAP(prev_shadow_aqm, AP_DOMAINS); 495 + struct vfio_ap_queue *q; 496 + 497 + bitmap_copy(prev_shadow_apm, matrix_mdev->shadow_apcb.apm, AP_DEVICES); 498 + bitmap_copy(prev_shadow_aqm, matrix_mdev->shadow_apcb.aqm, AP_DOMAINS); 499 + vfio_ap_matrix_init(&matrix_dev->info, &matrix_mdev->shadow_apcb); 500 + 501 + /* 502 + * Copy the adapters, domains and control domains to the shadow_apcb 503 + * from the matrix mdev, but only those that are assigned to the host's 504 + * AP configuration. 505 + */ 506 + bitmap_and(matrix_mdev->shadow_apcb.apm, matrix_mdev->matrix.apm, 507 + (unsigned long *)matrix_dev->info.apm, AP_DEVICES); 508 + bitmap_and(matrix_mdev->shadow_apcb.aqm, matrix_mdev->matrix.aqm, 509 + (unsigned long *)matrix_dev->info.aqm, AP_DOMAINS); 510 + 511 + for_each_set_bit_inv(apid, apm, AP_DEVICES) { 512 + for_each_set_bit_inv(apqi, aqm, AP_DOMAINS) { 513 + /* 514 + * If the APQN is not bound to the vfio_ap device 515 + * driver, then we can't assign it to the guest's 516 + * AP configuration. The AP architecture won't 517 + * allow filtering of a single APQN, so let's filter 518 + * the APID since an adapter represents a physical 519 + * hardware device. 520 + */ 521 + apqn = AP_MKQID(apid, apqi); 522 + q = vfio_ap_mdev_get_queue(matrix_mdev, apqn); 523 + if (!q || q->reset_rc) { 524 + clear_bit_inv(apid, 525 + matrix_mdev->shadow_apcb.apm); 526 + break; 527 + } 528 + } 529 + } 530 + 531 + return !bitmap_equal(prev_shadow_apm, matrix_mdev->shadow_apcb.apm, 532 + AP_DEVICES) || 533 + !bitmap_equal(prev_shadow_aqm, matrix_mdev->shadow_apcb.aqm, 534 + AP_DOMAINS); 600 535 } 601 536 602 537 static int vfio_ap_mdev_probe(struct mdev_device *mdev) ··· 703 468 matrix_mdev->mdev = mdev; 704 469 vfio_ap_matrix_init(&matrix_dev->info, &matrix_mdev->matrix); 705 470 matrix_mdev->pqap_hook = handle_pqap; 706 - mutex_lock(&matrix_dev->lock); 707 - list_add(&matrix_mdev->node, &matrix_dev->mdev_list); 708 - mutex_unlock(&matrix_dev->lock); 471 + vfio_ap_matrix_init(&matrix_dev->info, &matrix_mdev->shadow_apcb); 472 + hash_init(matrix_mdev->qtable.queues); 709 473 710 474 ret = vfio_register_emulated_iommu_dev(&matrix_mdev->vdev); 711 475 if (ret) 712 476 goto err_list; 713 477 dev_set_drvdata(&mdev->dev, matrix_mdev); 478 + mutex_lock(&matrix_dev->mdevs_lock); 479 + list_add(&matrix_mdev->node, &matrix_dev->mdev_list); 480 + mutex_unlock(&matrix_dev->mdevs_lock); 714 481 return 0; 715 482 716 483 err_list: 717 - mutex_lock(&matrix_dev->lock); 718 - list_del(&matrix_mdev->node); 719 - mutex_unlock(&matrix_dev->lock); 720 484 vfio_uninit_group_dev(&matrix_mdev->vdev); 721 485 kfree(matrix_mdev); 722 486 err_dec_available: 723 487 atomic_inc(&matrix_dev->available_instances); 724 488 return ret; 489 + } 490 + 491 + static void vfio_ap_mdev_link_queue(struct ap_matrix_mdev *matrix_mdev, 492 + struct vfio_ap_queue *q) 493 + { 494 + if (q) { 495 + q->matrix_mdev = matrix_mdev; 496 + hash_add(matrix_mdev->qtable.queues, &q->mdev_qnode, q->apqn); 497 + } 498 + } 499 + 500 + static void vfio_ap_mdev_link_apqn(struct ap_matrix_mdev *matrix_mdev, int apqn) 501 + { 502 + struct vfio_ap_queue *q; 503 + 504 + q = vfio_ap_find_queue(apqn); 505 + vfio_ap_mdev_link_queue(matrix_mdev, q); 506 + } 507 + 508 + static void vfio_ap_unlink_queue_fr_mdev(struct vfio_ap_queue *q) 509 + { 510 + hash_del(&q->mdev_qnode); 511 + } 512 + 513 + static void vfio_ap_unlink_mdev_fr_queue(struct vfio_ap_queue *q) 514 + { 515 + q->matrix_mdev = NULL; 516 + } 517 + 518 + static void vfio_ap_mdev_unlink_fr_queues(struct ap_matrix_mdev *matrix_mdev) 519 + { 520 + struct vfio_ap_queue *q; 521 + unsigned long apid, apqi; 522 + 523 + for_each_set_bit_inv(apid, matrix_mdev->matrix.apm, AP_DEVICES) { 524 + for_each_set_bit_inv(apqi, matrix_mdev->matrix.aqm, 525 + AP_DOMAINS) { 526 + q = vfio_ap_mdev_get_queue(matrix_mdev, 527 + AP_MKQID(apid, apqi)); 528 + if (q) 529 + q->matrix_mdev = NULL; 530 + } 531 + } 725 532 } 726 533 727 534 static void vfio_ap_mdev_remove(struct mdev_device *mdev) ··· 772 495 773 496 vfio_unregister_group_dev(&matrix_mdev->vdev); 774 497 775 - mutex_lock(&matrix_dev->lock); 776 - vfio_ap_mdev_reset_queues(matrix_mdev); 498 + mutex_lock(&matrix_dev->guests_lock); 499 + mutex_lock(&matrix_dev->mdevs_lock); 500 + vfio_ap_mdev_reset_queues(&matrix_mdev->qtable); 501 + vfio_ap_mdev_unlink_fr_queues(matrix_mdev); 777 502 list_del(&matrix_mdev->node); 778 - mutex_unlock(&matrix_dev->lock); 503 + mutex_unlock(&matrix_dev->mdevs_lock); 504 + mutex_unlock(&matrix_dev->guests_lock); 779 505 vfio_uninit_group_dev(&matrix_mdev->vdev); 780 506 kfree(matrix_mdev); 781 507 atomic_inc(&matrix_dev->available_instances); ··· 827 547 NULL, 828 548 }; 829 549 830 - struct vfio_ap_queue_reserved { 831 - unsigned long *apid; 832 - unsigned long *apqi; 833 - bool reserved; 834 - }; 550 + #define MDEV_SHARING_ERR "Userspace may not re-assign queue %02lx.%04lx " \ 551 + "already assigned to %s" 835 552 836 - /** 837 - * vfio_ap_has_queue - determines if the AP queue containing the target in @data 838 - * 839 - * @dev: an AP queue device 840 - * @data: a struct vfio_ap_queue_reserved reference 841 - * 842 - * Flags whether the AP queue device (@dev) has a queue ID containing the APQN, 843 - * apid or apqi specified in @data: 844 - * 845 - * - If @data contains both an apid and apqi value, then @data will be flagged 846 - * as reserved if the APID and APQI fields for the AP queue device matches 847 - * 848 - * - If @data contains only an apid value, @data will be flagged as 849 - * reserved if the APID field in the AP queue device matches 850 - * 851 - * - If @data contains only an apqi value, @data will be flagged as 852 - * reserved if the APQI field in the AP queue device matches 853 - * 854 - * Return: 0 to indicate the input to function succeeded. Returns -EINVAL if 855 - * @data does not contain either an apid or apqi. 856 - */ 857 - static int vfio_ap_has_queue(struct device *dev, void *data) 553 + static void vfio_ap_mdev_log_sharing_err(struct ap_matrix_mdev *matrix_mdev, 554 + unsigned long *apm, 555 + unsigned long *aqm) 858 556 { 859 - struct vfio_ap_queue_reserved *qres = data; 860 - struct ap_queue *ap_queue = to_ap_queue(dev); 861 - ap_qid_t qid; 862 - unsigned long id; 557 + unsigned long apid, apqi; 558 + const struct device *dev = mdev_dev(matrix_mdev->mdev); 559 + const char *mdev_name = dev_name(dev); 863 560 864 - if (qres->apid && qres->apqi) { 865 - qid = AP_MKQID(*qres->apid, *qres->apqi); 866 - if (qid == ap_queue->qid) 867 - qres->reserved = true; 868 - } else if (qres->apid && !qres->apqi) { 869 - id = AP_QID_CARD(ap_queue->qid); 870 - if (id == *qres->apid) 871 - qres->reserved = true; 872 - } else if (!qres->apid && qres->apqi) { 873 - id = AP_QID_QUEUE(ap_queue->qid); 874 - if (id == *qres->apqi) 875 - qres->reserved = true; 876 - } else { 877 - return -EINVAL; 878 - } 879 - 880 - return 0; 561 + for_each_set_bit_inv(apid, apm, AP_DEVICES) 562 + for_each_set_bit_inv(apqi, aqm, AP_DOMAINS) 563 + dev_warn(dev, MDEV_SHARING_ERR, apid, apqi, mdev_name); 881 564 } 882 565 883 566 /** 884 - * vfio_ap_verify_queue_reserved - verifies that the AP queue containing 885 - * @apid or @aqpi is reserved 567 + * vfio_ap_mdev_verify_no_sharing - verify APQNs are not shared by matrix mdevs 886 568 * 887 - * @apid: an AP adapter ID 888 - * @apqi: an AP queue index 569 + * @mdev_apm: mask indicating the APIDs of the APQNs to be verified 570 + * @mdev_aqm: mask indicating the APQIs of the APQNs to be verified 889 571 * 890 - * Verifies that the AP queue with @apid/@apqi is reserved by the VFIO AP device 891 - * driver according to the following rules: 892 - * 893 - * - If both @apid and @apqi are not NULL, then there must be an AP queue 894 - * device bound to the vfio_ap driver with the APQN identified by @apid and 895 - * @apqi 896 - * 897 - * - If only @apid is not NULL, then there must be an AP queue device bound 898 - * to the vfio_ap driver with an APQN containing @apid 899 - * 900 - * - If only @apqi is not NULL, then there must be an AP queue device bound 901 - * to the vfio_ap driver with an APQN containing @apqi 902 - * 903 - * Return: 0 if the AP queue is reserved; otherwise, returns -EADDRNOTAVAIL. 