lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 2 Nov 2017 13:08:17 +0100
From:   Christian Borntraeger <borntraeger@...ibm.com>
To:     Martin Schwidefsky <schwidefsky@...ibm.com>,
        Tony Krowiak <akrowiak@...ux.vnet.ibm.com>
Cc:     linux-s390@...r.kernel.org, linux-kernel@...r.kernel.org,
        kvm@...r.kernel.org, freude@...ibm.com, heiko.carstens@...ibm.com,
        cohuck@...hat.com, kwankhede@...dia.com,
        bjsdjshi@...ux.vnet.ibm.com, pbonzini@...hat.com,
        alex.williamson@...hat.com, pmorel@...ux.vnet.ibm.com,
        alifm@...ux.vnet.ibm.com, mjrosato@...ux.vnet.ibm.com,
        qemu-s390x@...gnu.org, jjherne@...ux.vnet.ibm.com,
        thuth@...hat.com, pasic@...ux.vnet.ibm.com
Subject: Re: [RFC 19/19] s390/facilities: enable AP facilities needed by guest



On 10/16/2017 11:25 AM, Martin Schwidefsky wrote:
> On Fri, 13 Oct 2017 13:39:04 -0400
> Tony Krowiak <akrowiak@...ux.vnet.ibm.com> wrote:
> 
>> Sets up the following facilities bits to enable the specified AP
>> facilities for the guest VM:
>>     * STFLE.12: Enables the AP Query Configuration Information
>>                 facility. The AP bus running in the guest uses
>>                 the information returned from this instruction
>>                 to configure AP adapters and domains for the
>>                 guest machine.
>>     * STFLE.15: Indicates the AP facilities test is available.
>>                 The AP bus running in the guest uses the
>>                 information.
>>
>> Signed-off-by: Tony Krowiak <akrowiak@...ux.vnet.ibm.com>
>> ---
>>  arch/s390/tools/gen_facilities.c |    2 ++
>>  1 files changed, 2 insertions(+), 0 deletions(-)
>>
>> diff --git a/arch/s390/tools/gen_facilities.c b/arch/s390/tools/gen_facilities.c
>> index 70dd8f1..eeaa7db 100644
>> --- a/arch/s390/tools/gen_facilities.c
>> +++ b/arch/s390/tools/gen_facilities.c
>> @@ -74,8 +74,10 @@ struct facility_def {
>>  			8,  /* enhanced-DAT 1 */
>>  			9,  /* sense-running-status */
>>  			10, /* conditional sske */
>> +			12, /* AP query configuration */
>>  			13, /* ipte-range */
>>  			14, /* nonquiescing key-setting */
>> +			15, /* AP special-command facility */
>>  			73, /* transactional execution */
>>  			75, /* access-exception-fetch/store indication */
>>  			76, /* msa extension 3 */
> 
> With this all KVM guests will always have the AP instructions available, no?
> In principles I like this approach, but it differs from the way z/VM does things,
> there the guest will get an exception if it tries to execute an AP instruction
> if there are no AP devices assigned to the guest. I wonder if there is a reason
> why z/VM does it the way it does.

A good question. For LPAR it seems that you have AP instructions even if you have
no crypto cards.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