[Kernel-packages] [Bug 1799184] Re: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding
** Tags added: ssc
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1799184
Title:
[18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic
driver binding
Status in Ubuntu on IBM z Systems:
Fix Released
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Bionic:
Fix Released
Bug description:
== SRU Justification ==
APQN tags in the zcrypt device driver are required to support
deterministic driver binding
With the introduction of KVM hw crypto virtualization (on s390x) the driver
bound to an AP queue device is no longer unique determined.
Therefore a deterministic hot plugging semantics of AP queues that may be
bound to multiple drivers is needed.
With the three listed commits here it will be possible to configure an AP
queue (APQN) as being bound to a particular driver even if the associate hw
gets intermittently lost and reconnected.
== Fixes ==
ac2b96f351d7d222 ("s390/zcrypt: code beautify")
7e0bdbe5c21cb831 ("s390/zcrypt: AP bus support for alternate driver(s)")
3d8f60d38e249f98 ("s390/zcrypt: hex string mask improvements for apmask and
aqmask")
== Patches ==
Git-commit: ac2b96f351d7d222
https://github.com/torvalds/linux/commit/ac2b96f351d7d222c46e524feca03005f3fa8d75
Author: Harald Freudenberger
Date: Fri Aug 17 12:36:01 2018 +0200
s390/zcrypt: code beautify
Code beautify by following most of the checkpatch suggestions:
- SPDX license identifier line complains by checkpatch
- missing space or newline complains by checkpatch
- octal numbers for permssions complains by checkpatch
- renaming of static sysfs functions complains by checkpatch
- fix of block comment complains by checkpatch
- fix printf like calls where function name instead of %s __func__
was used
- __packed instead of __attribute__((packed))
- init to zero for static variables removed
- use of DEVICE_ATTR_RO and DEVICE_ATTR_RW macros
No functional code changes or API changes!
Signed-off-by: Harald Freudenberger
Signed-off-by: Martin Schwidefsky
===
Git-commit 7e0bdbe5c21cb831
https://github.com/torvalds/linux/commit/7e0bdbe5c21cb8316a694e46ad5aad339f6894a6
Author: Harald Freudenberger
Date: Fri Jul 20 08:36:53 2018 +0200
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example
[Kernel-packages] [Bug 1799184] Re: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding
** Tags added: cscc
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1799184
Title:
[18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic
driver binding
Status in Ubuntu on IBM z Systems:
Fix Released
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Bionic:
Fix Released
Bug description:
== SRU Justification ==
APQN tags in the zcrypt device driver are required to support
deterministic driver binding
With the introduction of KVM hw crypto virtualization (on s390x) the driver
bound to an AP queue device is no longer unique determined.
Therefore a deterministic hot plugging semantics of AP queues that may be
bound to multiple drivers is needed.
With the three listed commits here it will be possible to configure an AP
queue (APQN) as being bound to a particular driver even if the associate hw
gets intermittently lost and reconnected.
== Fixes ==
ac2b96f351d7d222 ("s390/zcrypt: code beautify")
7e0bdbe5c21cb831 ("s390/zcrypt: AP bus support for alternate driver(s)")
3d8f60d38e249f98 ("s390/zcrypt: hex string mask improvements for apmask and
aqmask")
== Patches ==
Git-commit: ac2b96f351d7d222
https://github.com/torvalds/linux/commit/ac2b96f351d7d222c46e524feca03005f3fa8d75
Author: Harald Freudenberger
Date: Fri Aug 17 12:36:01 2018 +0200
s390/zcrypt: code beautify
Code beautify by following most of the checkpatch suggestions:
- SPDX license identifier line complains by checkpatch
- missing space or newline complains by checkpatch
- octal numbers for permssions complains by checkpatch
- renaming of static sysfs functions complains by checkpatch
- fix of block comment complains by checkpatch
- fix printf like calls where function name instead of %s __func__
was used
- __packed instead of __attribute__((packed))
- init to zero for static variables removed
- use of DEVICE_ATTR_RO and DEVICE_ATTR_RW macros
No functional code changes or API changes!
Signed-off-by: Harald Freudenberger
Signed-off-by: Martin Schwidefsky
===
Git-commit 7e0bdbe5c21cb831
https://github.com/torvalds/linux/commit/7e0bdbe5c21cb8316a694e46ad5aad339f6894a6
Author: Harald Freudenberger
Date: Fri Jul 20 08:36:53 2018 +0200
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example
[Kernel-packages] [Bug 1799184] Re: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding
Just verified that the 3 patches (bug description / SRU template) are included
in kernel 4.19 and since 4.19 laded in disco proposed today, I'm changing the
kernel entry to Fix Released (code is available in cosmic, too).
Changing project entry to Fix Released, too.
** Changed in: linux (Ubuntu)
Status: Fix Committed => Fix Released
** Changed in: ubuntu-z-systems
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1799184
Title:
[18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic
driver binding
Status in Ubuntu on IBM z Systems:
Fix Released
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Bionic:
Fix Released
Bug description:
== SRU Justification ==
APQN tags in the zcrypt device driver are required to support
deterministic driver binding
With the introduction of KVM hw crypto virtualization (on s390x) the driver
bound to an AP queue device is no longer unique determined.
