2017-11-14 18:38:01 +01:00
|
|
|
// SPDX-License-Identifier: GPL-2.0+
|
2006-09-20 15:58:25 +02:00
|
|
|
/*
|
2023-06-28 12:36:08 +02:00
|
|
|
* Copyright IBM Corp. 2006, 2023
|
2006-09-20 15:58:25 +02:00
|
|
|
* Author(s): Cornelia Huck <cornelia.huck@de.ibm.com>
|
|
|
|
|
* Martin Schwidefsky <schwidefsky@de.ibm.com>
|
|
|
|
|
* Ralph Wuerthner <rwuerthn@de.ibm.com>
|
2008-12-25 13:38:41 +01:00
|
|
|
* Felix Beck <felix.beck@de.ibm.com>
|
2011-07-24 10:48:25 +02:00
|
|
|
* Holger Dengler <hd@linux.vnet.ibm.com>
|
2020-08-31 10:16:26 +02:00
|
|
|
* Harald Freudenberger <freude@linux.ibm.com>
|
2006-09-20 15:58:25 +02:00
|
|
|
*
|
|
|
|
|
* Adjunct processor bus.
|
|
|
|
|
*/
|
|
|
|
|
|
2008-12-25 13:39:46 +01:00
|
|
|
#define KMSG_COMPONENT "ap"
|
|
|
|
|
#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
|
|
|
|
|
|
2011-01-05 12:47:38 +01:00
|
|
|
#include <linux/kernel_stat.h>
|
2017-02-09 09:48:10 -05:00
|
|
|
#include <linux/moduleparam.h>
|
2006-09-20 15:58:25 +02:00
|
|
|
#include <linux/init.h>
|
|
|
|
|
#include <linux/delay.h>
|
|
|
|
|
#include <linux/err.h>
|
2020-03-24 17:30:39 +01:00
|
|
|
#include <linux/freezer.h>
|
2006-09-20 15:58:25 +02:00
|
|
|
#include <linux/interrupt.h>
|
|
|
|
|
#include <linux/workqueue.h>
|
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
percpu.h is included by sched.h and module.h and thus ends up being
included when building most .c files. percpu.h includes slab.h which
in turn includes gfp.h making everything defined by the two files
universally available and complicating inclusion dependencies.
percpu.h -> slab.h dependency is about to be removed. Prepare for
this change by updating users of gfp and slab facilities include those
headers directly instead of assuming availability. As this conversion
needs to touch large number of source files, the following script is
used as the basis of conversion.
http://userweb.kernel.org/~tj/misc/slabh-sweep.py
The script does the followings.
* Scan files for gfp and slab usages and update includes such that
only the necessary includes are there. ie. if only gfp is used,
gfp.h, if slab is used, slab.h.
* When the script inserts a new include, it looks at the include
blocks and try to put the new include such that its order conforms
to its surrounding. It's put in the include block which contains
core kernel includes, in the same order that the rest are ordered -
alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
doesn't seem to be any matching order.
* If the script can't find a place to put a new include (mostly
because the file doesn't have fitting include block), it prints out
an error message indicating which .h file needs to be added to the
file.
The conversion was done in the following steps.
1. The initial automatic conversion of all .c files updated slightly
over 4000 files, deleting around 700 includes and adding ~480 gfp.h
and ~3000 slab.h inclusions. The script emitted errors for ~400
files.
2. Each error was manually checked. Some didn't need the inclusion,
some needed manual addition while adding it to implementation .h or
embedding .c file was more appropriate for others. This step added
inclusions to around 150 files.
3. The script was run again and the output was compared to the edits
from #2 to make sure no file was left behind.
4. Several build tests were done and a couple of problems were fixed.
e.g. lib/decompress_*.c used malloc/free() wrappers around slab
APIs requiring slab.h to be added manually.
5. The script was run on all .h files but without automatically
editing them as sprinkling gfp.h and slab.h inclusions around .h
files could easily lead to inclusion dependency hell. Most gfp.h
inclusion directives were ignored as stuff from gfp.h was usually
wildly available and often used in preprocessor macros. Each
slab.h inclusion directive was examined and added manually as
necessary.
6. percpu.h was updated not to include slab.h.
7. Build test were done on the following configurations and failures
were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my
distributed build env didn't work with gcov compiles) and a few
more options had to be turned off depending on archs to make things
build (like ipr on powerpc/64 which failed due to missing writeq).
* x86 and x86_64 UP and SMP allmodconfig and a custom test config.
* powerpc and powerpc64 SMP allmodconfig
* sparc and sparc64 SMP allmodconfig
* ia64 SMP allmodconfig
* s390 SMP allmodconfig
* alpha SMP allmodconfig
* um on x86_64 SMP allmodconfig
8. percpu.h modifications were reverted so that it could be applied as
a separate patch and serve as bisection point.
Given the fact that I had only a couple of failures from tests on step
6, I'm fairly confident about the coverage of this conversion patch.
If there is a breakage, it's likely to be something in one of the arch
headers which should be easily discoverable easily on most builds of
the specific arch.
Signed-off-by: Tejun Heo <tj@kernel.org>
Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
2010-03-24 17:04:11 +09:00
|
|
|
#include <linux/slab.h>
|
2006-09-20 15:58:25 +02:00
|
|
|
#include <linux/notifier.h>
|
|
|
|
|
#include <linux/kthread.h>
|
|
|
|
|
#include <linux/mutex.h>
|
2025-02-07 15:49:07 +01:00
|
|
|
#include <asm/machine.h>
|
2008-12-25 13:38:41 +01:00
|
|
|
#include <asm/airq.h>
|
2022-06-06 16:33:09 -04:00
|
|
|
#include <asm/tpi.h>
|
2011-07-26 16:09:06 -07:00
|
|
|
#include <linux/atomic.h>
|
2008-12-25 13:38:41 +01:00
|
|
|
#include <asm/isc.h>
|
2008-07-14 09:59:08 +02:00
|
|
|
#include <linux/hrtimer.h>
|
|
|
|
|
#include <linux/ktime.h>
|
2012-03-28 18:30:02 +01:00
|
|
|
#include <asm/facility.h>
|
2014-11-20 17:05:53 -08:00
|
|
|
#include <linux/crypto.h>
|
2016-08-25 11:16:03 +02:00
|
|
|
#include <linux/mod_devicetable.h>
|
2016-11-24 06:45:21 +01:00
|
|
|
#include <linux/debugfs.h>
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
#include <linux/ctype.h>
|
2019-02-01 16:21:11 -05:00
|
|
|
#include <linux/module.h>
|
2024-02-15 09:34:03 +01:00
|
|
|
#include <asm/uv.h>
|
2024-02-19 17:32:54 +01:00
|
|
|
#include <asm/chsc.h>
|
2006-09-20 15:58:25 +02:00
|
|
|
|
|
|
|
|
#include "ap_bus.h"
|
2016-11-24 06:45:21 +01:00
|
|
|
#include "ap_debug.h"
|
2006-09-20 15:58:25 +02:00
|
|
|
|
2024-02-19 18:10:19 +01:00
|
|
|
MODULE_AUTHOR("IBM Corporation");
|
|
|
|
|
MODULE_DESCRIPTION("Adjunct Processor Bus driver");
|
|
|
|
|
MODULE_LICENSE("GPL");
|
|
|
|
|
|
2006-09-20 15:58:25 +02:00
|
|
|
int ap_domain_index = -1; /* Adjunct Processor Domain Index */
|
2016-08-25 11:11:30 +02:00
|
|
|
static DEFINE_SPINLOCK(ap_domain_lock);
|
2018-08-17 12:36:01 +02:00
|
|
|
module_param_named(domain, ap_domain_index, int, 0440);
|
2006-09-20 15:58:25 +02:00
|
|
|
MODULE_PARM_DESC(domain, "domain index for ap devices");
|
|
|
|
|
EXPORT_SYMBOL(ap_domain_index);
|
|
|
|
|
|
2018-08-17 12:36:01 +02:00
|
|
|
static int ap_thread_flag;
|
|
|
|
|
module_param_named(poll_thread, ap_thread_flag, int, 0440);
|
2008-02-09 18:24:30 +01:00
|
|
|
MODULE_PARM_DESC(poll_thread, "Turn on/off poll thread, default is 0 (off).");
|
2006-09-20 15:58:25 +02:00
|
|
|
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
static char *apm_str;
|
|
|
|
|
module_param_named(apmask, apm_str, charp, 0440);
|
|
|
|
|
MODULE_PARM_DESC(apmask, "AP bus adapter mask.");
|
|
|
|
|
|
|
|
|
|
static char *aqm_str;
|
|
|
|
|
module_param_named(aqmask, aqm_str, charp, 0440);
|
|
|
|
|
MODULE_PARM_DESC(aqmask, "AP bus domain mask.");
|
|
|
|
|
|
2021-10-19 17:51:08 +02:00
|
|
|
static int ap_useirq = 1;
|
|
|
|
|
module_param_named(useirq, ap_useirq, int, 0440);
|
|
|
|
|
MODULE_PARM_DESC(useirq, "Use interrupt if available, default is 1 (on).");
|
|
|
|
|
|
2021-06-25 12:29:46 +02:00
|
|
|
atomic_t ap_max_msg_size = ATOMIC_INIT(AP_DEFAULT_MAX_MSG_SIZE);
|
|
|
|
|
EXPORT_SYMBOL(ap_max_msg_size);
|
|
|
|
|
|
2016-08-25 11:16:03 +02:00
|
|
|
static struct device *ap_root_device;
|
|
|
|
|
|
2020-05-08 15:51:19 +02:00
|
|
|
/* Hashtable of all queue devices on the AP bus */
|
|
|
|
|
DEFINE_HASHTABLE(ap_queues, 8);
|
|
|
|
|
/* lock used for the ap_queues hashtable */
|
|
|
|
|
DEFINE_SPINLOCK(ap_queues_lock);
|
2016-08-25 11:16:03 +02:00
|
|
|
|
s390/zcrypt: multiple zcrypt device nodes support
This patch is an extension to the zcrypt device driver to provide,
support and maintain multiple zcrypt device nodes. The individual
zcrypt device nodes can be restricted in terms of crypto cards,
domains and available ioctls. Such a device node can be used as a
base for container solutions like docker to control and restrict
the access to crypto resources.