904 - */ 905 - static int vfio_ap_verify_queue_reserved(unsigned long *apid, 906 - unsigned long *apqi) 907 - { 908 - int ret; 909 - struct vfio_ap_queue_reserved qres; 910 - 911 - qres.apid = apid; 912 - qres.apqi = apqi; 913 - qres.reserved = false; 914 - 915 - ret = driver_for_each_device(&matrix_dev->vfio_ap_drv->driver, NULL, 916 - &qres, vfio_ap_has_queue); 917 - if (ret) 918 - return ret; 919 - 920 - if (qres.reserved) 921 - return 0; 922 - 923 - return -EADDRNOTAVAIL; 924 - } 925 - 926 - static int 927 - vfio_ap_mdev_verify_queues_reserved_for_apid(struct ap_matrix_mdev *matrix_mdev, 928 - unsigned long apid) 929 - { 930 - int ret; 931 - unsigned long apqi; 932 - unsigned long nbits = matrix_mdev->matrix.aqm_max + 1; 933 - 934 - if (find_first_bit_inv(matrix_mdev->matrix.aqm, nbits) >= nbits) 935 - return vfio_ap_verify_queue_reserved(&apid, NULL); 936 - 937 - for_each_set_bit_inv(apqi, matrix_mdev->matrix.aqm, nbits) { 938 - ret = vfio_ap_verify_queue_reserved(&apid, &apqi); 939 - if (ret) 940 - return ret; 941 - } 942 - 943 - return 0; 944 - } 945 - 946 - /** 947 - * vfio_ap_mdev_verify_no_sharing - verifies that the AP matrix is not configured 948 - * 949 - * @matrix_mdev: the mediated matrix device 950 - * 951 - * Verifies that the APQNs derived from the cross product of the AP adapter IDs 952 - * and AP queue indexes comprising the AP matrix are not configured for another 572 + * Verifies that each APQN derived from the Cartesian product of a bitmap of 573 + * AP adapter IDs and AP queue indexes is not configured for any matrix 953 574 * mediated device. AP queue sharing is not allowed. 954 575 * 955 - * Return: 0 if the APQNs are not shared; otherwise returns -EADDRINUSE. 576 + * Return: 0 if the APQNs are not shared; otherwise return -EADDRINUSE. 956 577 */ 957 - static int vfio_ap_mdev_verify_no_sharing(struct ap_matrix_mdev *matrix_mdev) 578 + static int vfio_ap_mdev_verify_no_sharing(unsigned long *mdev_apm, 579 + unsigned long *mdev_aqm) 958 580 { 959 - struct ap_matrix_mdev *lstdev; 581 + struct ap_matrix_mdev *matrix_mdev; 960 582 DECLARE_BITMAP(apm, AP_DEVICES); 961 583 DECLARE_BITMAP(aqm, AP_DOMAINS); 962 584 963 - list_for_each_entry(lstdev, &matrix_dev->mdev_list, node) { 964 - if (matrix_mdev == lstdev) 585 + list_for_each_entry(matrix_mdev, &matrix_dev->mdev_list, node) { 586 + /* 587 + * If the input apm and aqm are fields of the matrix_mdev 588 + * object, then move on to the next matrix_mdev. 589 + */ 590 + if (mdev_apm == matrix_mdev->matrix.apm && 591 + mdev_aqm == matrix_mdev->matrix.aqm) 965 592 continue; 966 593 967 594 memset(apm, 0, sizeof(apm)); ··· 878 691 * We work on full longs, as we can only exclude the leftover 879 692 * bits in non-inverse order. The leftover is all zeros. 880 693 */ 881 - if (!bitmap_and(apm, matrix_mdev->matrix.apm, 882 - lstdev->matrix.apm, AP_DEVICES)) 694 + if (!bitmap_and(apm, mdev_apm, matrix_mdev->matrix.apm, 695 + AP_DEVICES)) 883 696 continue; 884 697 885 - if (!bitmap_and(aqm, matrix_mdev->matrix.aqm, 886 - lstdev->matrix.aqm, AP_DOMAINS)) 698 + if (!bitmap_and(aqm, mdev_aqm, matrix_mdev->matrix.aqm, 699 + AP_DOMAINS)) 887 700 continue; 701 + 702 + vfio_ap_mdev_log_sharing_err(matrix_mdev, apm, aqm); 888 703 889 704 return -EADDRINUSE; 890 705 } 891 706 892 707 return 0; 708 + } 709 + 710 + /** 711 + * vfio_ap_mdev_validate_masks - verify that the APQNs assigned to the mdev are 712 + * not reserved for the default zcrypt driver and 713 + * are not assigned to another mdev. 714 + * 715 + * @matrix_mdev: the mdev to which the APQNs being validated are assigned. 716 + * 717 + * Return: One of the following values: 718 + * o the error returned from the ap_apqn_in_matrix_owned_by_def_drv() function, 719 + * most likely -EBUSY indicating the ap_perms_mutex lock is already held. 720 + * o EADDRNOTAVAIL if an APQN assigned to @matrix_mdev is reserved for the 721 + * zcrypt default driver. 722 + * o EADDRINUSE if an APQN assigned to @matrix_mdev is assigned to another mdev 723 + * o A zero indicating validation succeeded. 724 + */ 725 + static int vfio_ap_mdev_validate_masks(struct ap_matrix_mdev *matrix_mdev) 726 + { 727 + if (ap_apqn_in_matrix_owned_by_def_drv(matrix_mdev->matrix.apm, 728 + matrix_mdev->matrix.aqm)) 729 + return -EADDRNOTAVAIL; 730 + 731 + return vfio_ap_mdev_verify_no_sharing(matrix_mdev->matrix.apm, 732 + matrix_mdev->matrix.aqm); 733 + } 734 + 735 + static void vfio_ap_mdev_link_adapter(struct ap_matrix_mdev *matrix_mdev, 736 + unsigned long apid) 737 + { 738 + unsigned long apqi; 739 + 740 + for_each_set_bit_inv(apqi, matrix_mdev->matrix.aqm, AP_DOMAINS) 741 + vfio_ap_mdev_link_apqn(matrix_mdev, 742 + AP_MKQID(apid, apqi)); 893 743 } 894 744 895 745 /** ··· 958 734 * An APQN derived from the cross product of the APID being assigned 959 735 * and the APQIs previously assigned is being used by another mediated 960 736 * matrix device 737 + * 738 + * 5. -EAGAIN 739 + * A lock required to validate the mdev's AP configuration could not 740 + * be obtained. 961 741 */ 962 742 static ssize_t assign_adapter_store(struct device *dev, 963 743 struct device_attribute *attr, ··· 969 741 { 970 742 int ret; 971 743 unsigned long apid; 744 + DECLARE_BITMAP(apm_delta, AP_DEVICES); 972 745 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev); 973 746 974 - mutex_lock(&matrix_dev->lock); 975 - 976 - /* If the KVM guest is running, disallow assignment of adapter */ 977 - if (matrix_mdev->kvm) { 978 - ret = -EBUSY; 979 - goto done; 980 - } 747 + mutex_lock(&ap_perms_mutex); 748 + get_update_locks_for_mdev(matrix_mdev); 981 749 982 750 ret = kstrtoul(buf, 0, &apid); 983 751 if (ret) ··· 984 760 goto done; 985 761 } 986 762 987 - /* 988 - * Set the bit in the AP mask (APM) corresponding to the AP adapter 989 - * number (APID). The bits in the mask, from most significant to least 990 - * significant bit, correspond to APIDs 0-255. 