Therefore a deterministic hot plugging semantics of AP queues that may be
bound to multiple drivers is needed.
With the three listed commits here it will be possible to configure an AP
queue (APQN) as being bound to a particular driver even if the associate hw
gets intermittently lost and reconnected.
== Fixes ==
ac2b96f351d7d222 ("s390/zcrypt: code beautify")
7e0bdbe5c21cb831 ("s390/zcrypt: AP bus support for alternate driver(s)")
3d8f60d38e249f98 ("s390/zcrypt: hex string mask improvements for apmask and
aqmask")
== Patches ==
Git-commit: ac2b96f351d7d222
https://github.com/torvalds/linux/commit/ac2b96f351d7d222c46e524feca03005f3fa8d75
Author: Harald Freudenberger
Date: Fri Aug 17 12:36:01 2018 +0200
s390/zcrypt: code beautify
Code beautify by following most of the checkpatch suggestions:
- SPDX license identifier line complains by checkpatch
- missing space or newline complains by checkpatch
- octal numbers for permssions complains by checkpatch
- renaming of static sysfs functions complains by checkpatch
- fix of block comment complains by checkpatch
- fix printf like calls where function name instead of %s __func__
was used
- __packed instead of __attribute__((packed))
- init to zero for static variables removed
- use of DEVICE_ATTR_RO and DEVICE_ATTR_RW macros
No functional code changes or API changes!
Signed-off-by: Harald Freudenberger
Signed-off-by: Martin Schwidefsky
===
Git-commit 7e0bdbe5c21cb831
https://github.com/torvalds/linux/commit/7e0bdbe5c21cb8316a694e46ad5aad339f6894a6
Author: Harald Freudenberger
Date: Fri Jul 20 08:36:53 2018 +0200
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate
[Kernel-packages] [Bug 1799184] Re: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding
Just verified that the 3 patches (bug description / SRU template) are
included in kernel 4.19 and since 4.19 laded in disco proposed today,
I'm changing the kernel entry to Fix Committed (code is available in
cosmic, too).
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1799184
Title:
[18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic
driver binding
Status in Ubuntu on IBM z Systems:
Fix Released
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Bionic:
Fix Released
Bug description:
== SRU Justification ==
APQN tags in the zcrypt device driver are required to support
deterministic driver binding
With the introduction of KVM hw crypto virtualization (on s390x) the driver
bound to an AP queue device is no longer unique determined.
Therefore a deterministic hot plugging semantics of AP queues that may be
bound to multiple drivers is needed.
With the three listed commits here it will be possible to configure an AP
queue (APQN) as being bound to a particular driver even if the associate hw
gets intermittently lost and reconnected.
== Fixes ==
ac2b96f351d7d222 ("s390/zcrypt: code beautify")
7e0bdbe5c21cb831 ("s390/zcrypt: AP bus support for alternate driver(s)")
3d8f60d38e249f98 ("s390/zcrypt: hex string mask improvements for apmask and
aqmask")
== Patches ==
Git-commit: ac2b96f351d7d222
https://github.com/torvalds/linux/commit/ac2b96f351d7d222c46e524feca03005f3fa8d75
Author: Harald Freudenberger
Date: Fri Aug 17 12:36:01 2018 +0200
s390/zcrypt: code beautify
Code beautify by following most of the checkpatch suggestions:
- SPDX license identifier line complains by checkpatch
- missing space or newline complains by checkpatch
- octal numbers for permssions complains by checkpatch
- renaming of static sysfs functions complains by checkpatch
- fix of block comment complains by checkpatch
- fix printf like calls where function name instead of %s __func__
was used
- __packed instead of __attribute__((packed))
- init to zero for static variables removed
- use of DEVICE_ATTR_RO and DEVICE_ATTR_RW macros
No functional code changes or API changes!
