| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 17 Apr 2018 14:08:59 -0400
From: Tony Krowiak <akrowiak@...ux.vnet.ibm.com>
To: Cornelia Huck <cohuck@...hat.com>
Cc: Harald Freudenberger <FREUDE@...ibm.com>,
Pierre Morel <pmorel@...ux.vnet.ibm.com>,
alex.williamson@...hat.com, alifm@...ux.vnet.ibm.com,
berrange@...hat.com, bjsdjshi@...ux.vnet.ibm.com,
borntrae@...ux.ibm.com, fiuczy@...ux.vnet.ibm.com,
heicars2@...ux.vnet.ibm.com, jjherne@...ux.vnet.ibm.com,
kvm@...r.kernel.org, kwankhede@...dia.com,
linux-kernel@...r.kernel.org, linux-s390@...r.kernel.org,
mjrosato@...ux.vnet.ibm.com, mschwid2@...ux.vnet.ibm.com,
pasic@...ux.vnet.ibm.com, pbonzini@...hat.com,
Reinhard Buendgen <BUENDGEN@...ibm.com>, thuth@...hat.com
Subject: Re: [PATCH v4 03/15] KVM: s390: refactor crypto initialization
On 04/17/2018 11:21 AM, Cornelia Huck wrote:
> On Tue, 17 Apr 2018 10:26:57 -0400
> Tony Krowiak <akrowiak@...ux.vnet.ibm.com> wrote:
>
>> On 04/17/2018 06:10 AM, Cornelia Huck wrote:
>>> On Tue, 17 Apr 2018 09:49:58 +0200
>>> "Harald Freudenberger" <FREUDE@...ibm.com> wrote:
>>>
>>>> Didn't we say that when APXA is not available there is no Crypto support
>>>> for KVM ?
>>> [Going by the code, as I don't have access to the architecture]
>>>
>>> Current status seems to be:
>>> - setup crycb if facility 76 is available (that's MSAX3, I guess?)
>> The crycb is set up regardless of whether STFLE.76 (MSAX3) is
>> installed or not.
> Hm, the current code does a quick exit if bit 76 is not set, doesn't
> it?
I guess that depends upon what you mean by current code. If you are talking
about the code as it is distributed today - i.e., before my patch series -
then you are correct. This patch changes that; it initializes the
kvm->arch.crypto.crycbd to point to the CRYCB, then clears the format bits
(kvm->arch.crypto.crycbd &= ~(CRYCB_FORMAT_MASK)) which is the same as
setting the CRYCB format to format 0. It is only after this that the
check is done to determine whether STFLE.76 is set.
>
>>> - use format 2 if APXA is available, else use format 1
>> Use format 0 if MSAX3 is not available
>> Use format 1 if MSAX3 is available but APXA is not
>> Use format 2 if MSAX3 and APXA is available
>>
>>> From Tony's patch description, the goal seems to be:
>>> - setup crycb even if MSAX3 is not available
>> Yes, that is true
>>
>>> So my understanding is that we use APXA only to decide on the format of
>>> the crycb, but provide it in any case?
>> Yes, that is true
> With the format selection you outlined above, I guess. Makes sense from
> my point of view (just looking at the source code).
It also implements what is stated in the architecture doc.
>
>>> (Not providing a crycb if APXA is not available would be loss of
>>> functionality, I guess? Deciding not to provide vfio-ap if APXA is not
>>> available is a different game, of course.)
>> This would require a change to enabling the CPU model feature for
>> AP.
> But would it actually make sense to tie vfio-ap to APXA? This needs to
> be answered by folks with access to the architecture :)
I don't see any reason to do that from an architectural perspective.
One can access AP devices whether APXA is installed or not, it just limits
the range of devices that can be addressed
>
> [Personally, I think we should go with the version that uses the least
> restrictions without introducing over-complex code. What constitutes
> "over-complex code" is of course in the eye of the beholder...]
I agree.
>
Powered by blists - more mailing lists