991 - */ 992 - ret = vfio_ap_mdev_verify_queues_reserved_for_apid(matrix_mdev, apid); 993 - if (ret) 994 - goto done; 995 - 996 763 set_bit_inv(apid, matrix_mdev->matrix.apm); 997 764 998 - ret = vfio_ap_mdev_verify_no_sharing(matrix_mdev); 999 - if (ret) 1000 - goto share_err; 765 + ret = vfio_ap_mdev_validate_masks(matrix_mdev); 766 + if (ret) { 767 + clear_bit_inv(apid, matrix_mdev->matrix.apm); 768 + goto done; 769 + } 770 + 771 + vfio_ap_mdev_link_adapter(matrix_mdev, apid); 772 + memset(apm_delta, 0, sizeof(apm_delta)); 773 + set_bit_inv(apid, apm_delta); 774 + 775 + if (vfio_ap_mdev_filter_matrix(apm_delta, 776 + matrix_mdev->matrix.aqm, matrix_mdev)) 777 + vfio_ap_mdev_update_guest_apcb(matrix_mdev); 1001 778 1002 779 ret = count; 1003 - goto done; 1004 - 1005 - share_err: 1006 - clear_bit_inv(apid, matrix_mdev->matrix.apm); 1007 780 done: 1008 - mutex_unlock(&matrix_dev->lock); 781 + release_update_locks_for_mdev(matrix_mdev); 782 + mutex_unlock(&ap_perms_mutex); 1009 783 1010 784 return ret; 1011 785 } 1012 786 static DEVICE_ATTR_WO(assign_adapter); 787 + 788 + static struct vfio_ap_queue 789 + *vfio_ap_unlink_apqn_fr_mdev(struct ap_matrix_mdev *matrix_mdev, 790 + unsigned long apid, unsigned long apqi) 791 + { 792 + struct vfio_ap_queue *q = NULL; 793 + 794 + q = vfio_ap_mdev_get_queue(matrix_mdev, AP_MKQID(apid, apqi)); 795 + /* If the queue is assigned to the matrix mdev, unlink it. */ 796 + if (q) 797 + vfio_ap_unlink_queue_fr_mdev(q); 798 + 799 + return q; 800 + } 801 + 802 + /** 803 + * vfio_ap_mdev_unlink_adapter - unlink all queues associated with unassigned 804 + * adapter from the matrix mdev to which the 805 + * adapter was assigned. 806 + * @matrix_mdev: the matrix mediated device to which the adapter was assigned. 807 + * @apid: the APID of the unassigned adapter. 808 + * @qtable: table for storing queues associated with unassigned adapter. 809 + */ 810 + static void vfio_ap_mdev_unlink_adapter(struct ap_matrix_mdev *matrix_mdev, 811 + unsigned long apid, 812 + struct ap_queue_table *qtable) 813 + { 814 + unsigned long apqi; 815 + struct vfio_ap_queue *q; 816 + 817 + for_each_set_bit_inv(apqi, matrix_mdev->matrix.aqm, AP_DOMAINS) { 818 + q = vfio_ap_unlink_apqn_fr_mdev(matrix_mdev, apid, apqi); 819 + 820 + if (q && qtable) { 821 + if (test_bit_inv(apid, matrix_mdev->shadow_apcb.apm) && 822 + test_bit_inv(apqi, matrix_mdev->shadow_apcb.aqm)) 823 + hash_add(qtable->queues, &q->mdev_qnode, 824 + q->apqn); 825 + } 826 + } 827 + } 828 + 829 + static void vfio_ap_mdev_hot_unplug_adapter(struct ap_matrix_mdev *matrix_mdev, 830 + unsigned long apid) 831 + { 832 + int loop_cursor; 833 + struct vfio_ap_queue *q; 834 + struct ap_queue_table *qtable = kzalloc(sizeof(*qtable), GFP_KERNEL); 835 + 836 + hash_init(qtable->queues); 837 + vfio_ap_mdev_unlink_adapter(matrix_mdev, apid, qtable); 838 + 839 + if (test_bit_inv(apid, matrix_mdev->shadow_apcb.apm)) { 840 + clear_bit_inv(apid, matrix_mdev->shadow_apcb.apm); 841 + vfio_ap_mdev_update_guest_apcb(matrix_mdev); 842 + } 843 + 844 + vfio_ap_mdev_reset_queues(qtable); 845 + 846 + hash_for_each(qtable->queues, loop_cursor, q, mdev_qnode) { 847 + vfio_ap_unlink_mdev_fr_queue(q); 848 + hash_del(&q->mdev_qnode); 849 + } 850 + 851 + kfree(qtable); 852 + } 1013 853 1014 854 /** 1015 855 * unassign_adapter_store - parses the APID from @buf and clears the ··· 1098 810 unsigned long apid; 1099 811 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev); 1100 812 1101 - mutex_lock(&matrix_dev->lock); 1102 - 1103 - /* If the KVM guest is running, disallow unassignment of adapter */ 1104 - if (matrix_mdev->kvm) { 1105 - ret = -EBUSY; 1106 - goto done; 1107 - } 813 + get_update_locks_for_mdev(matrix_mdev); 1108 814 1109 815 ret = kstrtoul(buf, 0, &apid); 1110 816 if (ret) ··· 1110 828 } 1111 829 1112 830 clear_bit_inv((unsigned long)apid, matrix_mdev->matrix.apm); 831 + vfio_ap_mdev_hot_unplug_adapter(matrix_mdev, apid); 1113 832 ret = count; 1114 833 done: 1115 - mutex_unlock(&matrix_dev->lock); 834 + release_update_locks_for_mdev(matrix_mdev); 1116 835 return ret; 1117 836 } 1118 837 static DEVICE_ATTR_WO(unassign_adapter); 1119 838 1120 - static int 1121 - vfio_ap_mdev_verify_queues_reserved_for_apqi(struct ap_matrix_mdev *matrix_mdev, 1122 - unsigned long apqi) 839 + static void vfio_ap_mdev_link_domain(struct ap_matrix_mdev *matrix_mdev, 840 + unsigned long apqi) 1123 841 { 1124 - int ret; 1125 842 unsigned long apid; 1126 - unsigned long nbits = matrix_mdev->matrix.apm_max + 1; 1127 843 1128 - if (find_first_bit_inv(matrix_mdev->matrix.apm, nbits) >= nbits) 1129 - return vfio_ap_verify_queue_reserved(NULL, &apqi); 1130 - 1131 - for_each_set_bit_inv(apid, matrix_mdev->matrix.apm, nbits) { 1132 - ret = vfio_ap_verify_queue_reserved(&apid, &apqi); 1133 - if (ret) 1134 - return ret; 1135 - } 1136 - 1137 - return 0; 844 + for_each_set_bit_inv(apid, matrix_mdev->matrix.apm, AP_DEVICES) 845 + vfio_ap_mdev_link_apqn(matrix_mdev, 846 + AP_MKQID(apid, apqi)); 1138 847 } 1139 848 1140 849 /** ··· 1157 884 * An APQN derived from the cross product of the APQI being assigned 1158 885 * and the APIDs previously assigned is being used by another mediated 1159 886 * matrix device 887 + * 888 + * 5. -EAGAIN 889 + * The lock required to validate the mdev's AP configuration could not 890 + * be obtained. 1160 891 */ 1161 892 static ssize_t assign_domain_store(struct device *dev, 1162 893 struct device_attribute *attr, ··· 1168 891 { 1169 892 int ret; 1170 893 unsigned long apqi; 894 + DECLARE_BITMAP(aqm_delta, AP_DOMAINS); 1171 895 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev); 1172 - unsigned long max_apqi = matrix_mdev->matrix.aqm_max; 1173 896 1174 - mutex_lock(&matrix_dev->lock); 1175 - 1176 - /* If the KVM guest is running, disallow assignment of domain */ 1177 - if (matrix_mdev->kvm) { 1178 - ret = -EBUSY; 1179 - goto done; 1180 - } 897 + mutex_lock(&ap_perms_mutex); 898 + get_update_locks_for_mdev(matrix_mdev); 1181 899 1182 900 ret = kstrtoul(buf, 0, &apqi); 1183 901 if (ret) 1184 902 goto done; 1185 - if (apqi > max_apqi) { 903 + 904 + if (apqi > matrix_mdev->matrix.aqm_max) { 1186 905 ret = -ENODEV; 1187 906 goto done; 1188 907 } 1189 908 1190 - ret = vfio_ap_mdev_verify_queues_reserved_for_apqi(matrix_mdev, apqi); 1191 - if (ret) 1192 - goto done; 1193 - 1194 909 set_bit_inv(apqi, matrix_mdev->matrix.aqm); 1195 910 1196 - ret = vfio_ap_mdev_verify_no_sharing(matrix_mdev); 1197 - if (ret) 1198 - goto share_err; 911 + ret = vfio_ap_mdev_validate_masks(matrix_mdev); 912 + if (ret) { 913 + clear_bit_inv(apqi, matrix_mdev->matrix.aqm); 914 + goto done; 915 + } 916 + 917 + vfio_ap_mdev_link_domain(matrix_mdev, apqi); 918 + memset(aqm_delta, 0, sizeof(aqm_delta)); 919 + set_bit_inv(apqi, aqm_delta); 920 + 921 + if (vfio_ap_mdev_filter_matrix(matrix_mdev->matrix.apm, aqm_delta, 922 + matrix_mdev)) 923 + vfio_ap_mdev_update_guest_apcb(matrix_mdev); 1199 924 1200 925 ret = count; 1201 - goto done; 1202 - 1203 - share_err: 1204 - clear_bit_inv(apqi, matrix_mdev->matrix.aqm); 1205 926 done: 1206 - mutex_unlock(&matrix_dev->lock); 927 + release_update_locks_for_mdev(matrix_mdev); 928 + mutex_unlock(&ap_perms_mutex); 1207 929 1208 930 return ret; 1209 931 } 1210 932 static DEVICE_ATTR_WO(assign_domain); 1211 933 934 + static void vfio_ap_mdev_unlink_domain(struct ap_matrix_mdev *matrix_mdev, 935 + unsigned long apqi, 936 + struct ap_queue_table *qtable) 937 + { 938 + unsigned long apid; 939 + struct vfio_ap_queue *q; 940 + 941 + for_each_set_bit_inv(apid, matrix_mdev->matrix.apm, AP_DEVICES) { 942 + q = vfio_ap_unlink_apqn_fr_mdev(matrix_mdev, apid, apqi); 943 + 944 + if (q && qtable) { 945 + if (test_bit_inv(apid, matrix_mdev->shadow_apcb.apm) && 946 + test_bit_inv(apqi, matrix_mdev->shadow_apcb.aqm)) 947 + hash_add(qtable->queues, &q->mdev_qnode, 948 + q->apqn); 949 + } 950 + } 951 + } 952 + 953 + static void vfio_ap_mdev_hot_unplug_domain(struct ap_matrix_mdev *matrix_mdev, 954 + unsigned long apqi) 955 + { 956 + int loop_cursor; 957 + struct vfio_ap_queue *q; 958 + struct ap_queue_table *qtable = kzalloc(sizeof(*qtable), GFP_KERNEL); 959 + 960 + hash_init(qtable->queues); 961 + vfio_ap_mdev_unlink_domain(matrix_mdev, apqi, qtable); 962 + 963 + if (test_bit_inv(apqi, matrix_mdev->shadow_apcb.aqm)) { 964 + clear_bit_inv(apqi, matrix_mdev->shadow_apcb.aqm); 965 + vfio_ap_mdev_update_guest_apcb(matrix_mdev); 966 + } 967 + 968 + vfio_ap_mdev_reset_queues(qtable); 969 + 970 + hash_for_each(qtable->queues, loop_cursor, q, mdev_qnode) { 971 + vfio_ap_unlink_mdev_fr_queue(q); 972 + hash_del(&q->mdev_qnode); 973 + } 974 + 975 + kfree(qtable); 976 + } 1212 977 1213 978 /** 1214 979 * unassign_domain_store - parses the APQI from @buf and clears the ··· 1275 956 unsigned long apqi; 1276 957 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev); 1277 958 1278 - mutex_lock(&matrix_dev->lock); 1279 - 1280 - /* If the KVM guest is running, disallow unassignment of domain */ 1281 - if (matrix_mdev->kvm) { 1282 - ret = -EBUSY; 1283 - goto done; 1284 - } 959 + get_update_locks_for_mdev(matrix_mdev); 1285 960 1286 961 ret = kstrtoul(buf, 0, &apqi); 1287 962 if (ret) ··· 1287 974 } 1288 975 1289 976 clear_bit_inv((unsigned long)apqi, matrix_mdev->matrix.aqm); 977 + vfio_ap_mdev_hot_unplug_domain(matrix_mdev, apqi); 1290 978 ret = count; 1291 979 1292 980 done: 1293 - mutex_unlock(&matrix_dev->lock); 981 + release_update_locks_for_mdev(matrix_mdev); 1294 982 return ret; 1295 983 } 1296 984 static DEVICE_ATTR_WO(unassign_domain); ··· 1318 1004 unsigned long id; 1319 1005 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev); 1320 1006 1321 - mutex_lock(&matrix_dev->lock); 1322 - 1323 - /* If the KVM guest is running, disallow assignment of control domain */ 1324 - if (matrix_mdev->kvm) { 1325 - ret = -EBUSY; 1326 - goto done; 1327 - } 1007 + get_update_locks_for_mdev(matrix_mdev); 1328 1008 1329 1009 ret = kstrtoul(buf, 0, &id); 1330 1010 if (ret) ··· 1335 1027 * number of control domains that can be assigned. 1336 1028 */ 1337 1029 set_bit_inv(id, matrix_mdev->matrix.adm); 1030 + if (vfio_ap_mdev_filter_cdoms(matrix_mdev)) 1031 + vfio_ap_mdev_update_guest_apcb(matrix_mdev); 1032 + 1338 1033 ret = count; 1339 1034 done: 1340 - mutex_unlock(&matrix_dev->lock); 1035 + release_update_locks_for_mdev(matrix_mdev); 1341 1036 return ret; 1342 1037 } 1343 1038 static DEVICE_ATTR_WO(assign_control_domain); ··· 1366 1055 int ret; 1367 1056 unsigned long domid; 1368 1057 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev); 1369 - unsigned long max_domid = matrix_mdev->matrix.adm_max; 1370 1058 1371 - mutex_lock(&matrix_dev->lock); 1372 - 1373 - /* If a KVM guest is running, disallow unassignment of control domain */ 1374 - if (matrix_mdev->kvm) { 1375 - ret = -EBUSY; 1376 - goto done; 1377 - } 1059 + get_update_locks_for_mdev(matrix_mdev); 1378 1060 1379 1061 ret = kstrtoul(buf, 0, &domid); 1380 1062 if (ret) 1381 1063 goto done; 1382 - if (domid > max_domid) { 1064 + 1065 + if (domid > matrix_mdev->matrix.adm_max) { 1383 1066 ret = -ENODEV; 1384 1067 goto done; 1385 1068 } 1386 1069 1387 1070 clear_bit_inv(domid, matrix_mdev->matrix.adm); 1071 + 1072 + if (test_bit_inv(domid, matrix_mdev->shadow_apcb.adm)) { 1073 + clear_bit_inv(domid, matrix_mdev->shadow_apcb.adm); 1074 + vfio_ap_mdev_update_guest_apcb(matrix_mdev); 1075 + } 1076 + 1388 1077 ret = count; 1389 1078 done: 1390 - mutex_unlock(&matrix_dev->lock); 1079 + release_update_locks_for_mdev(matrix_mdev); 1391 1080 return ret; 1392 1081 } 1393 1082 static DEVICE_ATTR_WO(unassign_control_domain); ··· 1403 1092 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev); 1404 1093 unsigned long max_domid = matrix_mdev->matrix.adm_max; 1405 1094 1406 - mutex_lock(&matrix_dev->lock); 1095 + mutex_lock(&matrix_dev->mdevs_lock); 1407 1096 for_each_set_bit_inv(id, matrix_mdev->matrix.adm, max_domid + 1) { 1408 1097 n = sprintf(bufpos, "%04lx\n", id); 1409 1098 bufpos += n; 1410 1099 nchars += n; 1411 1100 } 1412 - mutex_unlock(&matrix_dev->lock); 1101 + mutex_unlock(&matrix_dev->mdevs_lock); 1413 1102 1414 1103 return nchars; 1415 1104 } 1416 1105 static DEVICE_ATTR_RO(control_domains); 1417 1106 1418 - static ssize_t matrix_show(struct device *dev, struct device_attribute *attr, 1419 - char *buf) 1107 + static ssize_t vfio_ap_mdev_matrix_show(struct ap_matrix *matrix, char *buf) 1420 1108 { 1421 - struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev); 1422 1109 char *bufpos = buf; 1423 1110 unsigned long apid; 1424 1111 unsigned long apqi; 1425 1112 unsigned long apid1; 1426 1113 unsigned long apqi1; 1427 - unsigned long napm_bits = matrix_mdev->matrix.apm_max + 1; 1428 - unsigned long naqm_bits = matrix_mdev->matrix.aqm_max + 1; 1114 + unsigned long napm_bits = matrix->apm_max + 1; 1115 + unsigned long naqm_bits = matrix->aqm_max + 1; 1429 1116 int nchars = 0; 1430 1117 int n; 1431 1118 1432 - apid1 = find_first_bit_inv(matrix_mdev->matrix.apm, napm_bits); 1433 - apqi1 = find_first_bit_inv(matrix_mdev->matrix.aqm, naqm_bits); 1434 - 1435 - mutex_lock(&matrix_dev->lock); 1119 + apid1 = find_first_bit_inv(matrix->apm, napm_bits); 1120 + apqi1 = find_first_bit_inv(matrix->aqm, naqm_bits); 1436 1121 1437 1122 if ((apid1 < napm_bits) && (apqi1 < naqm_bits)) { 1438 - for_each_set_bit_inv(apid, matrix_mdev->matrix.apm, napm_bits) { 1439 - for_each_set_bit_inv(apqi, matrix_mdev->matrix.aqm, 1123 + for_each_set_bit_inv(apid, matrix->apm, napm_bits) { 1124 + for_each_set_bit_inv(apqi, matrix->aqm, 1440 1125 naqm_bits) { 1441 1126 n = sprintf(bufpos, "%02lx.%04lx\n", apid, 1442 1127 apqi); ··· 1441 1134 } 1442 1135 } 1443 1136 } else if (apid1 < napm_bits) { 1444 - for_each_set_bit_inv(apid, matrix_mdev->matrix.apm, napm_bits) { 1137 + for_each_set_bit_inv(apid, matrix->apm, napm_bits) { 1445 1138 n = sprintf(bufpos, "%02lx.\n", apid); 1446 1139 bufpos += n; 1447 1140 nchars += n; 1448 1141 } 1449 1142 } else if (apqi1 < naqm_bits) { 1450 - for_each_set_bit_inv(apqi, matrix_mdev->matrix.aqm, naqm_bits) { 1143 + for_each_set_bit_inv(apqi, matrix->aqm, naqm_bits) { 1451 1144 n = sprintf(bufpos, ".