Signed-off-by: Harald Freudenberger
Signed-off-by: Martin Schwidefsky
===
Git-commit 7e0bdbe5c21cb831
https://github.com/torvalds/linux/commit/7e0bdbe5c21cb8316a694e46ad5aad339f6894a6
Author: Harald Freudenberger
Date: Fri Jul 20 08:36:53 2018 +0200
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are
[Kernel-packages] [Bug 1799184] Re: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding
This bug was fixed in the package linux - 4.15.0-42.45
---
linux (4.15.0-42.45) bionic; urgency=medium
* linux: 4.15.0-42.45 -proposed tracker (LP: #1803592)
* [FEAT] Guest-dedicated Crypto Adapters (LP: #1787405)
- KVM: s390: reset crypto attributes for all vcpus
- KVM: s390: vsie: simulate VCPU SIE entry/exit
- KVM: s390: introduce and use KVM_REQ_VSIE_RESTART
- KVM: s390: refactor crypto initialization
- s390: vfio-ap: base implementation of VFIO AP device driver
- s390: vfio-ap: register matrix device with VFIO mdev framework
- s390: vfio-ap: sysfs interfaces to configure adapters
- s390: vfio-ap: sysfs interfaces to configure domains
- s390: vfio-ap: sysfs interfaces to configure control domains
- s390: vfio-ap: sysfs interface to view matrix mdev matrix
- KVM: s390: interface to clear CRYCB masks
- s390: vfio-ap: implement mediated device open callback
- s390: vfio-ap: implement VFIO_DEVICE_GET_INFO ioctl
- s390: vfio-ap: zeroize the AP queues
- s390: vfio-ap: implement VFIO_DEVICE_RESET ioctl
- KVM: s390: Clear Crypto Control Block when using vSIE
- KVM: s390: vsie: Do the CRYCB validation first
- KVM: s390: vsie: Make use of CRYCB FORMAT2 clear
- KVM: s390: vsie: Allow CRYCB FORMAT-2
- KVM: s390: vsie: allow CRYCB FORMAT-1
- KVM: s390: vsie: allow CRYCB FORMAT-0
- KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-1
- KVM: s390: vsie: allow guest FORMAT-1 CRYCB on host FORMAT-2
- KVM: s390: vsie: allow guest FORMAT-0 CRYCB on host FORMAT-2
- KVM: s390: device attrs to enable/disable AP interpretation
- KVM: s390: CPU model support for AP virtualization
- s390: doc: detailed specifications for AP virtualization
- KVM: s390: fix locking for crypto setting error path
- KVM: s390: Tracing APCB changes
- s390: vfio-ap: setup APCB mask using KVM dedicated function
- s390/zcrypt: Add ZAPQ inline function.
- s390/zcrypt: Review inline assembler constraints.
- s390/zcrypt: Integrate ap_asm.h into include/asm/ap.h.
- s390/zcrypt: fix ap_instructions_available() returncodes
- s390/zcrypt: remove VLA usage from the AP bus
- s390/zcrypt: Remove deprecated ioctls.
- s390/zcrypt: Remove deprecated zcrypt proc interface.
- s390/zcrypt: Support up to 256 crypto adapters.
- [Config:] Enable CONFIG_S390_AP_IOMMU and set CONFIG_VFIO_AP to module.
* Bypass of mount visibility through userns + mount propagation (LP: #1789161)
- mount: Retest MNT_LOCKED in do_umount
- mount: Don't allow copying MNT_UNBINDABLE|MNT_LOCKED mounts
* CVE-2018-18955: nested user namespaces with more than five extents
incorrectly grant privileges over inode (LP: #1801924) // CVE-2018-18955
- userns: also map extents in the reverse map to kernel IDs
* kdump fail due to an IRQ storm (LP: #1797990)
- SAUCE: x86/PCI: Export find_cap() to be used in early PCI code
- SAUCE: x86/quirks: Add parameter to clear MSIs early on boot
- SAUCE: x86/quirks: Scan all busses for early PCI quirks
-- Thadeu Lima de Souza Cascardo Thu, 15 Nov
2018 17:01:46 -0200
** Changed in: linux (Ubuntu Bionic)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-18955
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1799184
Title:
[18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic
driver binding
Status in Ubuntu on IBM z Systems:
Fix Committed
Status in linux package in Ubuntu:
Fix Committed
Status in linux source package in Bionic:
Fix Released
Bug description:
== SRU Justification ==
APQN tags in the zcrypt device driver are required to support
deterministic driver binding
With the introduction of KVM hw crypto virtualization (on s390x) the driver
bound to an AP queue device is no longer unique determined.
Therefore a deterministic hot plugging semantics of AP queues that may be
bound to multiple drivers is needed.
With the three listed commits here it will be possible to configure an AP
queue (APQN) as being bound to a particular driver even if the associate hw
gets intermittently lost and reconnected.
== Fixes ==
ac2b96f351d7d222 ("s390/zcrypt: code beautify")
7e0bdbe5c21cb831 ("s390/zcrypt: AP bus support for alternate driver(s)")
3d8f60d38e249f98 ("s390/zcrypt: hex string mask improvements for apmask and
aqmask")
== Patches ==
Git-commit: ac2b96f351d7d222
https://github.com/torvalds/linux/commit/ac2b96f351d7d222c46e524feca03005f3fa8d75
Author: Harald Freudenberger
Date: Fri Aug 17 12:36:01 2018 +0200
s390/zcrypt: code beautify
Code beautify by following most of the checkpatch suggestions:
- SPDX license identifier line complains by checkpatch
- missing space or newline complains by checkpatch
-
[Kernel-packages] [Bug 1799184] Re: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding
I was able to successfully verify the patches and can now see the apmask and
aqmask in /sys/bus/ap using the kernel from bionic-proposed (4.15.0-42-generic).
$ cat /sys/bus/ap/aqmask
0x
$ cat /sys/bus/ap/apmask
0x
Adjusting tags accordingly.
** Tags removed: verification-needed-bionic
** Tags added: verification-done-bionic
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1799184
Title:
[18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic
driver binding
Status in Ubuntu on IBM z Systems:
Fix Committed
Status in linux package in Ubuntu:
Fix Committed
Status in linux source package in Bionic:
Fix Committed
Bug description:
== SRU Justification ==
APQN tags in the zcrypt device driver are required to support
deterministic driver binding
With the introduction of KVM hw crypto virtualization (on s390x) the driver
bound to an AP queue device is no longer unique determined.