The handling is done with a new sysfs subdir /sys/class/zcrypt.
Echoing a name (or an empty sting) into the attribute "create" creates
a new zcrypt device node. In /sys/class/zcrypt a new link will appear
which points to the sysfs device tree of this new device. The
attribute files "ioctlmask", "apmask" and "aqmask" in this directory
are used to customize this new zcrypt device node instance. Finally
the zcrypt device node can be destroyed by echoing the name into
/sys/class/zcrypt/destroy. The internal structs holding the device
info are reference counted - so a destroy will not hard remove a
device but only marks it as removable when the reference counter drops
to zero.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
* Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
* Relative format - a concatenation (done with ',') of the
terms +<bitnr>[-<bitnr>] or -<bitnr>[-<bitnr>]. <bitnr> may be any
valid number (hex, decimal or octal) in the range 0...255. Here are
some examples:
"+0-15,+32,-128,-0xFF"
"-0-255,+1-16,+0x128"
"+1,+2,+3,+4,-5,-7-10"
A simple usage examples:
# create new zcrypt device 'my_zcrypt':
echo "my_zcrypt" >/sys/class/zcrypt/create
# go into the device dir of this new device
echo "my_zcrypt" >create
cd my_zcrypt/
ls -l
total 0
-rw-r--r-- 1 root root 4096 Jul 20 15:23 apmask
-rw-r--r-- 1 root root 4096 Jul 20 15:23 aqmask
-r--r--r-- 1 root root 4096 Jul 20 15:23 dev
-rw-r--r-- 1 root root 4096 Jul 20 15:23 ioctlmask
lrwxrwxrwx 1 root root 0 Jul 20 15:23 subsystem -> ../../../../class/zcrypt
...
# customize this zcrypt node clone
# enable only adapter 0 and 2
echo "0xa0" >apmask
# enable only domain 6
echo "+6" >aqmask
# enable all 256 ioctls
echo "+0-255" >ioctls
# now the /dev/my_zcrypt may be used
# finally destroy it
echo "my_zcrypt" >/sys/class/zcrypt/destroy
Please note that a very similar 'filtering behavior' also applies to
the parent z90crypt device. The two mask attributes apmask and aqmask
in /sys/bus/ap act the very same for the z90crypt device node. However
the implementation here is totally different as the ap bus acts on
bind/unbind of queue devices and associated drivers but the effect is
still the same. So there are two filters active for each additional
zcrypt device node: The adapter/domain needs to be enabled on the ap
bus level and it needs to be active on the zcrypt device node level.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-09-17 16:18:41 +02:00
|
|
|
/* Default permissions (ioctl, card and domain masking) */
|
|
|
|
|
struct ap_perms ap_perms;
|
|
|
|
|
EXPORT_SYMBOL(ap_perms);
|
|
|
|
|
DEFINE_MUTEX(ap_perms_mutex);
|
|
|
|
|
EXPORT_SYMBOL(ap_perms_mutex);
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
|
2021-05-11 15:01:18 +02:00
|
|
|
/* # of bindings complete since init */
|
|
|
|
|
static atomic64_t ap_bindings_complete_count = ATOMIC64_INIT(0);
|
|
|
|
|
|
2024-01-30 15:30:22 +01:00
|
|
|
/* completion for APQN bindings complete */
|
|
|
|
|
static DECLARE_COMPLETION(ap_apqn_bindings_complete);
|
2020-08-31 10:16:26 +02:00
|
|
|
|
2024-03-08 15:54:43 +01:00
|
|
|
static struct ap_config_info qci[2];
|
|
|
|
|
static struct ap_config_info *const ap_qci_info = &qci[0];
|
|
|
|
|
static struct ap_config_info *const ap_qci_info_old = &qci[1];
|
2006-09-20 15:58:25 +02:00
|
|
|
|
2016-11-24 06:45:21 +01:00
|
|
|
/*
|
|
|
|
|
* AP bus related debug feature things.
|
|
|
|
|
*/
|
|
|
|
|
debug_info_t *ap_dbf_info;
|
|
|
|
|
|
2008-04-17 07:46:28 +02:00
|
|
|
/*
|
2024-01-30 16:50:05 +01:00
|
|
|
* AP bus rescan related things.
|
2006-09-20 15:58:25 +02:00
|
|
|
*/
|
2024-01-30 17:42:50 +01:00
|
|
|
static bool ap_scan_bus(void);
|
|
|
|
|
static bool ap_scan_bus_result; /* result of last ap_scan_bus() */
|
|
|
|
|
static DEFINE_MUTEX(ap_scan_bus_mutex); /* mutex ap_scan_bus() invocations */
|
2024-08-28 14:25:08 +02:00
|
|
|
static struct task_struct *ap_scan_bus_task; /* thread holding the scan mutex */
|
2024-01-30 16:50:05 +01:00
|
|
|
static atomic64_t ap_scan_bus_count; /* counter ap_scan_bus() invocations */
|
|
|
|
|
static int ap_scan_bus_time = AP_CONFIG_TIME;
|
|
|
|
|
static struct timer_list ap_scan_bus_timer;
|
2024-01-30 17:15:47 +01:00
|
|
|
static void ap_scan_bus_wq_callback(struct work_struct *);
|
|
|
|
|
static DECLARE_WORK(ap_scan_bus_work, ap_scan_bus_wq_callback);
|
2006-09-20 15:58:25 +02:00
|
|
|
|
2008-04-17 07:46:28 +02:00
|
|
|
/*
|
2008-12-25 13:38:41 +01:00
|
|
|
* Tasklet & timer for AP request polling and interrupts
|
2006-09-20 15:58:25 +02:00
|
|
|
*/
|
2015-09-14 17:01:23 +02:00
|
|
|
static void ap_tasklet_fn(unsigned long);
|
2020-07-13 15:01:26 -07:00
|
|
|
static DECLARE_TASKLET_OLD(ap_tasklet, ap_tasklet_fn);
|
2006-09-20 15:58:25 +02:00
|
|
|
static DECLARE_WAIT_QUEUE_HEAD(ap_poll_wait);
|
2018-08-17 12:36:01 +02:00
|
|
|
static struct task_struct *ap_poll_kthread;
|
2006-09-20 15:58:25 +02:00
|
|
|
static DEFINE_MUTEX(ap_poll_thread_mutex);
|
2009-12-07 12:52:00 +01:00
|
|
|
static DEFINE_SPINLOCK(ap_poll_timer_lock);
|
2008-07-14 09:59:08 +02:00
|
|
|
static struct hrtimer ap_poll_timer;
|
2018-08-17 12:36:01 +02:00
|
|
|
/*
|
|
|
|
|
* In LPAR poll with 4kHz frequency. Poll every 250000 nanoseconds.
|
|
|
|
|
* If z/VM change to 1500000 nanoseconds to adjust to z/VM polling.
|
|
|
|
|
*/
|
2022-10-21 15:41:00 +02:00
|
|
|
static unsigned long poll_high_timeout = 250000UL;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Some state machine states only require a low frequency polling.
|
|
|
|
|
* We use 25 Hz frequency for these.
|
|
|
|
|
*/
|
|
|
|
|
static unsigned long poll_low_timeout = 40000000UL;
|
2006-09-20 15:58:25 +02:00
|
|
|
|
2020-07-01 12:40:39 +02:00
|
|
|
/* Maximum domain id, if not given via qci */
|
|
|
|
|
static int ap_max_domain_id = 15;
|
|
|
|
|
/* Maximum adapter id, if not given via qci */
|
|
|
|
|
static int ap_max_adapter_id = 63;
|
2020-03-24 17:30:39 +01:00
|
|
|
|
2024-02-03 11:58:02 -03:00
|
|
|
static const struct bus_type ap_bus_type;
|
2009-06-22 12:08:16 +02:00
|
|
|
|
2013-06-24 10:30:41 +02:00
|
|
|
/* Adapter interrupt definitions */
|
2022-06-06 16:33:09 -04:00
|
|
|
static void ap_interrupt_handler(struct airq_struct *airq,
|
|
|
|
|
struct tpi_info *tpi_info);
|
2015-09-14 17:01:23 +02:00
|
|
|
|
2021-08-25 10:55:02 +02:00
|
|
|
static bool ap_irq_flag;
|
2013-06-24 10:30:41 +02:00
|
|
|
|
|
|
|
|
static struct airq_struct ap_airq = {
|
|
|
|
|
.handler = ap_interrupt_handler,
|
|
|
|
|
.isc = AP_ISC,
|
|
|
|
|
};
|
|
|
|
|
|
2016-08-25 11:16:03 +02:00
|
|
|
/**
|
|
|
|
|
* ap_airq_ptr() - Get the address of the adapter interrupt indicator
|
|
|
|
|
*
|
|
|
|
|
* Returns the address of the local-summary-indicator of the adapter
|
|
|
|
|
* interrupt handler for AP, or NULL if adapter interrupts are not
|
|
|
|
|
* available.