%04lx\n", apqi); 1452 1145 bufpos += n; 1453 1146 nchars += n; 1454 1147 } 1455 1148 } 1456 1149 1457 - mutex_unlock(&matrix_dev->lock); 1150 + return nchars; 1151 + } 1152 + 1153 + static ssize_t matrix_show(struct device *dev, struct device_attribute *attr, 1154 + char *buf) 1155 + { 1156 + ssize_t nchars; 1157 + struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev); 1158 + 1159 + mutex_lock(&matrix_dev->mdevs_lock); 1160 + nchars = vfio_ap_mdev_matrix_show(&matrix_mdev->matrix, buf); 1161 + mutex_unlock(&matrix_dev->mdevs_lock); 1458 1162 1459 1163 return nchars; 1460 1164 } 1461 1165 static DEVICE_ATTR_RO(matrix); 1166 + 1167 + static ssize_t guest_matrix_show(struct device *dev, 1168 + struct device_attribute *attr, char *buf) 1169 + { 1170 + ssize_t nchars; 1171 + struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev); 1172 + 1173 + mutex_lock(&matrix_dev->mdevs_lock); 1174 + nchars = vfio_ap_mdev_matrix_show(&matrix_mdev->shadow_apcb, buf); 1175 + mutex_unlock(&matrix_dev->mdevs_lock); 1176 + 1177 + return nchars; 1178 + } 1179 + static DEVICE_ATTR_RO(guest_matrix); 1462 1180 1463 1181 static struct attribute *vfio_ap_mdev_attrs[] = { 1464 1182 &dev_attr_assign_adapter.attr, ··· 1494 1162 &dev_attr_unassign_control_domain.attr, 1495 1163 &dev_attr_control_domains.attr, 1496 1164 &dev_attr_matrix.attr, 1165 + &dev_attr_guest_matrix.attr, 1497 1166 NULL, 1498 1167 }; 1499 1168 ··· 1527 1194 kvm->arch.crypto.pqap_hook = &matrix_mdev->pqap_hook; 1528 1195 up_write(&kvm->arch.crypto.pqap_hook_rwsem); 1529 1196 1530 - mutex_lock(&kvm->lock); 1531 - mutex_lock(&matrix_dev->lock); 1197 + get_update_locks_for_kvm(kvm); 1532 1198 1533 1199 list_for_each_entry(m, &matrix_dev->mdev_list, node) { 1534 1200 if (m != matrix_mdev && m->kvm == kvm) { 1535 - mutex_unlock(&kvm->lock); 1536 - mutex_unlock(&matrix_dev->lock); 1201 + release_update_locks_for_kvm(kvm); 1537 1202 return -EPERM; 1538 1203 } 1539 1204 } 1540 1205 1541 1206 kvm_get_kvm(kvm); 1542 1207 matrix_mdev->kvm = kvm; 1543 - kvm_arch_crypto_set_masks(kvm, 1544 - matrix_mdev->matrix.apm, 1545 - matrix_mdev->matrix.aqm, 1546 - matrix_mdev->matrix.adm); 1208 + vfio_ap_mdev_update_guest_apcb(matrix_mdev); 1547 1209 1548 - mutex_unlock(&kvm->lock); 1549 - mutex_unlock(&matrix_dev->lock); 1210 + release_update_locks_for_kvm(kvm); 1550 1211 } 1551 1212 1552 1213 return 0; ··· 1570 1243 kvm->arch.crypto.pqap_hook = NULL; 1571 1244 up_write(&kvm->arch.crypto.pqap_hook_rwsem); 1572 1245 1573 - mutex_lock(&kvm->lock); 1574 - mutex_lock(&matrix_dev->lock); 1246 + get_update_locks_for_kvm(kvm); 1575 1247 1576 1248 kvm_arch_crypto_clear_masks(kvm); 1577 - vfio_ap_mdev_reset_queues(matrix_mdev); 1249 + vfio_ap_mdev_reset_queues(&matrix_mdev->qtable); 1578 1250 kvm_put_kvm(kvm); 1579 1251 matrix_mdev->kvm = NULL; 1580 1252 1581 - mutex_unlock(&kvm->lock); 1582 - mutex_unlock(&matrix_dev->lock); 1253 + release_update_locks_for_kvm(kvm); 1583 1254 } 1584 1255 } 1585 1256 1586 1257 static struct vfio_ap_queue *vfio_ap_find_queue(int apqn) 1587 1258 { 1588 - struct device *dev; 1259 + struct ap_queue *queue; 1589 1260 struct vfio_ap_queue *q = NULL; 1590 1261 1591 - dev = driver_find_device(&matrix_dev->vfio_ap_drv->driver, NULL, 1592 - &apqn, match_apqn); 1593 - if (dev) { 1594 - q = dev_get_drvdata(dev); 1595 - put_device(dev); 1596 - } 1262 + queue = ap_get_qdev(apqn); 1263 + if (!queue) 1264 + return NULL; 1265 + 1266 + if (queue->ap_dev.device.driver == &matrix_dev->vfio_ap_drv->driver) 1267 + q = dev_get_drvdata(&queue->ap_dev.device); 1268 + 1269 + put_device(&queue->ap_dev.device); 1597 1270 1598 1271 return q; 1599 1272 } 1600 1273 1601 - int vfio_ap_mdev_reset_queue(struct vfio_ap_queue *q, 1602 - unsigned int retry) 1274 + static int vfio_ap_mdev_reset_queue(struct vfio_ap_queue *q, 1275 + unsigned int retry) 1603 1276 { 1604 1277 struct ap_queue_status status; 1605 1278 int ret; ··· 1607 1280 1608 1281 if (!q) 1609 1282 return 0; 1610 - 1611 1283 retry_zapq: 1612 1284 status = ap_zapq(q->apqn); 1285 + q->reset_rc = status.response_code; 1613 1286 switch (status.response_code) { 1614 1287 case AP_RESPONSE_NORMAL: 1615 1288 ret = 0; ··· 1624 1297 case AP_RESPONSE_Q_NOT_AVAIL: 1625 1298 case AP_RESPONSE_DECONFIGURED: 1626 1299 case AP_RESPONSE_CHECKSTOPPED: 1627 - WARN_ON_ONCE(status.irq_enabled); 1300 + WARN_ONCE(status.irq_enabled, 1301 + "PQAP/ZAPQ for %02x.%04x failed with rc=%u while IRQ enabled", 1302 + AP_QID_CARD(q->apqn), AP_QID_QUEUE(q->apqn), 1303 + status.response_code); 1628 1304 ret = -EBUSY; 1629 1305 goto free_resources; 1630 1306 default: 1631 1307 /* things are really broken, give up */ 1632 - WARN(true, "PQAP/ZAPQ completed with invalid rc (%x)\n", 1308 + WARN(true, 1309 + "PQAP/ZAPQ for %02x.%04x failed with invalid rc=%u\n", 1310 + AP_QID_CARD(q->apqn), AP_QID_QUEUE(q->apqn), 1633 1311 status.response_code); 1634 1312 return -EIO; 1635 1313 } ··· 1646 1314 msleep(20); 1647 1315 status = ap_tapq(q->apqn, NULL); 1648 1316 } 1649 - WARN_ON_ONCE(retry2 <= 0); 1317 + WARN_ONCE(retry2 <= 0, "unable to verify reset of queue %02x.%04x", 1318 + AP_QID_CARD(q->apqn), AP_QID_QUEUE(q->apqn)); 1650 1319 1651 1320 free_resources: 1652 1321 vfio_ap_free_aqic_resources(q); ··· 1655 1322 return ret; 1656 1323 } 1657 1324 1658 - static int vfio_ap_mdev_reset_queues(struct ap_matrix_mdev *matrix_mdev) 1325 + static int vfio_ap_mdev_reset_queues(struct ap_queue_table *qtable) 1659 1326 { 1660 - int ret; 1661 - int rc = 0; 1662 - unsigned long apid, apqi; 1327 + int ret, loop_cursor, rc = 0; 1663 1328 struct vfio_ap_queue *q; 1664 1329 1665 - for_each_set_bit_inv(apid, matrix_mdev->matrix.apm, 1666 - matrix_mdev->matrix.apm_max + 1) { 1667 - for_each_set_bit_inv(apqi, matrix_mdev->matrix.aqm, 1668 - matrix_mdev->matrix.aqm_max + 1) { 1669 - q = vfio_ap_find_queue(AP_MKQID(apid, apqi)); 1670 - ret = vfio_ap_mdev_reset_queue(q, 1); 1671 - /* 1672 - * Regardless whether a queue turns out to be busy, or 1673 - * is not operational, we need to continue resetting 1674 - * the remaining queues. 1675 - */ 1676 - if (ret) 1677 - rc = ret; 1678 - } 1330 + hash_for_each(qtable->queues, loop_cursor, q, mdev_qnode) { 1331 + ret = vfio_ap_mdev_reset_queue(q, 1); 1332 + /* 1333 + * Regardless whether a queue turns out to be busy, or 1334 + * is not operational, we need to continue resetting 1335 + * the remaining queues. 1336 + */ 1337 + if (ret) 1338 + rc = ret; 1679 1339 } 1680 1340 1681 1341 return rc; ··· 1720 1394 container_of(vdev, struct ap_matrix_mdev, vdev); 1721 1395 int ret; 1722 1396 1723 - mutex_lock(&matrix_dev->lock); 1397 + mutex_lock(&matrix_dev->mdevs_lock); 1724 1398 switch (cmd) { 1725 1399 case VFIO_DEVICE_GET_INFO: 1726 1400 ret = vfio_ap_mdev_get_device_info(arg); 1727 1401 break; 1728 1402 case VFIO_DEVICE_RESET: 1729 - ret = vfio_ap_mdev_reset_queues(matrix_mdev); 1403 + ret = vfio_ap_mdev_reset_queues(&matrix_mdev->qtable); 1730 1404 break; 1731 1405 default: 1732 1406 ret = -EOPNOTSUPP; 1733 1407 break; 1734 1408 } 1735 - mutex_unlock(&matrix_dev->lock); 1409 + mutex_unlock(&matrix_dev->mdevs_lock); 1736 1410 1737 1411 return ret; 1738 1412 } 1413 + 1414 + static struct ap_matrix_mdev *vfio_ap_mdev_for_queue(struct vfio_ap_queue *q) 1415 + { 1416 + struct ap_matrix_mdev *matrix_mdev; 1417 + unsigned long apid = AP_QID_CARD(q->apqn); 1418 + unsigned long apqi = AP_QID_QUEUE(q->apqn); 1419 + 1420 + list_for_each_entry(matrix_mdev, &matrix_dev->mdev_list, node) { 1421 + if (test_bit_inv(apid, matrix_mdev->matrix.apm) && 1422 + test_bit_inv(apqi, matrix_mdev->matrix.aqm)) 1423 + return matrix_mdev; 1424 + } 1425 + 1426 + return NULL; 1427 + } 1428 + 1429 + static ssize_t status_show(struct device *dev, 1430 + struct device_attribute *attr, 1431 + char *buf) 1432 + { 1433 + ssize_t nchars = 0; 1434 + struct vfio_ap_queue *q; 1435 + struct ap_matrix_mdev *matrix_mdev; 1436 + struct ap_device *apdev = to_ap_dev(dev); 1437 + 1438 + mutex_lock(&matrix_dev->mdevs_lock); 1439 + q = dev_get_drvdata(&apdev->device); 1440 + matrix_mdev = vfio_ap_mdev_for_queue(q); 1441 + 1442 + if (matrix_mdev) { 1443 + if (matrix_mdev->kvm) 1444 + nchars = scnprintf(buf, PAGE_SIZE, "%s\n", 1445 + AP_QUEUE_IN_USE); 1446 + else 1447 + nchars = scnprintf(buf, PAGE_SIZE, "%s\n", 1448 + AP_QUEUE_ASSIGNED); 1449 + } else { 1450 + nchars = scnprintf(buf, PAGE_SIZE, "%s\n", 1451 + AP_QUEUE_UNASSIGNED); 1452 + } 1453 + 1454 + mutex_unlock(&matrix_dev->mdevs_lock); 1455 + 1456 + return nchars; 1457 + } 1458 + 1459 + static DEVICE_ATTR_RO(status); 1460 + 1461 + static struct attribute *vfio_queue_attrs[] = { 1462 + &dev_attr_status.attr, 1463 + NULL, 1464 + }; 1465 + 1466 + static const struct attribute_group vfio_queue_attr_group = { 1467 + .attrs = vfio_queue_attrs, 1468 + }; 1739 1469 1740 1470 static const struct vfio_device_ops vfio_ap_matrix_dev_ops = { 1741 1471 .open_device = vfio_ap_mdev_open_device, ··· 1836 1454 { 1837 1455 mdev_unregister_device(&matrix_dev->device); 1838 1456 mdev_unregister_driver(&vfio_ap_matrix_driver); 1457 + } 1458 + 1459 + int vfio_ap_mdev_probe_queue(struct ap_device *apdev) 1460 + { 1461 + int ret; 1462 + struct vfio_ap_queue *q; 1463 + struct ap_matrix_mdev *matrix_mdev; 1464 + 1465 + ret = sysfs_create_group(&apdev->device.kobj, &vfio_queue_attr_group); 1466 + if (ret) 1467 + return ret; 1468 + 1469 + q = kzalloc(sizeof(*q), GFP_KERNEL); 1470 + if (!q) 1471 + return -ENOMEM; 1472 + 1473 + q->apqn = to_ap_queue(&apdev->device)->qid; 1474 + q->saved_isc = VFIO_AP_ISC_INVALID; 1475 + matrix_mdev = get_update_locks_by_apqn(q->apqn); 1476 + 1477 + if (matrix_mdev) { 1478 + vfio_ap_mdev_link_queue(matrix_mdev, q); 1479 + 1480 + if (vfio_ap_mdev_filter_matrix(matrix_mdev->matrix.apm, 1481 + matrix_mdev->matrix.aqm, 1482 + matrix_mdev)) 1483 + vfio_ap_mdev_update_guest_apcb(matrix_mdev); 1484 + } 1485 + dev_set_drvdata(&apdev->device, q); 1486 + release_update_locks_for_mdev(matrix_mdev); 1487 + 1488 + return 0; 1489 + } 1490 + 1491 + void vfio_ap_mdev_remove_queue(struct ap_device *apdev) 1492 + { 1493 + unsigned long apid, apqi; 1494 + struct vfio_ap_queue *q; 1495 + struct ap_matrix_mdev *matrix_mdev; 1496 + 1497 + sysfs_remove_group(&apdev->device.kobj, &vfio_queue_attr_group); 1498 + q = dev_get_drvdata(&apdev->device); 1499 + get_update_locks_for_queue(q); 1500 + matrix_mdev = q->matrix_mdev; 1501 + 1502 + if (matrix_mdev) { 1503 + vfio_ap_unlink_queue_fr_mdev(q); 1504 + 1505 + apid = AP_QID_CARD(q->apqn); 1506 + apqi = AP_QID_QUEUE(q->apqn); 1507 + 1508 + /* 1509 + * If the queue is assigned to the guest's APCB, then remove 1510 + * the adapter's APID from the APCB and hot it into the guest. 1511 + */ 1512 + if (test_bit_inv(apid, matrix_mdev->shadow_apcb.apm) && 1513 + test_bit_inv(apqi, matrix_mdev->shadow_apcb.aqm)) { 1514 + clear_bit_inv(apid, matrix_mdev->shadow_apcb.apm); 1515 + vfio_ap_mdev_update_guest_apcb(matrix_mdev); 1516 + } 1517 + } 1518 + 1519 + vfio_ap_mdev_reset_queue(q, 1); 1520 + dev_set_drvdata(&apdev->device, NULL); 1521 + kfree(q); 1522 + release_update_locks_for_mdev(matrix_mdev); 1523 + } 1524 + 1525 + /** 1526 + * vfio_ap_mdev_resource_in_use: check whether any of a set of APQNs is 1527 + * assigned to a mediated device under the control 1528 + * of the vfio_ap device driver. 1529 + * 1530 + * @apm: a bitmap specifying a set of APIDs comprising the APQNs to check. 1531 + * @aqm: a bitmap specifying a set of APQIs comprising the APQNs to check. 1532 + * 1533 + * Return: 1534 + * * -EADDRINUSE if one or more of the APQNs specified via @apm/@aqm are 1535 + * assigned to a mediated device under the control of the vfio_ap 1536 + * device driver. 1537 + * * Otherwise, return 0. 1538 + */ 1539 + int vfio_ap_mdev_resource_in_use(unsigned long *apm, unsigned long *aqm) 1540 + { 1541 + int ret; 1542 + 1543 + mutex_lock(&matrix_dev->guests_lock); 1544 + mutex_lock(&matrix_dev->mdevs_lock); 1545 + ret = vfio_ap_mdev_verify_no_sharing(apm, aqm); 1546 + mutex_unlock(&matrix_dev->mdevs_lock); 1547 + mutex_unlock(&matrix_dev->guests_lock); 1548 + 1549 + return ret; 1550 + } 1551 + 1552 + /** 1553 + * vfio_ap_mdev_hot_unplug_cfg - hot unplug the adapters, domains and control 1554 + * domains that have been removed from the host's 1555 + * AP configuration from a guest. 1556 + * 1557 + * @matrix_mdev: an ap_matrix_mdev object attached to a KVM guest. 1558 + * @aprem: the adapters that have been removed from the host's AP configuration 1559 + * @aqrem: the domains that have been removed from the host's AP configuration 1560 + * @cdrem: the control domains that have been removed from the host's AP 1561 + * configuration. 1562 + */ 1563 + static void vfio_ap_mdev_hot_unplug_cfg(struct ap_matrix_mdev *matrix_mdev, 1564 + unsigned long *aprem, 1565 + unsigned long *aqrem, 1566 + unsigned long *cdrem) 1567 + { 1568 + int do_hotplug = 0; 1569 + 1570 + if (!bitmap_empty(aprem, AP_DEVICES)) { 1571 + do_hotplug |= bitmap_andnot(matrix_mdev->shadow_apcb.apm, 1572 + matrix_mdev->shadow_apcb.apm, 1573 + aprem, AP_DEVICES); 1574 + } 1575 + 1576 + if (!bitmap_empty(aqrem, AP_DOMAINS)) { 1577 + do_hotplug |= bitmap_andnot(matrix_mdev->shadow_apcb.aqm, 1578 + matrix_mdev->shadow_apcb.aqm, 1579 + aqrem, AP_DEVICES); 1580 + } 1581 + 1582 + if (!bitmap_empty(cdrem, AP_DOMAINS)) 1583 + do_hotplug |= bitmap_andnot(matrix_mdev->shadow_apcb.adm, 1584 + matrix_mdev->shadow_apcb.adm, 1585 + cdrem, AP_DOMAINS); 1586 + 1587 + if (do_hotplug) 1588 + vfio_ap_mdev_update_guest_apcb(matrix_mdev); 1589 + } 1590 + 1591 + /** 1592 + * vfio_ap_mdev_cfg_remove - determines which guests are using the adapters, 1593 + * domains and control domains that have been removed 1594 + * from the host AP configuration and unplugs them 1595 + * from those guests. 1596 + * 1597 + * @ap_remove: bitmap specifying which adapters have been removed from the host 1598 + * config. 1599 + * @aq_remove: bitmap specifying which domains have been removed from the host 1600 + * config. 1601 + * @cd_remove: bitmap specifying which control domains have been removed from 1602 + * the host config. 1603 + */ 1604 + static void vfio_ap_mdev_cfg_remove(unsigned long *ap_remove, 1605 + unsigned long *aq_remove, 1606 + unsigned long *cd_remove) 1607 + { 1608 + struct ap_matrix_mdev *matrix_mdev; 1609 + DECLARE_BITMAP(aprem, AP_DEVICES); 1610 + DECLARE_BITMAP(aqrem, AP_DOMAINS); 1611 + DECLARE_BITMAP(cdrem, AP_DOMAINS); 1612 + int do_remove = 0; 1613 + 1614 + list_for_each_entry(matrix_mdev, &matrix_dev->mdev_list, node) { 1615 + mutex_lock(&matrix_mdev->kvm->lock); 1616 + mutex_lock(&matrix_dev->mdevs_lock); 1617 + 1618 + do_remove |= bitmap_and(aprem, ap_remove, 1619 + matrix_mdev->matrix.apm, 1620 + AP_DEVICES); 1621 + do_remove |= bitmap_and(aqrem, aq_remove, 1622 + matrix_mdev->matrix.aqm, 1623 + AP_DOMAINS); 1624 + do_remove |= bitmap_andnot(cdrem, cd_remove, 1625 + matrix_mdev->matrix.adm, 1626 + AP_DOMAINS); 1627 + 1628 + if (do_remove) 1629 + vfio_ap_mdev_hot_unplug_cfg(matrix_mdev, aprem, aqrem, 1630 + cdrem); 1631 + 1632 + mutex_unlock(&matrix_dev->mdevs_lock); 1633 + mutex_unlock(&matrix_mdev->kvm->lock); 1634 + } 1635 + } 1636 + 1637 + /** 1638 + * vfio_ap_mdev_on_cfg_remove - responds to the removal of adapters, domains and 1639 + * control domains from the host AP configuration 1640 + * by unplugging them from the guests that are 1641 + * using them. 1642 + * @cur_config_info: the current host AP configuration information 1643 + * @prev_config_info: the previous host AP configuration information 1644 + */ 1645 + static void vfio_ap_mdev_on_cfg_remove(struct ap_config_info *cur_config_info, 1646 + struct ap_config_info *prev_config_info) 1647 + { 1648 + int do_remove; 1649 + DECLARE_BITMAP(aprem, AP_DEVICES); 1650 + DECLARE_BITMAP(aqrem, AP_DOMAINS); 1651 + DECLARE_BITMAP(cdrem, AP_DOMAINS); 1652 + 1653 + do_remove = bitmap_andnot(aprem, 1654 + (unsigned long *)prev_config_info->apm, 1655 + (unsigned long *)cur_config_info->apm, 1656 + AP_DEVICES); 1657 + do_remove |= bitmap_andnot(aqrem, 1658 + (unsigned long *)prev_config_info->aqm, 1659 + (unsigned long *)cur_config_info->aqm, 1660 + AP_DEVICES); 1661 + do_remove |= bitmap_andnot(cdrem, 1662 + (unsigned long *)prev_config_info->adm, 1663 + (unsigned long *)cur_config_info->adm, 1664 + AP_DEVICES); 1665 + 1666 + if (do_remove) 1667 + vfio_ap_mdev_cfg_remove(aprem, aqrem, cdrem); 1668 + } 1669 + 1670 + /** 1671 + * vfio_ap_filter_apid_by_qtype: filter APIDs from an AP mask for adapters that 1672 + * are older than AP type 10 (CEX4). 