Therefore a deterministic hot plugging semantics of AP queues that may be
bound to multiple drivers is needed.
With the three listed commits here it will be possible to configure an AP
queue (APQN) as being bound to a particular driver even if the associate hw
gets intermittently lost and reconnected.
== Fixes ==
ac2b96f351d7d222 ("s390/zcrypt: code beautify")
7e0bdbe5c21cb831 ("s390/zcrypt: AP bus support for alternate driver(s)")
3d8f60d38e249f98 ("s390/zcrypt: hex string mask improvements for apmask and
aqmask")
== Patches ==
Git-commit: ac2b96f351d7d222
https://github.com/torvalds/linux/commit/ac2b96f351d7d222c46e524feca03005f3fa8d75
Author: Harald Freudenberger
Date: Fri Aug 17 12:36:01 2018 +0200
s390/zcrypt: code beautify
Code beautify by following most of the checkpatch suggestions:
- SPDX license identifier line complains by checkpatch
- missing space or newline complains by checkpatch
- octal numbers for permssions complains by checkpatch
- renaming of static sysfs functions complains by checkpatch
- fix of block comment complains by checkpatch
- fix printf like calls where function name instead of %s __func__
was used
- __packed instead of __attribute__((packed))
- init to zero for static variables removed
- use of DEVICE_ATTR_RO and DEVICE_ATTR_RW macros
No functional code changes or API changes!
Signed-off-by: Harald Freudenberger
Signed-off-by: Martin Schwidefsky
===
Git-commit 7e0bdbe5c21cb831
https://github.com/torvalds/linux/commit/7e0bdbe5c21cb8316a694e46ad5aad339f6894a6
Author: Harald Freudenberger
Date: Fri Jul 20 08:36:53 2018 +0200
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
[Kernel-packages] [Bug 1799184] Re: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding
This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
bionic' to 'verification-done-bionic'. If the problem still exists,
change the tag 'verification-needed-bionic' to 'verification-failed-
bionic'.
If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.
See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!
** Tags added: verification-needed-bionic
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1799184
Title:
[18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic
driver binding
Status in Ubuntu on IBM z Systems:
Fix Committed
Status in linux package in Ubuntu:
Fix Committed
Status in linux source package in Bionic:
Fix Committed
Bug description:
== SRU Justification ==
APQN tags in the zcrypt device driver are required to support
deterministic driver binding
With the introduction of KVM hw crypto virtualization (on s390x) the driver
bound to an AP queue device is no longer unique determined.
Therefore a deterministic hot plugging semantics of AP queues that may be
bound to multiple drivers is needed.
With the three listed commits here it will be possible to configure an AP
queue (APQN) as being bound to a particular driver even if the associate hw
gets intermittently lost and reconnected.
== Fixes ==
ac2b96f351d7d222 ("s390/zcrypt: code beautify")
7e0bdbe5c21cb831 ("s390/zcrypt: AP bus support for alternate driver(s)")
3d8f60d38e249f98 ("s390/zcrypt: hex string mask improvements for apmask and
aqmask")
== Patches ==
Git-commit: ac2b96f351d7d222
https://github.com/torvalds/linux/commit/ac2b96f351d7d222c46e524feca03005f3fa8d75
Author: Harald Freudenberger
Date: Fri Aug 17 12:36:01 2018 +0200
s390/zcrypt: code beautify
Code beautify by following most of the checkpatch suggestions:
- SPDX license identifier line complains by checkpatch
- missing space or newline complains by checkpatch
- octal numbers for permssions complains by checkpatch
- renaming of static sysfs functions complains by checkpatch
- fix of block comment complains by checkpatch
- fix printf like calls where function name instead of %s __func__
was used
- __packed instead of __attribute__((packed))
- init to zero for static variables removed
- use of DEVICE_ATTR_RO and DEVICE_ATTR_RW macros
No functional code changes or API changes!
Signed-off-by: Harald Freudenberger
Signed-off-by: Martin Schwidefsky
===
Git-commit 7e0bdbe5c21cb831
https://github.com/torvalds/linux/commit/7e0bdbe5c21cb8316a694e46ad5aad339f6894a6
Author: Harald Freudenberger
Date: Fri Jul 20 08:36:53 2018 +0200
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one
[Kernel-packages] [Bug 1799184] Re: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding
** Changed in: linux (Ubuntu Bionic)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1799184
Title:
[18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic
driver binding
Status in Ubuntu on IBM z Systems:
In Progress
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Bionic:
Fix Committed
Bug description:
== SRU Justification ==
APQN tags in the zcrypt device driver are required to support
deterministic driver binding
With the introduction of KVM hw crypto virtualization (on s390x) the driver
bound to an AP queue device is no longer unique determined.
Therefore a deterministic hot plugging semantics of AP queues that may be
bound to multiple drivers is needed.
With the three listed commits here it will be possible to configure an AP
queue (APQN) as being bound to a particular driver even if the associate hw
gets intermittently lost and reconnected.