|
|
|
|
|
*/
|
|
|
|
|
void *ap_airq_ptr(void)
|
|
|
|
|
{
|
2021-08-25 10:55:02 +02:00
|
|
|
if (ap_irq_flag)
|
2016-08-25 11:16:03 +02:00
|
|
|
return ap_airq.lsi_ptr;
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2008-12-25 13:38:41 +01:00
|
|
|
/**
|
|
|
|
|
* ap_interrupts_available(): Test if AP interrupts are available.
|
|
|
|
|
*
|
|
|
|
|
* Returns 1 if AP interrupts are available.
|
|
|
|
|
*/
|
|
|
|
|
static int ap_interrupts_available(void)
|
|
|
|
|
{
|
2015-02-14 11:23:21 +01:00
|
|
|
return test_facility(65);
|
2008-12-25 13:38:41 +01:00
|
|
|
}
|
|
|
|
|
|
2012-08-28 16:41:50 +02:00
|
|
|
/**
|
2020-07-01 12:40:39 +02:00
|
|
|
* ap_qci_available(): Test if AP configuration
|
|
|
|
|
* information can be queried via QCI subfunction.
|
2012-08-28 16:41:50 +02:00
|
|
|
*
|
2020-07-01 12:40:39 +02:00
|
|
|
* Returns 1 if subfunction PQAP(QCI) is available.
|
2012-08-28 16:41:50 +02:00
|
|
|
*/
|
2020-07-01 12:40:39 +02:00
|
|
|
static int ap_qci_available(void)
|
2012-08-28 16:41:50 +02:00
|
|
|
{
|
2015-02-14 11:23:21 +01:00
|
|
|
return test_facility(12);
|
2012-08-28 16:41:50 +02:00
|
|
|
}
|
|
|
|
|
|
2016-11-08 07:09:13 +01:00
|
|
|
/**
|
|
|
|
|
* ap_apft_available(): Test if AP facilities test (APFT)
|
|
|
|
|
* facility is available.
|
|
|
|
|
*
|
2022-04-04 17:12:37 +02:00
|
|
|
* Returns 1 if APFT is available.
|
2016-11-08 07:09:13 +01:00
|
|
|
*/
|
|
|
|
|
static int ap_apft_available(void)
|
|
|
|
|
{
|
|
|
|
|
return test_facility(15);
|
|
|
|
|
}
|
|
|
|
|
|
2017-10-16 12:28:35 +02:00
|
|
|
/*
|
|
|
|
|
* ap_qact_available(): Test if the PQAP(QACT) subfunction is available.
|
|
|
|
|
*
|
|
|
|
|
* Returns 1 if the QACT subfunction is available.
|
|
|
|
|
*/
|
|
|
|
|
static inline int ap_qact_available(void)
|
|
|
|
|
{
|
2024-03-08 15:54:43 +01:00
|
|
|
return ap_qci_info->qact;
|
2017-10-16 12:28:35 +02:00
|
|
|
}
|
|
|
|
|
|
2022-09-20 15:12:01 +02:00
|
|
|
/*
|
|
|
|
|
* ap_sb_available(): Test if the AP secure binding facility is available.
|
|
|
|
|
*
|
|
|
|
|
* Returns 1 if secure binding facility is available.
|
|
|
|
|
*/
|
|
|
|
|
int ap_sb_available(void)
|
|
|
|
|
{
|
2024-03-08 15:54:43 +01:00
|
|
|
return ap_qci_info->apsb;
|
2022-09-20 15:12:01 +02:00
|
|
|
}
|
|
|
|
|
|
2023-08-11 16:56:20 +02:00
|
|
|
/*
|
|
|
|
|
* ap_is_se_guest(): Check for SE guest with AP pass-through support.
|
|
|
|
|
*/
|
|
|
|
|
bool ap_is_se_guest(void)
|
|
|
|
|
{
|
|
|
|
|
return is_prot_virt_guest() && ap_sb_available();
|
|
|
|
|
}
|
|
|
|
|
EXPORT_SYMBOL(ap_is_se_guest);
|
|
|
|
|
|
2015-06-26 16:55:35 +02:00
|
|
|
/**
|
2020-07-01 12:40:39 +02:00
|
|
|
* ap_init_qci_info(): Allocate and query qci config info.
|
|
|
|
|
* Does also update the static variables ap_max_domain_id
|
|
|
|
|
* and ap_max_adapter_id if this info is available.
|
2015-06-26 16:55:35 +02:00
|
|
|
*/
|
2020-07-01 12:40:39 +02:00
|
|
|
static void __init ap_init_qci_info(void)
|
2015-06-26 16:55:35 +02:00
|
|
|
{
|
2024-03-08 15:54:43 +01:00
|
|
|
if (!ap_qci_available() ||
|
|
|
|
|
ap_qci(ap_qci_info)) {
|
2020-07-02 15:56:15 +02:00
|
|
|
AP_DBF_INFO("%s QCI not supported\n", __func__);
|
2015-06-26 16:55:35 +02:00
|
|
|
return;
|
2020-07-01 12:40:39 +02:00
|
|
|
}
|
2024-03-08 15:54:43 +01:00
|
|
|
memcpy(ap_qci_info_old, ap_qci_info, sizeof(*ap_qci_info));
|
2020-07-02 15:56:15 +02:00
|
|
|
AP_DBF_INFO("%s successful fetched initial qci info\n", __func__);
|
2020-07-01 12:40:39 +02:00
|
|
|
|
|
|
|
|
if (ap_qci_info->apxa) {
|
2022-09-20 15:12:01 +02:00
|
|
|
if (ap_qci_info->na) {
|
|
|
|
|
ap_max_adapter_id = ap_qci_info->na;
|
2020-07-02 15:56:15 +02:00
|
|
|
AP_DBF_INFO("%s new ap_max_adapter_id is %d\n",
|
|
|
|
|
__func__, ap_max_adapter_id);
|
2020-07-01 12:40:39 +02:00
|
|
|
}
|
2022-09-20 15:12:01 +02:00
|
|
|
if (ap_qci_info->nd) {
|
|
|
|
|
ap_max_domain_id = ap_qci_info->nd;
|
2020-07-02 15:56:15 +02:00
|
|
|
AP_DBF_INFO("%s new ap_max_domain_id is %d\n",
|
|
|
|
|
__func__, ap_max_domain_id);
|
2020-07-01 12:40:39 +02:00
|
|
|
}
|
|
|
|
|
}
|
2015-06-26 16:55:35 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* ap_test_config(): helper function to extract the nrth bit
|
|
|
|
|
* within the unsigned int array field.
|
|
|
|
|
*/
|
|
|
|
|
static inline int ap_test_config(unsigned int *field, unsigned int nr)
|
|
|
|
|
{
|
|
|
|
|
return ap_test_bit((field + (nr >> 5)), (nr & 0x1f));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* ap_test_config_card_id(): Test, whether an AP card ID is configured.
|
|
|
|
|
*
|
|
|
|
|
* Returns 0 if the card is not configured
|
|
|
|
|
* 1 if the card is configured or
|
|
|
|
|
* if the configuration information is not available
|
|
|
|
|
*/
|
|
|
|
|
static inline int ap_test_config_card_id(unsigned int id)
|
|
|
|
|
{
|
2020-07-01 12:40:39 +02:00
|
|
|
if (id > ap_max_adapter_id)
|
|
|
|
|
return 0;
|
2024-03-08 15:54:43 +01:00
|
|
|
if (ap_qci_info->flags)
|
2020-07-01 12:40:39 +02:00
|
|
|
return ap_test_config(ap_qci_info->apm, id);
|
|
|
|
|
return 1;
|
2015-06-26 16:55:35 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
2019-05-21 13:50:09 +02:00
|
|
|
* ap_test_config_usage_domain(): Test, whether an AP usage domain
|
|
|
|
|
* is configured.
|
2015-06-26 16:55:35 +02:00
|
|
|
*
|
|
|
|
|
* Returns 0 if the usage domain is not configured
|
|
|
|
|
* 1 if the usage domain is configured or
|
|
|
|
|
* if the configuration information is not available
|
|
|
|
|
*/
|
2019-05-21 13:50:09 +02:00
|
|
|
int ap_test_config_usage_domain(unsigned int domain)
|
2015-06-26 16:55:35 +02:00
|
|
|
{
|
2020-07-01 12:40:39 +02:00
|
|
|
if (domain > ap_max_domain_id)
|
|
|
|
|
return 0;
|
2024-03-08 15:54:43 +01:00
|
|
|
if (ap_qci_info->flags)
|
2020-07-01 12:40:39 +02:00
|
|
|
return ap_test_config(ap_qci_info->aqm, domain);
|
|
|
|
|
return 1;
|
2015-06-26 16:55:35 +02:00
|
|
|
}
|
2019-05-21 13:50:09 +02:00
|
|
|
EXPORT_SYMBOL(ap_test_config_usage_domain);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* ap_test_config_ctrl_domain(): Test, whether an AP control domain
|
|
|
|
|
* is configured.