1673 + * @apm: a bitmap of the APIDs to examine 1674 + * @aqm: a bitmap of the APQIs of the queues to query for the AP type. 1675 + */ 1676 + static void vfio_ap_filter_apid_by_qtype(unsigned long *apm, unsigned long *aqm) 1677 + { 1678 + bool apid_cleared; 1679 + struct ap_queue_status status; 1680 + unsigned long apid, apqi, info; 1681 + int qtype, qtype_mask = 0xff000000; 1682 + 1683 + for_each_set_bit_inv(apid, apm, AP_DEVICES) { 1684 + apid_cleared = false; 1685 + 1686 + for_each_set_bit_inv(apqi, aqm, AP_DOMAINS) { 1687 + status = ap_test_queue(AP_MKQID(apid, apqi), 1, &info); 1688 + switch (status.response_code) { 1689 + /* 1690 + * According to the architecture in each case 1691 + * below, the queue's info should be filled. 1692 + */ 1693 + case AP_RESPONSE_NORMAL: 1694 + case AP_RESPONSE_RESET_IN_PROGRESS: 1695 + case AP_RESPONSE_DECONFIGURED: 1696 + case AP_RESPONSE_CHECKSTOPPED: 1697 + case AP_RESPONSE_BUSY: 1698 + qtype = info & qtype_mask; 1699 + 1700 + /* 1701 + * The vfio_ap device driver only 1702 + * supports CEX4 and newer adapters, so 1703 + * remove the APID if the adapter is 1704 + * older than a CEX4. 1705 + */ 1706 + if (qtype < AP_DEVICE_TYPE_CEX4) { 1707 + clear_bit_inv(apid, apm); 1708 + apid_cleared = true; 1709 + } 1710 + 1711 + break; 1712 + 1713 + default: 1714 + /* 1715 + * If we don't know the adapter type, 1716 + * clear its APID since it can't be 1717 + * determined whether the vfio_ap 1718 + * device driver supports it. 1719 + */ 1720 + clear_bit_inv(apid, apm); 1721 + apid_cleared = true; 1722 + break; 1723 + } 1724 + 1725 + /* 1726 + * If we've already cleared the APID from the apm, there 1727 + * is no need to continue examining the remainin AP 1728 + * queues to determine the type of the adapter. 1729 + */ 1730 + if (apid_cleared) 1731 + continue; 1732 + } 1733 + } 1734 + } 1735 + 1736 + /** 1737 + * vfio_ap_mdev_cfg_add - store bitmaps specifying the adapters, domains and 1738 + * control domains that have been added to the host's 1739 + * AP configuration for each matrix mdev to which they 1740 + * are assigned. 1741 + * 1742 + * @apm_add: a bitmap specifying the adapters that have been added to the AP 1743 + * configuration. 1744 + * @aqm_add: a bitmap specifying the domains that have been added to the AP 1745 + * configuration. 1746 + * @adm_add: a bitmap specifying the control domains that have been added to the 1747 + * AP configuration. 1748 + */ 1749 + static void vfio_ap_mdev_cfg_add(unsigned long *apm_add, unsigned long *aqm_add, 1750 + unsigned long *adm_add) 1751 + { 1752 + struct ap_matrix_mdev *matrix_mdev; 1753 + 1754 + if (list_empty(&matrix_dev->mdev_list)) 1755 + return; 1756 + 1757 + vfio_ap_filter_apid_by_qtype(apm_add, aqm_add); 1758 + 1759 + list_for_each_entry(matrix_mdev, &matrix_dev->mdev_list, node) { 1760 + bitmap_and(matrix_mdev->apm_add, 1761 + matrix_mdev->matrix.apm, apm_add, AP_DEVICES); 1762 + bitmap_and(matrix_mdev->aqm_add, 1763 + matrix_mdev->matrix.aqm, aqm_add, AP_DOMAINS); 1764 + bitmap_and(matrix_mdev->adm_add, 1765 + matrix_mdev->matrix.adm, adm_add, AP_DEVICES); 1766 + } 1767 + } 1768 + 1769 + /** 1770 + * vfio_ap_mdev_on_cfg_add - responds to the addition of adapters, domains and 1771 + * control domains to the host AP configuration 1772 + * by updating the bitmaps that specify what adapters, 1773 + * domains and control domains have been added so they 1774 + * can be hot plugged into the guest when the AP bus 1775 + * scan completes (see vfio_ap_on_scan_complete 1776 + * function). 1777 + * @cur_config_info: the current AP configuration information 1778 + * @prev_config_info: the previous AP configuration information 1779 + */ 1780 + static void vfio_ap_mdev_on_cfg_add(struct ap_config_info *cur_config_info, 1781 + struct ap_config_info *prev_config_info) 1782 + { 1783 + bool do_add; 1784 + DECLARE_BITMAP(apm_add, AP_DEVICES); 1785 + DECLARE_BITMAP(aqm_add, AP_DOMAINS); 1786 + DECLARE_BITMAP(adm_add, AP_DOMAINS); 1787 + 1788 + do_add = bitmap_andnot(apm_add, 1789 + (unsigned long *)cur_config_info->apm, 1790 + (unsigned long *)prev_config_info->apm, 1791 + AP_DEVICES); 1792 + do_add |= bitmap_andnot(aqm_add, 1793 + (unsigned long *)cur_config_info->aqm, 1794 + (unsigned long *)prev_config_info->aqm, 1795 + AP_DOMAINS); 1796 + do_add |= bitmap_andnot(adm_add, 1797 + (unsigned long *)cur_config_info->adm, 1798 + (unsigned long *)prev_config_info->adm, 1799 + AP_DOMAINS); 1800 + 1801 + if (do_add) 1802 + vfio_ap_mdev_cfg_add(apm_add, aqm_add, adm_add); 1803 + } 1804 + 1805 + /** 1806 + * vfio_ap_on_cfg_changed - handles notification of changes to the host AP 1807 + * configuration. 1808 + * 1809 + * @cur_cfg_info: the current host AP configuration 1810 + * @prev_cfg_info: the previous host AP configuration 1811 + */ 1812 + void vfio_ap_on_cfg_changed(struct ap_config_info *cur_cfg_info, 1813 + struct ap_config_info *prev_cfg_info) 1814 + { 1815 + if (!cur_cfg_info || !prev_cfg_info) 1816 + return; 1817 + 1818 + mutex_lock(&matrix_dev->guests_lock); 1819 + 1820 + vfio_ap_mdev_on_cfg_remove(cur_cfg_info, prev_cfg_info); 1821 + vfio_ap_mdev_on_cfg_add(cur_cfg_info, prev_cfg_info); 1822 + memcpy(&matrix_dev->info, cur_cfg_info, sizeof(*cur_cfg_info)); 1823 + 1824 + mutex_unlock(&matrix_dev->guests_lock); 1825 + } 1826 + 1827 + static void vfio_ap_mdev_hot_plug_cfg(struct ap_matrix_mdev *matrix_mdev) 1828 + { 1829 + bool do_hotplug = false; 1830 + int filter_domains = 0; 1831 + int filter_adapters = 0; 1832 + DECLARE_BITMAP(apm, AP_DEVICES); 1833 + DECLARE_BITMAP(aqm, AP_DOMAINS); 1834 + 1835 + mutex_lock(&matrix_mdev->kvm->lock); 1836 + mutex_lock(&matrix_dev->mdevs_lock); 1837 + 1838 + filter_adapters = bitmap_and(apm, matrix_mdev->matrix.apm, 1839 + matrix_mdev->apm_add, AP_DEVICES); 1840 + filter_domains = bitmap_and(aqm, matrix_mdev->matrix.aqm, 1841 + matrix_mdev->aqm_add, AP_DOMAINS); 1842 + 1843 + if (filter_adapters && filter_domains) 1844 + do_hotplug |= vfio_ap_mdev_filter_matrix(apm, aqm, matrix_mdev); 1845 + else if (filter_adapters) 1846 + do_hotplug |= 1847 + vfio_ap_mdev_filter_matrix(apm, 1848 + matrix_mdev->shadow_apcb.aqm, 1849 + matrix_mdev); 1850 + else 1851 + do_hotplug |= 1852 + vfio_ap_mdev_filter_matrix(matrix_mdev->shadow_apcb.apm, 1853 + aqm, matrix_mdev); 1854 + 1855 + if (bitmap_intersects(matrix_mdev->matrix.adm, matrix_mdev->adm_add, 1856 + AP_DOMAINS)) 1857 + do_hotplug |= vfio_ap_mdev_filter_cdoms(matrix_mdev); 1858 + 1859 + if (do_hotplug) 1860 + vfio_ap_mdev_update_guest_apcb(matrix_mdev); 1861 + 1862 + mutex_unlock(&matrix_dev->mdevs_lock); 1863 + mutex_unlock(&matrix_mdev->kvm->lock); 1864 + } 1865 + 1866 + void vfio_ap_on_scan_complete(struct ap_config_info *new_config_info, 1867 + struct ap_config_info *old_config_info) 1868 + { 1869 + struct ap_matrix_mdev *matrix_mdev; 1870 + 1871 + mutex_lock(&matrix_dev->guests_lock); 1872 + 1873 + list_for_each_entry(matrix_mdev, &matrix_dev->mdev_list, node) { 1874 + if (bitmap_empty(matrix_mdev->apm_add, AP_DEVICES) && 1875 + bitmap_empty(matrix_mdev->aqm_add, AP_DOMAINS) && 1876 + bitmap_empty(matrix_mdev->adm_add, AP_DOMAINS)) 1877 + continue; 1878 + 1879 + vfio_ap_mdev_hot_plug_cfg(matrix_mdev); 1880 + bitmap_clear(matrix_mdev->apm_add, 0, AP_DEVICES); 1881 + bitmap_clear(matrix_mdev->aqm_add, 0, AP_DOMAINS); 1882 + bitmap_clear(matrix_mdev->adm_add, 0, AP_DOMAINS); 1883 + } 1884 + 1885 + mutex_unlock(&matrix_dev->guests_lock); 1839 1886 }

+43 -4

drivers/s390/crypto/vfio_ap_private.h

··· 19 19 #include <linux/mutex.h> 20 20 #include <linux/kvm_host.h> 21 21 #include <linux/vfio.h> 22 + #include <linux/hashtable.h> 22 23 23 24 #include "ap_bus.h" 24 25 ··· 33 32 * @available_instances: number of mediated matrix devices that can be created 34 33 * @info: the struct containing the output from the PQAP(QCI) instruction 35 34 * @mdev_list: the list of mediated matrix devices created 36 - * @lock: mutex for locking the AP matrix device. This lock will be 35 + * @mdevs_lock: mutex for locking the AP matrix device. This lock will be 37 36 * taken every time we fiddle with state managed by the vfio_ap 38 37 * driver, be it using @mdev_list or writing the state of a 39 38 * single ap_matrix_mdev device. It's quite coarse but we don't 40 39 * expect much contention. 41 40 * @vfio_ap_drv: the vfio_ap device driver 41 + * @guests_lock: mutex for controlling access to a guest that is using AP 42 + * devices passed through by the vfio_ap device driver. This lock 43 + * will be taken when the AP devices are plugged into or unplugged 44 + * from a guest, and when an ap_matrix_mdev device is added to or 45 + * removed from @mdev_list or the list is iterated. 42 46 */ 43 47 struct ap_matrix_dev { 44 48 struct device device; 45 49 atomic_t available_instances; 46 50 struct ap_config_info info; 47 51 struct list_head mdev_list; 48 - struct mutex lock; 52 + struct mutex mdevs_lock; /* serializes access to each ap_matrix_mdev */ 49 53 struct ap_driver *vfio_ap_drv; 54 + struct mutex guests_lock; /* serializes access to each KVM guest */ 50 55 }; 51 56 52 57 extern struct ap_matrix_dev *matrix_dev; ··· 82 75 }; 83 76 84 77 /** 78 + * struct ap_queue_table - a table of queue objects. 79 + * 80 + * @queues: a hashtable of queues (struct vfio_ap_queue). 81 + */ 82 + struct ap_queue_table { 83 + DECLARE_HASHTABLE(queues, 8); 84 + }; 85 + 86 + /** 85 87 * struct ap_matrix_mdev - Contains the data associated with a matrix mediated 86 88 * device. 87 89 * @vdev: the vfio device 88 90 * @node: allows the ap_matrix_mdev struct to be added to a list 89 91 * @matrix: the adapters, usage domains and control domains assigned to the 90 92 * mediated matrix device. 93 + * @shadow_apcb: the shadow copy of the APCB field of the KVM guest's CRYCB 91 94 * @kvm: the struct holding guest's state 92 95 * @pqap_hook: the function pointer to the interception handler for the 93 96 * PQAP(AQIC) instruction. 94 97 * @mdev: the mediated device 98 + * @qtable: table of queues (struct vfio_ap_queue) assigned to the mdev 99 + * @apm_add: bitmap of APIDs added to the host's AP configuration 100 + * @aqm_add: bitmap of APQIs added to the host's AP configuration 101 + * @adm_add: bitmap of control domain numbers added to the host's AP 102 + * configuration 95 103 */ 96 104 struct ap_matrix_mdev { 97 105 struct vfio_device vdev; 98 106 struct list_head node; 99 107 struct ap_matrix matrix; 108 + struct ap_matrix shadow_apcb; 100 109 struct kvm *kvm; 101 110 crypto_hook pqap_hook; 102 111 struct mdev_device *mdev; 112 + struct ap_queue_table qtable; 113 + DECLARE_BITMAP(apm_add, AP_DEVICES); 114 + DECLARE_BITMAP(aqm_add, AP_DOMAINS); 115 + DECLARE_BITMAP(adm_add, AP_DOMAINS); 103 116 }; 104 117 105 118 /** ··· 129 102 * @saved_iova: the notification indicator byte (nib) address 130 103 * @apqn: the APQN of the AP queue device 131 104 * @saved_isc: the guest ISC registered with the GIB interface 105 + * @mdev_qnode: allows the vfio_ap_queue struct to be added to a hashtable 106 + * @reset_rc: the status response code from the last reset of the queue 132 107 */ 133 108 struct vfio_ap_queue { 134 109 struct ap_matrix_mdev *matrix_mdev; ··· 138 109 int apqn; 139 110 #define VFIO_AP_ISC_INVALID 0xff 140 111 unsigned char saved_isc; 112 + struct hlist_node mdev_qnode; 113 + unsigned int reset_rc; 141 114 }; 142 115 143 116 int vfio_ap_mdev_register(void); 144 117 void vfio_ap_mdev_unregister(void); 145 - int vfio_ap_mdev_reset_queue(struct vfio_ap_queue *q, 146 - unsigned int retry); 118 + 119 + int vfio_ap_mdev_probe_queue(struct ap_device *queue); 120 + void vfio_ap_mdev_remove_queue(struct ap_device *queue); 121 + 122 + int vfio_ap_mdev_resource_in_use(unsigned long *apm, unsigned long *aqm); 123 + 124 + void vfio_ap_on_cfg_changed(struct ap_config_info *new_config_info, 125 + struct ap_config_info *old_config_info); 126 + void vfio_ap_on_scan_complete(struct ap_config_info *new_config_info, 127 + struct ap_config_info *old_config_info); 147 128 148 129 #endif /* _VFIO_AP_PRIVATE_H_ */

+1

include/uapi/linux/elf.h

··· 420 420 #define NT_S390_GS_CB 0x30b /* s390 guarded storage registers */ 421 421 #define NT_S390_GS_BC 0x30c /* s390 guarded storage broadcast control block */ 422 422 #define NT_S390_RI_CB 0x30d /* s390 runtime instrumentation */ 423 + #define NT_S390_PV_CPU_DATA 0x30e /* s390 protvirt cpu dump data */ 423 424 #define NT_ARM_VFP 0x400 /* ARM VFP/NEON registers */ 424 425 #define NT_ARM_TLS 0x401 /* ARM TLS register */ 425 426 #define NT_ARM_HW_BREAK 0x402 /* ARM hardware breakpoint registers */

+3 -6

tools/testing/crypto/chacha20-s390/test-cipher.c

··· 252 252 memset(plain, 'a', data_size); 253 253 get_random_bytes(plain, (data_size > 256 ? 256 : data_size)); 254 254 255 - cipher_generic = vmalloc(data_size); 255 + cipher_generic = vzalloc(data_size); 256 256 if (!cipher_generic) { 257 257 pr_info("could not allocate cipher_generic buffer\n"); 258 258 ret = -2; 259 259 goto out; 260 260 } 261 - memset(cipher_generic, 0, data_size); 262 261 263 - cipher_s390 = vmalloc(data_size); 262 + cipher_s390 = vzalloc(data_size); 264 263 if (!cipher_s390) { 265 264 pr_info("could not allocate cipher_s390 buffer\n"); 266 265 ret = -2; 267 266 goto out; 268 267 } 269 - memset(cipher_s390, 0, data_size); 270 268 271 - revert = vmalloc(data_size); 269 + revert = vzalloc(data_size); 272 270 if (!revert) { 273 271 pr_info("could not allocate revert buffer\n"); 274 272 ret = -2; 275 273 goto out; 276 274 } 277 - memset(revert, 0, data_size); 278 275 279 276 if (debug) 280 277 print_hex_dump(KERN_INFO, "src: ", DUMP_PREFIX_OFFSET,