== Fixes ==
ac2b96f351d7d222 ("s390/zcrypt: code beautify")
7e0bdbe5c21cb831 ("s390/zcrypt: AP bus support for alternate driver(s)")
3d8f60d38e249f98 ("s390/zcrypt: hex string mask improvements for apmask and
aqmask")
== Patches ==
Git-commit: ac2b96f351d7d222
https://github.com/torvalds/linux/commit/ac2b96f351d7d222c46e524feca03005f3fa8d75
Author: Harald Freudenberger
Date: Fri Aug 17 12:36:01 2018 +0200
s390/zcrypt: code beautify
Code beautify by following most of the checkpatch suggestions:
- SPDX license identifier line complains by checkpatch
- missing space or newline complains by checkpatch
- octal numbers for permssions complains by checkpatch
- renaming of static sysfs functions complains by checkpatch
- fix of block comment complains by checkpatch
- fix printf like calls where function name instead of %s __func__
was used
- __packed instead of __attribute__((packed))
- init to zero for static variables removed
- use of DEVICE_ATTR_RO and DEVICE_ATTR_RW macros
No functional code changes or API changes!
Signed-off-by: Harald Freudenberger
Signed-off-by: Martin Schwidefsky
===
Git-commit 7e0bdbe5c21cb831
https://github.com/torvalds/linux/commit/7e0bdbe5c21cb8316a694e46ad5aad339f6894a6
Author: Harald Freudenberger
Date: Fri Jul 20 08:36:53 2018 +0200
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask
[Kernel-packages] [Bug 1799184] Re: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding
** Changed in: linux (Ubuntu)
Status: In Progress => Fix Committed
** Changed in: ubuntu-z-systems
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1799184
Title:
[18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic
driver binding
Status in Ubuntu on IBM z Systems:
Fix Committed
Status in linux package in Ubuntu:
Fix Committed
Status in linux source package in Bionic:
Fix Committed
Bug description:
== SRU Justification ==
APQN tags in the zcrypt device driver are required to support
deterministic driver binding
With the introduction of KVM hw crypto virtualization (on s390x) the driver
bound to an AP queue device is no longer unique determined.
Therefore a deterministic hot plugging semantics of AP queues that may be
bound to multiple drivers is needed.
With the three listed commits here it will be possible to configure an AP
queue (APQN) as being bound to a particular driver even if the associate hw
gets intermittently lost and reconnected.
== Fixes ==
ac2b96f351d7d222 ("s390/zcrypt: code beautify")
7e0bdbe5c21cb831 ("s390/zcrypt: AP bus support for alternate driver(s)")
3d8f60d38e249f98 ("s390/zcrypt: hex string mask improvements for apmask and
aqmask")
== Patches ==
Git-commit: ac2b96f351d7d222
https://github.com/torvalds/linux/commit/ac2b96f351d7d222c46e524feca03005f3fa8d75
Author: Harald Freudenberger
Date: Fri Aug 17 12:36:01 2018 +0200
s390/zcrypt: code beautify
Code beautify by following most of the checkpatch suggestions:
- SPDX license identifier line complains by checkpatch
- missing space or newline complains by checkpatch
- octal numbers for permssions complains by checkpatch
- renaming of static sysfs functions complains by checkpatch
- fix of block comment complains by checkpatch
- fix printf like calls where function name instead of %s __func__
was used
- __packed instead of __attribute__((packed))
- init to zero for static variables removed
- use of DEVICE_ATTR_RO and DEVICE_ATTR_RW macros
No functional code changes or API changes!
Signed-off-by: Harald Freudenberger
Signed-off-by: Martin Schwidefsky
===
Git-commit 7e0bdbe5c21cb831
https://github.com/torvalds/linux/commit/7e0bdbe5c21cb8316a694e46ad5aad339f6894a6
Author: Harald Freudenberger
Date: Fri Jul 20 08:36:53 2018 +0200
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask.
[Kernel-packages] [Bug 1799184] Re: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding
SRU request:
Subject: [SRU][Bionic][PATCH 0/3] Fixes for LP1799184
https://lists.ubuntu.com/archives/kernel-team/2018-November/096438.html
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1799184
Title:
[18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic
driver binding
Status in Ubuntu on IBM z Systems:
In Progress
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Bionic:
In Progress
Bug description:
== SRU Justification ==
APQN tags in the zcrypt device driver are required to support
deterministic driver binding
With the introduction of KVM hw crypto virtualization (on s390x) the driver
bound to an AP queue device is no longer unique determined.
Therefore a deterministic hot plugging semantics of AP queues that may be
bound to multiple drivers is needed.
With the three listed commits here it will be possible to configure an AP
queue (APQN) as being bound to a particular driver even if the associate hw
gets intermittently lost and reconnected.