|
|
|
|
|
* @domain AP control domain ID
|
|
|
|
|
*
|
|
|
|
|
* Returns 1 if the control domain is configured
|
|
|
|
|
* 0 in all other cases
|
|
|
|
|
*/
|
|
|
|
|
int ap_test_config_ctrl_domain(unsigned int domain)
|
|
|
|
|
{
|
2020-07-01 12:40:39 +02:00
|
|
|
if (!ap_qci_info || domain > ap_max_domain_id)
|
2019-05-21 13:50:09 +02:00
|
|
|
return 0;
|
2020-07-01 12:40:39 +02:00
|
|
|
return ap_test_config(ap_qci_info->adm, domain);
|
2019-05-21 13:50:09 +02:00
|
|
|
}
|
|
|
|
|
EXPORT_SYMBOL(ap_test_config_ctrl_domain);
|
2015-06-26 16:55:35 +02:00
|
|
|
|
2020-07-01 12:40:39 +02:00
|
|
|
/*
|
|
|
|
|
* ap_queue_info(): Check and get AP queue info.
|
2023-02-15 15:08:15 +01:00
|
|
|
* Returns: 1 if APQN exists and info is filled,
|
2023-10-26 09:33:31 +02:00
|
|
|
* 0 if APQN seems to exist but there is no info
|
2023-02-15 15:08:15 +01:00
|
|
|
* available (eg. caused by an asynch pending error)
|
|
|
|
|
* -1 invalid APQN, TAPQ error or AP queue status which
|
|
|
|
|
* indicates there is no APQN.
|
2006-09-20 15:58:25 +02:00
|
|
|
*/
|
2023-11-04 10:04:31 +01:00
|
|
|
static int ap_queue_info(ap_qid_t qid, struct ap_tapq_hwinfo *hwinfo,
|
|
|
|
|
bool *decfg, bool *cstop)
|
2006-09-20 15:58:25 +02:00
|
|
|
{
|
|
|
|
|
struct ap_queue_status status;
|
2021-06-25 12:29:46 +02:00
|
|
|
|
2023-11-04 10:04:31 +01:00
|
|
|
hwinfo->value = 0;
|
2015-06-26 16:55:35 +02:00
|
|
|
|
2020-07-01 12:40:39 +02:00
|
|
|
/* make sure we don't run into a specifiation exception */
|
|
|
|
|
if (AP_QID_CARD(qid) > ap_max_adapter_id ||
|
|
|
|
|
AP_QID_QUEUE(qid) > ap_max_domain_id)
|
2023-02-15 15:08:15 +01:00
|
|
|
return -1;
|
2006-09-20 15:58:25 +02:00
|
|
|
|
2020-07-01 12:40:39 +02:00
|
|
|
/* call TAPQ on this APQN */
|
2023-11-04 10:04:31 +01:00
|
|
|
status = ap_test_queue(qid, ap_apft_available(), hwinfo);
|
2023-02-15 15:08:15 +01:00
|
|
|
|
2015-06-17 16:19:15 +02:00
|
|
|
switch (status.response_code) {
|
|
|
|
|
case AP_RESPONSE_NORMAL:
|
2020-07-01 12:40:39 +02:00
|
|
|
case AP_RESPONSE_RESET_IN_PROGRESS:
|
2020-07-02 16:57:00 +02:00
|
|
|
case AP_RESPONSE_DECONFIGURED:
|
|
|
|
|
case AP_RESPONSE_CHECKSTOPPED:
|
|
|
|
|
case AP_RESPONSE_BUSY:
|
2023-10-26 09:33:31 +02:00
|
|
|
/* For all these RCs the tapq info should be available */
|
|
|
|
|
break;
|
2015-06-17 16:19:15 +02:00
|
|
|
default:
|
2023-10-26 09:33:31 +02:00
|
|
|
/* On a pending async error the info should be available */
|
|
|
|
|
if (!status.async)
|
|
|
|
|
return -1;
|
|
|
|
|
break;
|
2006-09-20 15:58:25 +02:00
|
|
|
}
|
2023-10-26 09:33:31 +02:00
|
|
|
|
|
|
|
|
/* There should be at least one of the mode bits set */
|
2023-11-04 10:04:31 +01:00
|
|
|
if (WARN_ON_ONCE(!hwinfo->value))
|
2023-10-26 09:33:31 +02:00
|
|
|
return 0;
|
|
|
|
|
|
2023-11-04 10:04:31 +01:00
|
|
|
*decfg = status.response_code == AP_RESPONSE_DECONFIGURED;
|
|
|
|
|
*cstop = status.response_code == AP_RESPONSE_CHECKSTOPPED;
|
2023-10-26 09:33:31 +02:00
|
|
|
|
|
|
|
|
return 1;
|
2006-09-20 15:58:25 +02:00
|
|
|
}
|
|
|
|
|
|
2020-05-26 10:49:33 +02:00
|
|
|
void ap_wait(enum ap_sm_wait wait)
|
2015-09-14 17:01:23 +02:00
|
|
|
{
|
|
|
|
|
ktime_t hr_time;
|
|
|
|
|
|
|
|
|
|
switch (wait) {
|
2020-05-26 10:49:33 +02:00
|
|
|
case AP_SM_WAIT_AGAIN:
|
|
|
|
|
case AP_SM_WAIT_INTERRUPT:
|
2021-08-25 10:55:02 +02:00
|
|
|
if (ap_irq_flag)
|
2015-09-14 17:01:23 +02:00
|
|
|
break;
|
|
|
|
|
if (ap_poll_kthread) {
|
|
|
|
|
wake_up(&ap_poll_wait);
|
|
|
|
|
break;
|
|
|
|
|
}
|
2020-03-10 13:39:51 -07:00
|
|
|
fallthrough;
|
2022-10-21 15:41:00 +02:00
|
|
|
case AP_SM_WAIT_LOW_TIMEOUT:
|
|
|
|
|
case AP_SM_WAIT_HIGH_TIMEOUT:
|
2015-09-14 17:01:23 +02:00
|
|
|
spin_lock_bh(&ap_poll_timer_lock);
|
|
|
|
|
if (!hrtimer_is_queued(&ap_poll_timer)) {
|
2022-10-21 15:41:00 +02:00
|
|
|
hr_time =
|
|
|
|
|
wait == AP_SM_WAIT_LOW_TIMEOUT ?
|
|
|
|
|
poll_low_timeout : poll_high_timeout;
|
2015-09-14 17:01:23 +02:00
|
|
|
hrtimer_forward_now(&ap_poll_timer, hr_time);
|
|
|
|
|
hrtimer_restart(&ap_poll_timer);
|
|
|
|
|
}
|
|
|
|
|
spin_unlock_bh(&ap_poll_timer_lock);
|
|
|
|
|
break;
|
2020-05-26 10:49:33 +02:00
|
|
|
case AP_SM_WAIT_NONE:
|
2015-09-14 17:01:23 +02:00
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* ap_request_timeout(): Handling of request timeouts
|
2017-10-25 03:27:37 -07:00
|
|
|
* @t: timer making this callback
|
2015-09-14 17:01:23 +02:00
|
|
|
*
|
|
|
|
|
* Handles request timeouts.
|
|
|
|
|
*/
|
2017-10-25 03:27:37 -07:00
|
|
|
void ap_request_timeout(struct timer_list *t)
|
2015-09-14 17:01:23 +02:00
|
|
|
{
|
2017-10-25 03:27:37 -07:00
|
|
|
struct ap_queue *aq = from_timer(aq, t, timeout);
|
2015-09-14 17:01:23 +02:00
|
|
|
|
2016-08-25 11:16:03 +02:00
|
|
|
spin_lock_bh(&aq->lock);
|
2020-05-26 10:49:33 +02:00
|
|
|
ap_wait(ap_sm_event(aq, AP_SM_EVENT_TIMEOUT));
|
2016-08-25 11:16:03 +02:00
|
|
|
spin_unlock_bh(&aq->lock);
|
2015-09-14 17:01:23 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* ap_poll_timeout(): AP receive polling for finished AP requests.
|
|
|
|
|
* @unused: Unused pointer.
|
|
|
|
|
*
|
|
|
|
|
* Schedules the AP tasklet using a high resolution timer.
|
|
|
|
|
*/
|
|
|
|
|
static enum hrtimer_restart ap_poll_timeout(struct hrtimer *unused)
|
|
|
|
|
{
|
2020-03-24 17:30:39 +01:00
|
|
|
tasklet_schedule(&ap_tasklet);
|
2015-09-14 17:01:23 +02:00
|
|
|
return HRTIMER_NORESTART;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* ap_interrupt_handler() - Schedule ap_tasklet on interrupt
|
|
|
|
|
* @airq: pointer to adapter interrupt descriptor
|
2022-06-06 16:33:09 -04:00
|
|
|
* @tpi_info: ignored
|
2015-09-14 17:01:23 +02:00
|
|
|
*/
|
2022-06-06 16:33:09 -04:00
|
|
|
static void ap_interrupt_handler(struct airq_struct *airq,
|
|
|
|
|
struct tpi_info *tpi_info)
|
2015-09-14 17:01:23 +02:00
|
|
|
{
|
|
|
|
|
inc_irq_stat(IRQIO_APB);
|
2020-03-24 17:30:39 +01:00
|
|
|
tasklet_schedule(&ap_tasklet);
|
2015-09-14 17:01:23 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* ap_tasklet_fn(): Tasklet to poll all AP devices.
