lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20180817113452.5cee98e2.cohuck@redhat.com>
Date:   Fri, 17 Aug 2018 11:34:52 +0200
From:   Cornelia Huck <cohuck@...hat.com>
To:     Tony Krowiak <akrowiak@...ux.ibm.com>
Cc:     Tony Krowiak <akrowiak@...ux.vnet.ibm.com>,
        linux-s390@...r.kernel.org, linux-kernel@...r.kernel.org,
        kvm@...r.kernel.org, freude@...ibm.com, schwidefsky@...ibm.com,
        heiko.carstens@...ibm.com, borntraeger@...ibm.com,
        kwankhede@...dia.com, bjsdjshi@...ux.vnet.ibm.com,
        pbonzini@...hat.com, alex.williamson@...hat.com,
        pmorel@...ux.vnet.ibm.com, alifm@...ux.vnet.ibm.com,
        mjrosato@...ux.vnet.ibm.com, jjherne@...ux.vnet.ibm.com,
        thuth@...hat.com, pasic@...ux.vnet.ibm.com, berrange@...hat.com,
        fiuczy@...ux.vnet.ibm.com, buendgen@...ibm.com,
        frankja@...ux.ibm.com
Subject: Re: [PATCH v9 17/22] s390: vfio-ap: zeroize the AP queues.

On Wed, 15 Aug 2018 16:36:32 -0400
Tony Krowiak <akrowiak@...ux.ibm.com> wrote:

> On 08/15/2018 12:24 PM, Cornelia Huck wrote:
> > On Mon, 13 Aug 2018 17:48:14 -0400
> > Tony Krowiak <akrowiak@...ux.vnet.ibm.com> wrote:
> >
> > Nit: please drop the leading period in the subject.  
> 
> I assume you mean the ending period?

Err, of course.

> 
> >  
> >> From: Tony Krowiak <akrowiak@...ux.ibm.com>
> >>
> >> Let's call PAPQ(ZAPQ) to zeroize a queue:
> >>
> >> * For each queue configured for a mediated matrix device
> >>    when it is released.
> >>
> >> Zeroizing a queue resets the queue, clears all pending
> >> messages for the queue entries and disables adapter interruptions
> >> associated with the queue.
> >>
> >> Signed-off-by: Tony Krowiak <akrowiak@...ux.ibm.com>
> >> Reviewed-by: Halil Pasic <pasic@...ux.ibm.com>
> >> Tested-by: Michael Mueller <mimu@...ux.ibm.com>
> >> Tested-by: Farhan Ali <alifm@...ux.ibm.com>
> >> Signed-off-by: Christian Borntraeger <borntraeger@...ibm.com>
> >> ---
> >>   drivers/s390/crypto/vfio_ap_ops.c     |   25 +++++++++++++++++++++++++
> >>   drivers/s390/crypto/vfio_ap_private.h |   25 +++++++++++++++++++++++++
> >>   2 files changed, 50 insertions(+), 0 deletions(-)
> >>
> >> diff --git a/drivers/s390/crypto/vfio_ap_private.h b/drivers/s390/crypto/vfio_ap_private.h
> >> index 3e8534b..34f982a 100644
> >> --- a/drivers/s390/crypto/vfio_ap_private.h
> >> +++ b/drivers/s390/crypto/vfio_ap_private.h
> >> @@ -74,4 +74,29 @@ struct ap_matrix_mdev {
> >>   extern int vfio_ap_mdev_register(void);
> >>   extern void vfio_ap_mdev_unregister(void);
> >>   
> >> +static inline int vfio_ap_reset_queue(unsigned int apid, unsigned int apqi,
> >> +				      unsigned int retry)
> >> +{
> >> +	struct ap_queue_status status;
> >> +
> >> +	do {
> >> +		status = ap_zapq(AP_MKQID(apid, apqi));
> >> +		switch (status.response_code) {
> >> +		case AP_RESPONSE_NORMAL:
> >> +			return 0;
> >> +		case AP_RESPONSE_RESET_IN_PROGRESS:
> >> +		case AP_RESPONSE_BUSY:
> >> +			msleep(20);
> >> +			break;
> >> +		default:
> >> +			pr_warn("%s: error zeroizing %02x.%04x: response code %d\n",
> >> +				VFIO_AP_MODULE_NAME, apid, apqi,
> >> +				status.response_code);  
> > How can we end up here? Does this mean that we just don't know what to
> > do with this response, or is this something that should never happen?
> > (How much sense does it make to print an error?)  
> 
> There are additional response codes that could be returned; for example,
> in the case of a catastrophic failure such as: The function can not be
> performed because the AP was somehow deconfigured or the functiona
> cannot be performed due to a machine check failure that caused the AP
> path to be removed. It shouldn't happen, but all are possibilities.
> I can get rid of the message and just return -EIO if you prefer.

These sound like "ugh, we're broken anyway". Not sure if an additional
message would help here much; I'd expect other code to just handle the
failure (especially things like machine checks). I would not oppose
removing the message :)

Maybe add a comment /* things are really broken, give up */ instead?

> 
> >  
> >> +			return -EIO;
> >> +		}
> >> +	} while (retry--);
> >> +
> >> +	return -EBUSY;
> >> +}
> >> +
> >>   #endif /* _VFIO_AP_PRIVATE_H_ */  
> 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