== Fixes ==
ac2b96f351d7d222 ("s390/zcrypt: code beautify")
7e0bdbe5c21cb831 ("s390/zcrypt: AP bus support for alternate driver(s)")
3d8f60d38e249f98 ("s390/zcrypt: hex string mask improvements for apmask and
aqmask")
== Patches ==
Git-commit: ac2b96f351d7d222
https://github.com/torvalds/linux/commit/ac2b96f351d7d222c46e524feca03005f3fa8d75
Author: Harald Freudenberger
Date: Fri Aug 17 12:36:01 2018 +0200
s390/zcrypt: code beautify
Code beautify by following most of the checkpatch suggestions:
- SPDX license identifier line complains by checkpatch
- missing space or newline complains by checkpatch
- octal numbers for permssions complains by checkpatch
- renaming of static sysfs functions complains by checkpatch
- fix of block comment complains by checkpatch
- fix printf like calls where function name instead of %s __func__
was used
- __packed instead of __attribute__((packed))
- init to zero for static variables removed
- use of DEVICE_ATTR_RO and DEVICE_ATTR_RW macros
No functional code changes or API changes!
Signed-off-by: Harald Freudenberger
Signed-off-by: Martin Schwidefsky
===
Git-commit 7e0bdbe5c21cb831
https://github.com/torvalds/linux/commit/7e0bdbe5c21cb8316a694e46ad5aad339f6894a6
Author: Harald Freudenberger
Date: Fri Jul 20 08:36:53 2018 +0200
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is
[Kernel-packages] [Bug 1799184] Re: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding
SRU request:
Subject: [SRU][Bionic][PATCH 0/3] Fixes for LP1799184
https://lists.ubuntu.com/archives/kernel-team/2018-October/096384.html
https://lists.ubuntu.com/archives/kernel-
team/2018-October/thread.html#96384
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1799184
Title:
[18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic
driver binding
Status in Ubuntu on IBM z Systems:
In Progress
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Bionic:
In Progress
Bug description:
== SRU Justification ==
APQN tags in the zcrypt device driver are required to support
deterministic driver binding
With the introduction of KVM hw crypto virtualization (on s390x) the driver
bound to an AP queue device is no longer unique determined.
Therefore a deterministic hot plugging semantics of AP queues that may be
bound to multiple drivers is needed.
With the three listed commits here it will be possible to configure an AP
queue (APQN) as being bound to a particular driver even if the associate hw
gets intermittently lost and reconnected.
== Fixes ==
ac2b96f351d7d222 ("s390/zcrypt: code beautify")
7e0bdbe5c21cb831 ("s390/zcrypt: AP bus support for alternate driver(s)")
3d8f60d38e249f98 ("s390/zcrypt: hex string mask improvements for apmask and
aqmask")
== Patches ==
Git-commit: ac2b96f351d7d222
https://github.com/torvalds/linux/commit/ac2b96f351d7d222c46e524feca03005f3fa8d75
Author: Harald Freudenberger
Date: Fri Aug 17 12:36:01 2018 +0200
s390/zcrypt: code beautify
Code beautify by following most of the checkpatch suggestions:
- SPDX license identifier line complains by checkpatch
- missing space or newline complains by checkpatch
- octal numbers for permssions complains by checkpatch
- renaming of static sysfs functions complains by checkpatch
- fix of block comment complains by checkpatch
- fix printf like calls where function name instead of %s __func__
was used
- __packed instead of __attribute__((packed))
- init to zero for static variables removed
- use of DEVICE_ATTR_RO and DEVICE_ATTR_RW macros
No functional code changes or API changes!
Signed-off-by: Harald Freudenberger
Signed-off-by: Martin Schwidefsky
===
Git-commit 7e0bdbe5c21cb831
https://github.com/torvalds/linux/commit/7e0bdbe5c21cb8316a694e46ad5aad339f6894a6
Author: Harald Freudenberger
Date: Fri Jul 20 08:36:53 2018 +0200
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located
[Kernel-packages] [Bug 1799184] Re: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding
** Description changed:
== SRU Justification ==
APQN tags in the zcrypt device driver are required to support
deterministic driver binding
With the introduction of KVM hw crypto virtualization (on s390x) the driver
bound to an AP queue device is no longer unique determined.
Therefore a deterministic hot plugging semantics of AP queues that may be
bound to multiple drivers is needed.
With the three listed commits here it will be possible to configure an AP
queue (APQN) as being bound to a particular driver even if the associate hw
gets intermittently lost and reconnected.
- == Fix ==
+ == Fixes ==
ac2b96f351d7d222 ("s390/zcrypt: code beautify")
7e0bdbe5c21cb831 ("s390/zcrypt: AP bus support for alternate driver(s)")
3d8f60d38e249f98 ("s390/zcrypt: hex string mask improvements for apmask and
aqmask")
- == Patch ==
+ == Patches ==
Git-commit: ac2b96f351d7d222
https://github.com/torvalds/linux/commit/ac2b96f351d7d222c46e524feca03005f3fa8d75
Author: Harald Freudenberger
Date: Fri Aug 17 12:36:01 2018 +0200
s390/zcrypt: code beautify
Code beautify by following most of the checkpatch suggestions:
- - SPDX license identifier line complains by checkpatch
- - missing space or newline complains by checkpatch
- - octal numbers for permssions complains by checkpatch
- - renaming of static sysfs functions complains by checkpatch
- - fix of block comment complains by checkpatch
- - fix printf like calls where function name instead of %s __func__
-was used
- - __packed instead of __attribute__((packed))
- - init to zero for static variables removed
- - use of DEVICE_ATTR_RO and DEVICE_ATTR_RW macros
+ - SPDX license identifier line complains by checkpatch
+ - missing space or newline complains by checkpatch
+ - octal numbers for permssions complains by checkpatch
+ - renaming of static sysfs functions complains by checkpatch
+ - fix of block comment complains by checkpatch
+ - fix printf like calls where function name instead of %s __func__
+ was used
+ - __packed instead of __attribute__((packed))
+ - init to zero for static variables removed
+ - use of DEVICE_ATTR_RO and DEVICE_ATTR_RW macros
No functional code changes or API changes!