|
|
|
|
|
* @dummy: Unused variable
|
|
|
|
|
*
|
|
|
|
|
* Poll all AP devices on the bus.
|
|
|
|
|
*/
|
|
|
|
|
static void ap_tasklet_fn(unsigned long dummy)
|
|
|
|
|
{
|
2020-05-08 15:51:19 +02:00
|
|
|
int bkt;
|
2016-08-25 11:16:03 +02:00
|
|
|
struct ap_queue *aq;
|
2020-05-26 10:49:33 +02:00
|
|
|
enum ap_sm_wait wait = AP_SM_WAIT_NONE;
|
2015-09-14 17:01:23 +02:00
|
|
|
|
|
|
|
|
/* Reset the indicator if interrupts are used. Thus new interrupts can
|
2023-06-28 16:23:20 +02:00
|
|
|
* be received. Doing it in the beginning of the tasklet is therefore
|
2015-09-14 17:01:23 +02:00
|
|
|
* important that no requests on any AP get lost.
|
|
|
|
|
*/
|
2021-08-25 10:55:02 +02:00
|
|
|
if (ap_irq_flag)
|
2024-11-25 12:54:30 +01:00
|
|
|
WRITE_ONCE(*ap_airq.lsi_ptr, 0);
|
2015-09-14 17:01:23 +02:00
|
|
|
|
2020-05-08 15:51:19 +02:00
|
|
|
spin_lock_bh(&ap_queues_lock);
|
|
|
|
|
hash_for_each(ap_queues, bkt, aq, hnode) {
|
|
|
|
|
spin_lock_bh(&aq->lock);
|
2020-05-26 10:49:33 +02:00
|
|
|
wait = min(wait, ap_sm_event_loop(aq, AP_SM_EVENT_POLL));
|
2020-05-08 15:51:19 +02:00
|
|
|
spin_unlock_bh(&aq->lock);
|
2015-09-14 17:01:23 +02:00
|
|
|
}
|
2020-05-08 15:51:19 +02:00
|
|
|
spin_unlock_bh(&ap_queues_lock);
|
2016-08-25 11:16:03 +02:00
|
|
|
|
|
|
|
|
ap_wait(wait);
|
2007-07-10 11:24:19 +02:00
|
|
|
}
|
|
|
|
|
|
2016-09-21 14:12:53 +02:00
|
|
|
static int ap_pending_requests(void)
|
|
|
|
|
{
|
2020-05-08 15:51:19 +02:00
|
|
|
int bkt;
|
2016-08-25 11:16:03 +02:00
|
|
|
struct ap_queue *aq;
|
|
|
|
|
|
2020-05-08 15:51:19 +02:00
|
|
|
spin_lock_bh(&ap_queues_lock);
|
|
|
|
|
hash_for_each(ap_queues, bkt, aq, hnode) {
|
|
|
|
|
if (aq->queue_count == 0)
|
|
|
|
|
continue;
|
|
|
|
|
spin_unlock_bh(&ap_queues_lock);
|
|
|
|
|
return 1;
|
2016-09-21 14:12:53 +02:00
|
|
|
}
|
2020-05-08 15:51:19 +02:00
|
|
|
spin_unlock_bh(&ap_queues_lock);
|
2016-08-25 11:16:03 +02:00
|
|
|
return 0;
|
2016-09-21 14:12:53 +02:00
|
|
|
}
|
|
|
|
|
|
2015-07-17 13:43:18 +02:00
|
|
|
/**
|
|
|
|
|
* ap_poll_thread(): Thread that polls for finished requests.
|
|
|
|
|
* @data: Unused pointer
|
|
|
|
|
*
|
|
|
|
|
* AP bus poll thread. The purpose of this thread is to poll for
|
|
|
|
|
* finished requests in a loop if there is a "free" cpu - that is
|
|
|
|
|
* a cpu that doesn't have anything better to do. The polling stops
|
|
|
|
|
* as soon as there is another task or if all messages have been
|
|
|
|
|
* delivered.
|
|
|
|
|
*/
|
|
|
|
|
static int ap_poll_thread(void *data)
|
|
|
|
|
{
|
|
|
|
|
DECLARE_WAITQUEUE(wait, current);
|
|
|
|
|
|
|
|
|
|
set_user_nice(current, MAX_NICE);
|
|
|
|
|
set_freezable();
|
|
|
|
|
while (!kthread_should_stop()) {
|
|
|
|
|
add_wait_queue(&ap_poll_wait, &wait);
|
|
|
|
|
set_current_state(TASK_INTERRUPTIBLE);
|
2020-03-24 17:30:39 +01:00
|
|
|
if (!ap_pending_requests()) {
|
2015-07-17 13:43:18 +02:00
|
|
|
schedule();
|
|
|
|
|
try_to_freeze();
|
|
|
|
|
}
|
|
|
|
|
set_current_state(TASK_RUNNING);
|
|
|
|
|
remove_wait_queue(&ap_poll_wait, &wait);
|
|
|
|
|
if (need_resched()) {
|
|
|
|
|
schedule();
|
|
|
|
|
try_to_freeze();
|
|
|
|
|
continue;
|
|
|
|
|
}
|
2015-09-14 17:01:23 +02:00
|
|
|
ap_tasklet_fn(0);
|
2016-09-21 14:12:53 +02:00
|
|
|
}
|
|
|
|
|
|
2015-07-17 13:43:18 +02:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int ap_poll_thread_start(void)
|
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
|
2021-08-25 10:55:02 +02:00
|
|
|
if (ap_irq_flag || ap_poll_kthread)
|
2015-07-17 13:43:18 +02:00
|
|
|
return 0;
|
|
|
|
|
mutex_lock(&ap_poll_thread_mutex);
|
|
|
|
|
ap_poll_kthread = kthread_run(ap_poll_thread, NULL, "appoll");
|
2018-07-18 23:42:05 -05:00
|
|
|
rc = PTR_ERR_OR_ZERO(ap_poll_kthread);
|
2015-07-17 13:43:18 +02:00
|
|
|
if (rc)
|
|
|
|
|
ap_poll_kthread = NULL;
|
|
|
|
|
mutex_unlock(&ap_poll_thread_mutex);
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void ap_poll_thread_stop(void)
|
|
|
|
|
{
|
|
|
|
|
if (!ap_poll_kthread)
|
|
|
|
|
return;
|
|
|
|
|
mutex_lock(&ap_poll_thread_mutex);
|
|
|
|
|
kthread_stop(ap_poll_kthread);
|
|
|
|
|
ap_poll_kthread = NULL;
|
|
|
|
|
mutex_unlock(&ap_poll_thread_mutex);
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-25 11:16:03 +02:00
|
|
|
#define is_card_dev(x) ((x)->parent == ap_root_device)
|
|
|
|
|
#define is_queue_dev(x) ((x)->parent != ap_root_device)
|
2006-09-20 15:58:25 +02:00
|
|
|
|
|
|
|
|
/**
|
2008-04-17 07:46:28 +02:00
|
|
|
* ap_bus_match()
|
|
|
|
|
* @dev: Pointer to device
|
|
|
|
|
* @drv: Pointer to device_driver
|
|
|
|
|
*
|
2006-09-20 15:58:25 +02:00
|
|
|
* AP bus driver registration/unregistration.
|
|
|
|
|
*/
|
2024-07-01 14:07:37 +02:00
|
|
|
static int ap_bus_match(struct device *dev, const struct device_driver *drv)
|
2006-09-20 15:58:25 +02:00
|
|
|
{
|
2024-07-01 14:07:37 +02:00
|
|
|
const struct ap_driver *ap_drv = to_ap_drv(drv);
|
2006-09-20 15:58:25 +02:00
|
|
|
struct ap_device_id *id;
|
|
|
|
|
|
2008-04-17 07:46:28 +02:00
|
|
|
/*
|
2006-09-20 15:58:25 +02:00
|
|
|
* Compare device type of the device with the list of
|
|
|
|
|
* supported types of the device_driver.
|
|
|
|
|
*/
|
|
|
|
|
for (id = ap_drv->ids; id->match_flags; id++) {
|
2016-08-25 11:16:03 +02:00
|
|
|
if (is_card_dev(dev) &&
|
|
|
|
|
id->match_flags & AP_DEVICE_ID_MATCH_CARD_TYPE &&
|
|
|
|
|
id->dev_type == to_ap_dev(dev)->device_type)
|
|
|
|
|
return 1;
|
|
|
|
|
if (is_queue_dev(dev) &&
|
|
|
|
|
id->match_flags & AP_DEVICE_ID_MATCH_QUEUE_TYPE &&
|
|
|
|
|
id->dev_type == to_ap_dev(dev)->device_type)
|
|
|
|
|
return 1;
|
2006-09-20 15:58:25 +02:00
|
|
|
}
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2008-04-17 07:46:28 +02:00
|
|
|
* ap_uevent(): Uevent function for AP devices.
|
|
|
|
|
* @dev: Pointer to device
|
|
|
|
|
* @env: Pointer to kobj_uevent_env
|
|
|
|
|
*
|
|
|
|
|
* It sets up a single environment variable DEV_TYPE which contains the
|
|
|
|
|
* hardware device type.
