lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 12 Jul 2018 09:26:08 +0200 From: Tony Krowiak <akrowiak@...ux.ibm.com> To: pmorel@...ux.ibm.com, Halil Pasic <pasic@...ux.ibm.com>, Tony Krowiak <akrowiak@...ux.vnet.ibm.com>, linux-s390@...r.kernel.org, linux-kernel@...r.kernel.org, kvm@...r.kernel.org Cc: freude@...ibm.com, schwidefsky@...ibm.com, heiko.carstens@...ibm.com, borntraeger@...ibm.com, cohuck@...hat.com, kwankhede@...dia.com, bjsdjshi@...ux.vnet.ibm.com, pbonzini@...hat.com, alex.williamson@...hat.com, pmorel@...ux.vnet.ibm.com, alifm@...ux.vnet.ibm.com, mjrosato@...ux.vnet.ibm.com, jjherne@...ux.vnet.ibm.com, thuth@...hat.com, pasic@...ux.vnet.ibm.com, berrange@...hat.com, fiuczy@...ux.vnet.ibm.com, buendgen@...ibm.com Subject: Re: [PATCH v6 21/21] s390: doc: detailed specifications for AP virtualization On 07/09/2018 11:21 AM, Pierre Morel wrote: > On 03/07/2018 01:10, Halil Pasic wrote: >> >> >> On 06/29/2018 11:11 PM, Tony Krowiak wrote: >>> This patch provides documentation describing the AP architecture and >>> design concepts behind the virtualization of AP devices. It also >>> includes an example of how to configure AP devices for exclusive >>> use of KVM guests. >>> >>> Signed-off-by: Tony Krowiak <akrowiak@...ux.ibm.com> >> >> I don't like the design of external interfaces except for: >> * cpu model features, and >> * reset handling. >> >> In particular: >> >> > ...snip... > >> 4) If I were to act out the role of the administrator, I would prefer >> to think of >> specifying or changing the access controls of a guest in respect to >> AP (that is >> setting the AP matrix) as a single atomic operation -- which either >> succeeds or fails. >> >> The operation should succeed for any valid configuration, and fail >> for any invalid >> on. >> >> The current piecemeal approach seems even less fitting if we consider >> changing the >> access controls of a running guest. AFAIK changing access controls >> for a running >> guest is possible, and I don't see a reason why should we >> artificially prohibit this. >> >> I think the current sysfs interface for manipulating the matrix is >> good for >> manual playing around, but I would prefer having an interface that is >> better >> suited for programs (e.g. ioctl). > > I disagree with using ioctl. > I agree that the current implementation is not right. > The configuration of APM and AQM should always be guarantied as coherent > within the host but it can be done doing the right checks when using > the sysfs. What sysfs interfaces do you suggest? > > > Regards, > > Pierre >
Powered by blists - more mailing lists