Signed-off-by: Harald Freudenberger
Signed-off-by: Martin Schwidefsky
===
Git-commit 7e0bdbe5c21cb831
https://github.com/torvalds/linux/commit/7e0bdbe5c21cb8316a694e46ad5aad339f6894a6
Author: Harald Freudenberger
Date: Fri Jul 20 08:36:53 2018 +0200
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
[Kernel-packages] [Bug 1799184] Re: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding
** Description changed:
+ == SRU Justification ==
+
+ APQN tags in the zcrypt device driver are required to support
+ deterministic driver binding
+
+ With the introduction of KVM hw crypto virtualization (on s390x) the driver
bound to an AP queue device is no longer unique determined.
+ Therefore a deterministic hot plugging semantics of AP queues that may be
bound to multiple drivers is needed.
+ With the three listed commits here it will be possible to configure an AP
queue (APQN) as being bound to a particular driver even if the associate hw
gets intermittently lost and reconnected.
+
+ == Fix ==
+
+ ac2b96f351d7d222 ("s390/zcrypt: code beautify")
+ 7e0bdbe5c21cb831 ("s390/zcrypt: AP bus support for alternate driver(s)")
+ 3d8f60d38e249f98 ("s390/zcrypt: hex string mask improvements for apmask and
aqmask")
+
+ == Patch ==
+
+ Git-commit: ac2b96f351d7d222
+
https://github.com/torvalds/linux/commit/ac2b96f351d7d222c46e524feca03005f3fa8d75
+ Author: Harald Freudenberger
+ Date: Fri Aug 17 12:36:01 2018 +0200
+ s390/zcrypt: code beautify
+ Code beautify by following most of the checkpatch suggestions:
+ - SPDX license identifier line complains by checkpatch
+ - missing space or newline complains by checkpatch
+ - octal numbers for permssions complains by checkpatch
+ - renaming of static sysfs functions complains by checkpatch
+ - fix of block comment complains by checkpatch
+ - fix printf like calls where function name instead of %s __func__
+was used
+ - __packed instead of __attribute__((packed))
+ - init to zero for static variables removed
+ - use of DEVICE_ATTR_RO and DEVICE_ATTR_RW macros
+
+ No functional code changes or API changes!
+
+ Signed-off-by: Harald Freudenberger
+ Signed-off-by: Martin Schwidefsky
+
+ ===
+
+ Git-commit 7e0bdbe5c21cb831
+
https://github.com/torvalds/linux/commit/7e0bdbe5c21cb8316a694e46ad5aad339f6894a6
+ Author: Harald Freudenberger
+ Date: Fri Jul 20 08:36:53 2018 +0200
+ s390/zcrypt: AP bus support for alternate driver(s)
+ The current AP bus, AP devices and AP device drivers implementation
+ uses a clearly defined mapping for binding AP devices to AP device
+ drivers. So for example a CEX6C queue will always be bound to the
+ cex4queue device driver.
+
+ The Linux Device Driver model has no sensitivity for more than one
+ device driver eligible for one device type. If there exist more than
+ one drivers matching to the device type, simple all drivers are tried
+ consecutively. There is no way to determine and influence the probing
+ order of the drivers.
+
+ With KVM there is a need to provide additional device drivers matching
+ to the very same type of AP devices. With a simple implementation the
+ KVM drivers run in competition to the regular drivers. Whichever
+ 'wins' a device depends on build order and implementation details
+ within the common Linux Device Driver Model and is not
+ deterministic. However, a userspace process could figure out which
+ device should be bound to which driver and sort out the correct
+ binding by manipulating attributes in the sysfs.
+
+ If for security reasons a AP device must not get bound to the 'wrong'
+ device driver the sorting out has to be done within the Linux kernel
+ by the AP bus code. This patch modifies the behavior of the AP bus
+ for probing drivers for devices in a way that two sets of drivers are
+ usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
+ subset of the APQN range for 'usable by the ap bus and the default
+ drivers' or 'not usable by the default drivers and thus available for
+ alternate drivers like vfio-xxx'. So an APQN which is addressed by
+ this masking only the default drivers will be probed. In contrary an
+ APQN which is not addressed by the masks will never be probed and
+ bound to default drivers but onny to alternate drivers.
+
+ Eventually the two masks give a way to divide the range of APQNs into
+ two pools: one pool of APQNs used by the AP bus and the default
+ drivers and thus via zcrypt drivers available to the userspace of the
+ system. And another pool where no zcrypt drivers are bound to and
+ which can be used by alternate drivers (like vfio-xxx) for their
+ needs. This division is hot-plug save and makes sure a APQN assigned
+ to an alternate driver is at no time somehow exploitable by the wrong
+ party.