|
2006-09-20 15:58:25 +02:00
|
|
|
*/
|
2023-01-11 12:30:17 +01:00
|
|
|
static int ap_uevent(const struct device *dev, struct kobj_uevent_env *env)
|
2006-09-20 15:58:25 +02:00
|
|
|
{
|
2021-04-13 18:11:09 +02:00
|
|
|
int rc = 0;
|
2023-01-11 12:30:17 +01:00
|
|
|
const struct ap_device *ap_dev = to_ap_dev(dev);
|
2006-09-20 15:58:25 +02:00
|
|
|
|
2020-08-31 10:16:26 +02:00
|
|
|
/* Uevents from ap bus core don't need extensions to the env */
|
|
|
|
|
if (dev == ap_root_device)
|
|
|
|
|
return 0;
|
2006-09-20 15:58:25 +02:00
|
|
|
|
2021-04-13 18:11:09 +02:00
|
|
|
if (is_card_dev(dev)) {
|
|
|
|
|
struct ap_card *ac = to_ap_card(&ap_dev->device);
|
2007-03-30 22:23:12 -07:00
|
|
|
|
2021-04-13 18:11:09 +02:00
|
|
|
/* Set up DEV_TYPE environment variable. */
|
|
|
|
|
rc = add_uevent_var(env, "DEV_TYPE=%04X", ap_dev->device_type);
|
|
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
|
|
|
|
/* Add MODALIAS= */
|
|
|
|
|
rc = add_uevent_var(env, "MODALIAS=ap:t%02X", ap_dev->device_type);
|
|
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
|
|
|
|
|
|
|
|
|
/* Add MODE=<accel|cca|ep11> */
|
2023-11-04 10:04:31 +01:00
|
|
|
if (ac->hwinfo.accel)
|
2021-04-13 18:11:09 +02:00
|
|
|
rc = add_uevent_var(env, "MODE=accel");
|
2023-11-04 10:04:31 +01:00
|
|
|
else if (ac->hwinfo.cca)
|
2021-04-13 18:11:09 +02:00
|
|
|
rc = add_uevent_var(env, "MODE=cca");
|
2023-11-04 10:04:31 +01:00
|
|
|
else if (ac->hwinfo.ep11)
|
2021-04-13 18:11:09 +02:00
|
|
|
rc = add_uevent_var(env, "MODE=ep11");
|
|
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
|
|
|
|
} else {
|
|
|
|
|
struct ap_queue *aq = to_ap_queue(&ap_dev->device);
|
|
|
|
|
|
|
|
|
|
/* Add MODE=<accel|cca|ep11> */
|
2023-11-04 10:04:31 +01:00
|
|
|
if (aq->card->hwinfo.accel)
|
2021-04-13 18:11:09 +02:00
|
|
|
rc = add_uevent_var(env, "MODE=accel");
|
2023-11-04 10:04:31 +01:00
|
|
|
else if (aq->card->hwinfo.cca)
|
2021-04-13 18:11:09 +02:00
|
|
|
rc = add_uevent_var(env, "MODE=cca");
|
2023-11-04 10:04:31 +01:00
|
|
|
else if (aq->card->hwinfo.ep11)
|
2021-04-13 18:11:09 +02:00
|
|
|
rc = add_uevent_var(env, "MODE=ep11");
|
|
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
2020-08-31 10:16:26 +02:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void ap_send_init_scan_done_uevent(void)
|
|
|
|
|
{
|
|
|
|
|
char *envp[] = { "INITSCAN=done", NULL };
|
|
|
|
|
|
|
|
|
|
kobject_uevent_env(&ap_root_device->kobj, KOBJ_CHANGE, envp);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void ap_send_bindings_complete_uevent(void)
|
|
|
|
|
{
|
2021-05-11 15:01:18 +02:00
|
|
|
char buf[32];
|
|
|
|
|
char *envp[] = { "BINDINGS=complete", buf, NULL };
|
2020-08-31 10:16:26 +02:00
|
|
|
|
2021-05-11 15:01:18 +02:00
|
|
|
snprintf(buf, sizeof(buf), "COMPLETECOUNT=%llu",
|
|
|
|
|
atomic64_inc_return(&ap_bindings_complete_count));
|
2020-08-31 10:16:26 +02:00
|
|
|
kobject_uevent_env(&ap_root_device->kobj, KOBJ_CHANGE, envp);
|
|
|
|
|
}
|
|
|
|
|
|
2021-04-13 18:11:09 +02:00
|
|
|
void ap_send_config_uevent(struct ap_device *ap_dev, bool cfg)
|
|
|
|
|
{
|
|
|
|
|
char buf[16];
|
|
|
|
|
char *envp[] = { buf, NULL };
|
|
|
|
|
|
|
|
|
|
snprintf(buf, sizeof(buf), "CONFIG=%d", cfg ? 1 : 0);
|
|
|
|
|
|
|
|
|
|
kobject_uevent_env(&ap_dev->device.kobj, KOBJ_CHANGE, envp);
|
|
|
|
|
}
|
|
|
|
|
EXPORT_SYMBOL(ap_send_config_uevent);
|
|
|
|
|
|
|
|
|
|
void ap_send_online_uevent(struct ap_device *ap_dev, int online)
|
|
|
|
|
{
|
|
|
|
|
char buf[16];
|
|
|
|
|
char *envp[] = { buf, NULL };
|
|
|
|
|
|
|
|
|
|
snprintf(buf, sizeof(buf), "ONLINE=%d", online ? 1 : 0);
|
|
|
|
|
|
|
|
|
|
kobject_uevent_env(&ap_dev->device.kobj, KOBJ_CHANGE, envp);
|
|
|
|
|
}
|
|
|
|
|
EXPORT_SYMBOL(ap_send_online_uevent);
|
|
|
|
|
|
2022-03-23 12:13:32 +01:00
|
|
|
static void ap_send_mask_changed_uevent(unsigned long *newapm,
|
|
|
|
|
unsigned long *newaqm)
|
|
|
|
|
{
|
|
|
|
|
char buf[100];
|
|
|
|
|
char *envp[] = { buf, NULL };
|
|
|
|
|
|
|
|
|
|
if (newapm)
|
|
|
|
|
snprintf(buf, sizeof(buf),
|
|
|
|
|
"APMASK=0x%016lx%016lx%016lx%016lx\n",
|
|
|
|
|
newapm[0], newapm[1], newapm[2], newapm[3]);
|
|
|
|
|
else
|
|
|
|
|
snprintf(buf, sizeof(buf),
|
|
|
|
|
"AQMASK=0x%016lx%016lx%016lx%016lx\n",
|
|
|
|
|
newaqm[0], newaqm[1], newaqm[2], newaqm[3]);
|
|
|
|
|
|
|
|
|
|
kobject_uevent_env(&ap_root_device->kobj, KOBJ_CHANGE, envp);
|
|
|
|
|
}
|
|
|
|
|
|
2020-08-31 10:16:26 +02:00
|
|
|
/*
|
|
|
|
|
* calc # of bound APQNs
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
struct __ap_calc_ctrs {
|
|
|
|
|
unsigned int apqns;
|
|
|
|
|
unsigned int bound;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static int __ap_calc_helper(struct device *dev, void *arg)
|
|
|
|
|
{
|
2022-04-04 17:12:37 +02:00
|
|
|
struct __ap_calc_ctrs *pctrs = (struct __ap_calc_ctrs *)arg;
|
2020-08-31 10:16:26 +02:00
|
|
|
|
|
|
|
|
if (is_queue_dev(dev)) {
|
|
|
|
|
pctrs->apqns++;
|
2021-06-07 11:18:43 +02:00
|
|
|
if (dev->driver)
|
2020-08-31 10:16:26 +02:00
|
|
|
pctrs->bound++;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void ap_calc_bound_apqns(unsigned int *apqns, unsigned int *bound)
|
|
|
|
|
{
|
|
|
|
|
struct __ap_calc_ctrs ctrs;
|
|
|
|
|
|
|
|
|
|
memset(&ctrs, 0, sizeof(ctrs));
|
2022-04-04 17:12:37 +02:00
|
|
|
bus_for_each_dev(&ap_bus_type, NULL, (void *)&ctrs, __ap_calc_helper);
|
2007-03-30 22:23:12 -07:00
|
|
|
|
2020-08-31 10:16:26 +02:00
|
|
|
*apqns = ctrs.apqns;
|
|
|
|
|
*bound = ctrs.bound;
|
2006-09-20 15:58:25 +02:00
|
|
|
}
|
|
|
|
|
|
2020-08-31 10:16:26 +02:00
|
|
|
/*
|
2024-01-30 15:30:22 +01:00
|
|
|
* After ap bus scan do check if all existing APQNs are
|
2020-08-31 10:16:26 +02:00
|
|
|
* bound to device drivers.
|
|
|
|
|
*/
|
|
|
|
|
static void ap_check_bindings_complete(void)
|
|
|
|
|
{
|
|
|
|
|
unsigned int apqns, bound;
|
|
|
|
|
|
|
|
|
|
if (atomic64_read(&ap_scan_bus_count) >= 1) {
|
|
|
|
|
ap_calc_bound_apqns(&apqns, &bound);
|
|
|
|
|
if (bound == apqns) {
|
2024-01-30 15:30:22 +01:00
|
|
|
if (!completion_done(&ap_apqn_bindings_complete)) {
|
|
|
|
|
complete_all(&ap_apqn_bindings_complete);
|
2024-05-13 11:21:48 +02:00
|
|
|
ap_send_bindings_complete_uevent();
|
2024-07-16 14:16:35 +02:00
|
|
|
pr_debug("all apqn bindings complete\n");
|
2020-08-31 10:16:26 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Interface to wait for the AP bus to have done one initial ap bus
|
|
|
|
|
* scan and all detected APQNs have been bound to device drivers.
