lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 23 Aug 2018 10:16:59 -0400
From:   Tony Krowiak <akrowiak@...ux.ibm.com>
To:     Cornelia Huck <cohuck@...hat.com>
Cc:     Halil Pasic <pasic@...ux.ibm.com>,
        Christian Borntraeger <borntraeger@...ibm.com>,
        pmorel@...ux.ibm.com, Tony Krowiak <akrowiak@...ux.vnet.ibm.com>,
        linux-s390@...r.kernel.org, linux-kernel@...r.kernel.org,
        kvm@...r.kernel.org, freude@...ibm.com, schwidefsky@...ibm.com,
        heiko.carstens@...ibm.com, kwankhede@...dia.com,
        bjsdjshi@...ux.vnet.ibm.com, pbonzini@...hat.com,
        alex.williamson@...hat.com, pmorel@...ux.vnet.ibm.com,
        alifm@...ux.vnet.ibm.com, mjrosato@...ux.vnet.ibm.com,
        jjherne@...ux.vnet.ibm.com, thuth@...hat.com,
        pasic@...ux.vnet.ibm.com, berrange@...hat.com,
        fiuczy@...ux.vnet.ibm.com, buendgen@...ibm.com,
        frankja@...ux.ibm.com
Subject: Re: [PATCH v9 12/22] s390: vfio-ap: sysfs interfaces to configure
 control domains

On 08/23/2018 06:25 AM, Cornelia Huck wrote:
> On Wed, 22 Aug 2018 15:16:19 -0400
> Tony Krowiak <akrowiak@...ux.ibm.com> wrote:
>
>> One of the things I suggested in a private conversation with Christian
>> earlier
>> today was to provide an additional rw sysfs attribute - a boolean - that
>> indicates
>> whether all usage domains should also be control domains. The default
>> could be
>> true. This would allow one to configure guests with usage-only domains
>> as well
>> as satisfy the convention.
> Would this additional attribute then control "add usage domains to the
> list of control domains automatically", or "don't allow to add a usage
> domain if it has not already been added as a control domain"?

It was just a proposal that wasn't really discussed at all, but this
attribute would add usage domains to the list of control domains
automatically if set to one. That would be the default behavior which
would be turned off by manually setting it to zero.

>
> One thing I'm still unsure about is how libvirt comes into the picture
> here. Will it consume the setting, or actively manipulate it?

libvirt is not in the picture. The only thing libvirt does is identify
which mediated matrix device (i.e., UUID) is to be used by the guest.

>
> [In general, I'm not very clear about how libvirt will interact with the
> whole infrastructure...]

The libvirt domain XML will only specify the UUID of the matrix device
to be used by the guest. Consequently, libvirt will insert the device
statement for the vfio-ap device into the QEMU command line:

-device vfio-ap,syfsdev={path-to-mdev}

All configuration of the mediated device, including the proposed attribute
above, is handled via sysfs attributes.

>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