+
+ The two masks are located in sysfs at /sys/bus/ap/apmask and
+ /sys/bus/ap/aqmask. The mask syntax is exactly the same as the
+ already existing mask attributes in the /sys/bus/ap directory (for
+ example ap_usage_domain_mask and ap_control_domain_mask).
+
+ By default all APQNs belong to the ap bus and the default drivers:
+
+ cat /sys/bus/ap/apmask
+ 0x
+ cat /sys/bus/ap/aqmask
+ 0x
+
+ The masks can be changed at boot time with the kernel command line
+ like this:
+
+ ...
[Kernel-packages] [Bug 1799184] Re: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding
I built a test kernel with the commits posed in comment 1. Commits 2c957a8ad45 and 4a07750ba8f3f are needed as a prereqs as well. The test kernel can be downloaded from: http://kernel.ubuntu.com/~jsalisbury/lp1799184 Can you test this kernel and see if it resolves this bug? Note about installing test kernels: * If the test kernel is prior to 4.15(Bionic) you need to install the linux-image and linux-image-extra .deb packages. * If the test kernel is 4.15(Bionic) or newer, you need to install the linux-modules, linux-modules-extra and linux-image-unsigned .deb packages. Thanks in advance! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1799184 Title: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding Status in Ubuntu on IBM z Systems: In Progress Status in linux package in Ubuntu: In Progress Status in linux source package in Bionic: In Progress Bug description: With the introduction of KVM crypto virtualization the driver bound to an AP queue device is no longer unique determined. This feature provides a deterministic hot plugging semantics of AP queues that may be bound to multiple drivers. In particular it enables to configure an AP queue (APQN) as being bound to a particular driver even if the associate HW gets intermittently lost and reconnected. This function has to be applied to kernel 4.15 for Ubuntu 18.04, Git Commit information available here: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1784331 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1799184/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1799184] Re: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding
** Changed in: ubuntu-z-systems Status: Triaged => In Progress -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1799184 Title: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding Status in Ubuntu on IBM z Systems: In Progress Status in linux package in Ubuntu: In Progress Status in linux source package in Bionic: In Progress Bug description: With the introduction of KVM crypto virtualization the driver bound to an AP queue device is no longer unique determined. This feature provides a deterministic hot plugging semantics of AP queues that may be bound to multiple drivers. In particular it enables to configure an AP queue (APQN) as being bound to a particular driver even if the associate HW gets intermittently lost and reconnected. This function has to be applied to kernel 4.15 for Ubuntu 18.04, Git Commit information available here: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1784331 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1799184/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1799184] Re: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding
** Also affects: linux (Ubuntu Bionic) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Bionic) Status: New => In Progress ** Changed in: linux (Ubuntu) Status: Triaged => In Progress ** Changed in: linux (Ubuntu Bionic) Importance: Undecided => High ** Changed in: linux (Ubuntu Bionic) Assignee: (unassigned) => Joseph Salisbury (jsalisbury) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1799184 Title: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding Status in Ubuntu on IBM z Systems: Triaged Status in linux package in Ubuntu: In Progress Status in linux source package in Bionic: In Progress Bug description: With the introduction of KVM crypto virtualization the driver bound to an AP queue device is no longer unique determined. This feature provides a deterministic hot plugging semantics of AP queues that may be bound to multiple drivers. In particular it enables to configure an AP queue (APQN) as being bound to a particular driver even if the associate HW gets intermittently lost and reconnected. This function has to be applied to kernel 4.15 for Ubuntu 18.04, Git Commit information available here: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1784331 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1799184/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1799184] Re: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding
** Changed in: linux (Ubuntu) Status: New => Triaged ** Changed in: linux (Ubuntu) Importance: Undecided => High ** Changed in: linux (Ubuntu) Assignee: Skipper Bug Screeners (skipper-screen-team) => Joseph Salisbury (jsalisbury) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1799184 Title: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding Status in Ubuntu on IBM z Systems: Triaged Status in linux package in Ubuntu: Triaged Bug description: With the introduction of KVM crypto virtualization the driver bound to an AP queue device is no longer unique determined. This feature provides a deterministic hot plugging semantics of AP queues that may be bound to multiple drivers. In particular it enables to configure an AP queue (APQN) as being bound to a particular driver even if the associate HW gets intermittently lost and reconnected. This function has to be applied to kernel 4.15 for Ubuntu 18.04, Git Commit information available here: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1784331 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1799184/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1799184] Re: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding
** Information type changed from Private to Public -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1799184 Title: [18.04 FEAT] zcrypt DD: introduce APQN tags to support deterministic driver binding Status in Ubuntu on IBM z Systems: Triaged Status in linux package in Ubuntu: New Bug description: With the introduction of KVM crypto virtualization the driver bound to an AP queue device is no longer unique determined. This feature provides a deterministic hot plugging semantics of AP queues that may be bound to multiple drivers. In particular it enables to configure an AP queue (APQN) as being bound to a particular driver even if the associate HW gets intermittently lost and reconnected. This function has to be applied to kernel 4.15 for Ubuntu 18.04, Git Commit information available here: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1784331 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1799184/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