|
|
|
|
|
* If these both conditions are not fulfilled, this function blocks
|
|
|
|
|
* on a condition with wait_for_completion_interruptible_timeout().
|
|
|
|
|
* If these both conditions are fulfilled (before the timeout hits)
|
|
|
|
|
* the return value is 0. If the timeout (in jiffies) hits instead
|
|
|
|
|
* -ETIME is returned. On failures negative return values are
|
|
|
|
|
* returned to the caller.
|
|
|
|
|
*/
|
2024-01-30 15:30:22 +01:00
|
|
|
int ap_wait_apqn_bindings_complete(unsigned long timeout)
|
2020-08-31 10:16:26 +02:00
|
|
|
{
|
2024-01-30 15:30:22 +01:00
|
|
|
int rc = 0;
|
2020-08-31 10:16:26 +02:00
|
|
|
long l;
|
|
|
|
|
|
2024-01-30 15:30:22 +01:00
|
|
|
if (completion_done(&ap_apqn_bindings_complete))
|
2020-08-31 10:16:26 +02:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
if (timeout)
|
|
|
|
|
l = wait_for_completion_interruptible_timeout(
|
2024-01-30 15:30:22 +01:00
|
|
|
&ap_apqn_bindings_complete, timeout);
|
2020-08-31 10:16:26 +02:00
|
|
|
else
|
|
|
|
|
l = wait_for_completion_interruptible(
|
2024-01-30 15:30:22 +01:00
|
|
|
&ap_apqn_bindings_complete);
|
2020-08-31 10:16:26 +02:00
|
|
|
if (l < 0)
|
2024-01-30 15:30:22 +01:00
|
|
|
rc = l == -ERESTARTSYS ? -EINTR : l;
|
2020-08-31 10:16:26 +02:00
|
|
|
else if (l == 0 && timeout)
|
2024-01-30 15:30:22 +01:00
|
|
|
rc = -ETIME;
|
2020-08-31 10:16:26 +02:00
|
|
|
|
2024-07-16 14:16:35 +02:00
|
|
|
pr_debug("rc=%d\n", rc);
|
2024-01-30 15:30:22 +01:00
|
|
|
return rc;
|
2020-08-31 10:16:26 +02:00
|
|
|
}
|
2024-01-30 15:30:22 +01:00
|
|
|
EXPORT_SYMBOL(ap_wait_apqn_bindings_complete);
|
2020-08-31 10:16:26 +02:00
|
|
|
|
2016-08-25 11:16:03 +02:00
|
|
|
static int __ap_queue_devices_with_id_unregister(struct device *dev, void *data)
|
2015-07-17 13:43:18 +02:00
|
|
|
{
|
2016-08-25 11:16:03 +02:00
|
|
|
if (is_queue_dev(dev) &&
|
2022-04-04 17:12:37 +02:00
|
|
|
AP_QID_CARD(to_ap_queue(dev)->qid) == (int)(long)data)
|
2016-08-25 11:16:03 +02:00
|
|
|
device_unregister(dev);
|
2015-07-17 13:43:18 +02:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
static int __ap_revise_reserved(struct device *dev, void *dummy)
|
|
|
|
|
{
|
|
|
|
|
int rc, card, queue, devres, drvres;
|
|
|
|
|
|
|
|
|
|
if (is_queue_dev(dev)) {
|
|
|
|
|
card = AP_QID_CARD(to_ap_queue(dev)->qid);
|
|
|
|
|
queue = AP_QID_QUEUE(to_ap_queue(dev)->qid);
|
|
|
|
|
mutex_lock(&ap_perms_mutex);
|
2022-04-04 17:12:37 +02:00
|
|
|
devres = test_bit_inv(card, ap_perms.apm) &&
|
|
|
|
|
test_bit_inv(queue, ap_perms.aqm);
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
mutex_unlock(&ap_perms_mutex);
|
|
|
|
|
drvres = to_ap_drv(dev->driver)->flags
|
|
|
|
|
& AP_DRIVER_FLAG_DEFAULT;
|
|
|
|
|
if (!!devres != !!drvres) {
|
2024-07-16 14:16:35 +02:00
|
|
|
pr_debug("reprobing queue=%02x.%04x\n", card, queue);
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
rc = device_reprobe(dev);
|
2021-10-20 16:14:11 +02:00
|
|
|
if (rc)
|
|
|
|
|
AP_DBF_WARN("%s reprobing queue=%02x.%04x failed\n",
|
|
|
|
|
__func__, card, queue);
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void ap_bus_revise_bindings(void)
|
|
|
|
|
{
|
|
|
|
|
bus_for_each_dev(&ap_bus_type, NULL, NULL, __ap_revise_reserved);
|
|
|
|
|
}
|
|
|
|
|
|
2021-09-30 11:43:38 -04:00
|
|
|
/**
|
|
|
|
|
* ap_owned_by_def_drv: indicates whether an AP adapter is reserved for the
|
|
|
|
|
* default host driver or not.
|
|
|
|
|
* @card: the APID of the adapter card to check
|
|
|
|
|
* @queue: the APQI of the queue to check
|
|
|
|
|
*
|
|
|
|
|
* Note: the ap_perms_mutex must be locked by the caller of this function.
|
|
|
|
|
*
|
|
|
|
|
* Return: an int specifying whether the AP adapter is reserved for the host (1)
|
|
|
|
|
* or not (0).
|
|
|
|
|
*/
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
int ap_owned_by_def_drv(int card, int queue)
|
|
|
|
|
{
|
|
|
|
|
int rc = 0;
|
|
|
|
|
|
|
|
|
|
if (card < 0 || card >= AP_DEVICES || queue < 0 || queue >= AP_DOMAINS)
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
2022-04-04 17:12:37 +02:00
|
|
|
if (test_bit_inv(card, ap_perms.apm) &&
|
|
|
|
|
test_bit_inv(queue, ap_perms.aqm))
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
rc = 1;
|
|
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
EXPORT_SYMBOL(ap_owned_by_def_drv);
|
|
|
|
|
|
2021-09-30 11:43:38 -04:00
|
|
|
/**
|
|
|
|
|
* ap_apqn_in_matrix_owned_by_def_drv: indicates whether every APQN contained in
|
|
|
|
|
* a set is reserved for the host drivers
|
|
|
|
|
* or not.
|
|
|
|
|
* @apm: a bitmap specifying a set of APIDs comprising the APQNs to check
|
|
|
|
|
* @aqm: a bitmap specifying a set of APQIs comprising the APQNs to check
|
|
|
|
|
*
|
|
|
|
|
* Note: the ap_perms_mutex must be locked by the caller of this function.
|
|
|
|
|
*
|
|
|
|
|
* Return: an int specifying whether each APQN is reserved for the host (1) or
|
|
|
|
|
* not (0)
|
|
|
|
|
*/
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
int ap_apqn_in_matrix_owned_by_def_drv(unsigned long *apm,
|
|
|
|
|
unsigned long *aqm)
|
|
|
|
|
{
|
|
|
|
|
int card, queue, rc = 0;
|
|
|
|
|
|
|
|
|
|
for (card = 0; !rc && card < AP_DEVICES; card++)
|
|
|
|
|
if (test_bit_inv(card, apm) &&
|
|
|
|
|
test_bit_inv(card, ap_perms.apm))
|
|
|
|
|
for (queue = 0; !rc && queue < AP_DOMAINS; queue++)
|
|
|
|
|
if (test_bit_inv(queue, aqm) &&
|
|
|
|
|
test_bit_inv(queue, ap_perms.aqm))
|
|
|
|
|
rc = 1;
|
|
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
EXPORT_SYMBOL(ap_apqn_in_matrix_owned_by_def_drv);
|
|
|
|
|
|
2006-09-20 15:58:25 +02:00
|
|
|
static int ap_device_probe(struct device *dev)
|
|
|
|
|
{
|
|
|
|
|
struct ap_device *ap_dev = to_ap_dev(dev);
|
2015-09-14 17:01:23 +02:00
|
|
|
struct ap_driver *ap_drv = to_ap_drv(dev->driver);
|
2020-10-20 12:20:30 +02:00
|
|
|
int card, queue, devres, drvres, rc = -ENODEV;
|
|
|
|
|
|
|
|
|
|
if (!get_device(dev))
|
|
|
|
|
return rc;
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
|
|
|
|
|
if (is_queue_dev(dev)) {
|
|
|
|
|
/*
|
|
|
|
|
* If the apqn is marked as reserved/used by ap bus and
|
|
|
|
|
* default drivers, only probe with drivers with the default
|
|
|
|
|
* flag set. If it is not marked, only probe with drivers
|
|
|
|
|
* with the default flag not set.
