On 09/24/2018 07:49 AM, Cornelia Huck wrote:
On Wed, 12 Sep 2018 15:42:50 -0400 Tony Krowiak <[email protected]> wrote:Abstract: ======== On s390, we have cryptographic coprocessor cards, which are modeled on Linux as devices on the AP bus. Each card can be partitioned into domains which can be thought of as a set of hardware registers for processing crypto commands. Crypto commands are sent to a specific domain within a card is via a queue which is identified as a (card,domain) tuple. We model this something like the following (assuming we have access to cards 3 and 4 and domains 1 and 2): AP -> card3 -> queue (3,1) -> queue (3,2) -> card4 -> queue (4,1) -> queue (4,2) If we want to virtualize this, we can use a feature provided by the hardware. We basically attach a satellite control block to our main hardware virtualization control block and the hardware takes care of most of the rest. For this control block, we don't specify explicit tuples, but a list of cards and a list of domains. The guest will get access to the cross product. Because of this, we need to take care that the lists provided to different guests don't overlap; i.e., we need to enforce sane configurations. Otherwise, one guest may get access to things like secret keys for another guest. The idea of this patch set is to introduce a new device, the matrix device. This matrix device hangs off a different root and acts as the parent node for mdev devices. If you now want to give the tuples (4,1) and (4,2), you need to do the following: - Make sure the queues (4,1) and (4,2) belong to vfio_ap (see patches #5 and #6) - Create the mediated device. - Assign card 4 and domains 1 and 2 to the mediated device - Optionally activate the mediated device. QEMU will now simply consume the mediated device and things should work. For a complete description of the architecture and concepts underlying the design, see the Documentation/s390/vfio-ap.txt file included with this patch set.I did not spot anything major, and if v11 addresses the issues raised by various reviewers I don't see why it should not be merged (interface looks sane). I skipped looking at the vsie stuff, though ;)
I think David has that covered.