|
|
|
|
|
*/
|
|
|
|
|
card = AP_QID_CARD(to_ap_queue(dev)->qid);
|
|
|
|
|
queue = AP_QID_QUEUE(to_ap_queue(dev)->qid);
|
|
|
|
|
mutex_lock(&ap_perms_mutex);
|
2022-04-04 17:12:37 +02:00
|
|
|
devres = test_bit_inv(card, ap_perms.apm) &&
|
|
|
|
|
test_bit_inv(queue, ap_perms.aqm);
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
mutex_unlock(&ap_perms_mutex);
|
|
|
|
|
drvres = ap_drv->flags & AP_DRIVER_FLAG_DEFAULT;
|
|
|
|
|
if (!!devres != !!drvres)
|
2020-10-20 12:20:30 +02:00
|
|
|
goto out;
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
}
|
2014-07-14 19:11:48 +02:00
|
|
|
|
2024-05-13 11:21:48 +02:00
|
|
|
/*
|
|
|
|
|
* Rearm the bindings complete completion to trigger
|
|
|
|
|
* bindings complete when all devices are bound again
|
|
|
|
|
*/
|
|
|
|
|
reinit_completion(&ap_apqn_bindings_complete);
|
|
|
|
|
|
2017-05-24 10:26:29 +02:00
|
|
|
/* Add queue/card to list of active queues/cards */
|
2020-05-08 15:51:19 +02:00
|
|
|
spin_lock_bh(&ap_queues_lock);
|
|
|
|
|
if (is_queue_dev(dev))
|
|
|
|
|
hash_add(ap_queues, &to_ap_queue(dev)->hnode,
|
|
|
|
|
to_ap_queue(dev)->qid);
|
|
|
|
|
spin_unlock_bh(&ap_queues_lock);
|
2017-05-24 10:26:29 +02:00
|
|
|
|
2006-09-20 15:58:25 +02:00
|
|
|
rc = ap_drv->probe ? ap_drv->probe(ap_dev) : -ENODEV;
|
2017-05-24 10:26:29 +02:00
|
|
|
|
|
|
|
|
if (rc) {
|
2020-05-08 15:51:19 +02:00
|
|
|
spin_lock_bh(&ap_queues_lock);
|
|
|
|
|
if (is_queue_dev(dev))
|
|
|
|
|
hash_del(&to_ap_queue(dev)->hnode);
|
|
|
|
|
spin_unlock_bh(&ap_queues_lock);
|
2022-04-04 17:12:37 +02:00
|
|
|
}
|
2017-05-24 10:26:29 +02:00
|
|
|
|
2020-10-20 12:20:30 +02:00
|
|
|
out:
|
|
|
|
|
if (rc)
|
|
|
|
|
put_device(dev);
|
2006-09-20 15:58:25 +02:00
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-13 21:35:22 +02:00
|
|
|
static void ap_device_remove(struct device *dev)
|
2006-09-20 15:58:25 +02:00
|
|
|
{
|
|
|
|
|
struct ap_device *ap_dev = to_ap_dev(dev);
|
2021-06-07 11:18:43 +02:00
|
|
|
struct ap_driver *ap_drv = to_ap_drv(dev->driver);
|
2006-09-20 15:58:25 +02:00
|
|
|
|
2019-02-22 17:24:11 +01:00
|
|
|
/* prepare ap queue device removal */
|
2018-11-09 14:59:24 +01:00
|
|
|
if (is_queue_dev(dev))
|
2019-02-22 17:24:11 +01:00
|
|
|
ap_queue_prepare_remove(to_ap_queue(dev));
|
|
|
|
|
|
|
|
|
|
/* driver's chance to clean up gracefully */
|
2017-05-24 10:26:29 +02:00
|
|
|
if (ap_drv->remove)
|
|
|
|
|
ap_drv->remove(ap_dev);
|
|
|
|
|
|
2019-02-22 17:24:11 +01:00
|
|
|
/* now do the ap queue device remove */
|
|
|
|
|
if (is_queue_dev(dev))
|
|
|
|
|
ap_queue_remove(to_ap_queue(dev));
|
|
|
|
|
|
2017-05-24 10:26:29 +02:00
|
|
|
/* Remove queue/card from list of active queues/cards */
|
2020-05-08 15:51:19 +02:00
|
|
|
spin_lock_bh(&ap_queues_lock);
|
|
|
|
|
if (is_queue_dev(dev))
|
|
|
|
|
hash_del(&to_ap_queue(dev)->hnode);
|
|
|
|
|
spin_unlock_bh(&ap_queues_lock);
|
2017-05-24 10:26:29 +02:00
|
|
|
|
2020-10-20 12:20:30 +02:00
|
|
|
put_device(dev);
|
2006-09-20 15:58:25 +02:00
|
|
|
}
|
|
|
|
|
|
2020-05-08 15:51:19 +02:00
|
|
|
struct ap_queue *ap_get_qdev(ap_qid_t qid)
|
|
|
|
|
{
|
|
|
|
|
int bkt;
|
|
|
|
|
struct ap_queue *aq;
|
|
|
|
|
|
|
|
|
|
spin_lock_bh(&ap_queues_lock);
|
|
|
|
|
hash_for_each(ap_queues, bkt, aq, hnode) {
|
|
|
|
|
if (aq->qid == qid) {
|
|
|
|
|
get_device(&aq->ap_dev.device);
|
|
|
|
|
spin_unlock_bh(&ap_queues_lock);
|
|
|
|
|
return aq;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
spin_unlock_bh(&ap_queues_lock);
|
|
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
EXPORT_SYMBOL(ap_get_qdev);
|
|
|
|
|
|
2006-09-20 15:58:25 +02:00
|
|
|
int ap_driver_register(struct ap_driver *ap_drv, struct module *owner,
|
|
|
|
|
char *name)
|
|
|
|
|
{
|
|
|
|
|
struct device_driver *drv = &ap_drv->driver;
|
2024-08-06 12:06:23 +02:00
|
|
|
int rc;
|
2006-09-20 15:58:25 +02:00
|
|
|
|
|
|
|
|
drv->bus = &ap_bus_type;
|
|
|
|
|
drv->owner = owner;
|
|
|
|
|
drv->name = name;
|
2024-08-06 12:06:23 +02:00
|
|
|
rc = driver_register(drv);
|
|
|
|
|
|
|
|
|
|
ap_check_bindings_complete();
|
|
|
|
|
|
|
|
|
|
return rc;
|
2006-09-20 15:58:25 +02:00
|
|
|
}
|
|
|
|
|
EXPORT_SYMBOL(ap_driver_register);
|
|
|
|
|
|
|
|
|
|
void ap_driver_unregister(struct ap_driver *ap_drv)
|
|
|
|
|
{
|
|
|
|
|
driver_unregister(&ap_drv->driver);
|
|
|
|
|
}
|
|
|
|
|
EXPORT_SYMBOL(ap_driver_unregister);
|
|
|
|
|
|
2024-01-30 17:42:50 +01:00
|
|
|
/*
|
|
|
|
|
* Enforce a synchronous AP bus rescan.
|
|
|
|
|
* Returns true if the bus scan finds a change in the AP configuration
|
|
|
|
|
* and AP devices have been added or deleted when this function returns.
|
|
|
|
|
*/
|
|
|
|
|
bool ap_bus_force_rescan(void)
|
2012-09-10 21:34:26 +02:00
|
|
|
{
|
2024-01-30 17:42:50 +01:00
|
|
|
unsigned long scan_counter = atomic64_read(&ap_scan_bus_count);
|
|
|
|
|
bool rc = false;
|
|
|
|
|
|
2024-07-16 14:16:35 +02:00
|
|
|
pr_debug("> scan counter=%lu\n", scan_counter);
|
2024-01-30 17:42:50 +01:00
|
|
|
|
2023-10-23 09:57:10 +02:00
|
|
|
/* Only trigger AP bus scans after the initial scan is done */
|
2024-01-30 17:42:50 +01:00
|
|
|
if (scan_counter <= 0)
|
|
|
|
|
goto out;
|
2023-10-23 09:57:10 +02:00
|
|
|
|
2024-08-28 14:25:08 +02:00
|
|
|
/*
|
|
|
|
|
* There is one unlikely but nevertheless valid scenario where the
|
|
|
|
|
* thread holding the mutex may try to send some crypto load but
|
|
|
|
|
* all cards are offline so a rescan is triggered which causes
|
|
|
|
|
* a recursive call of ap_bus_force_rescan(). A simple return if
|
|
|
|
|
* the mutex is already locked by this thread solves this.
|
|
|
|
|
*/
|
|
|
|
|
if (mutex_is_locked(&ap_scan_bus_mutex)) {
|
|
|
|
|
if (ap_scan_bus_task == current)
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
2024-01-30 17:42:50 +01:00
|
|
|
/* Try to acquire the AP scan bus mutex */
|
|
|
|
|
if (mutex_trylock(&ap_scan_bus_mutex)) {
|
|
|
|
|
/* mutex acquired, run the AP bus scan */
|
2024-08-28 14:25:08 +02:00
|
|
|
ap_scan_bus_task = current;
|
2024-01-30 17:42:50 +01:00
|
|
|
ap_scan_bus_result = ap_scan_bus();
|
|
|
|
|
rc = ap_scan_bus_result;
|
2024-08-28 14:25:08 +02:00
|
|
|
ap_scan_bus_task = NULL;
|
2024-01-30 17:42:50 +01:00
|
|
|
mutex_unlock(&ap_scan_bus_mutex);
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Mutex acquire failed. So there is currently another task
|
|
|
|
|
* already running the AP bus scan. Then let's simple wait
|
|
|
|
|
* for the lock which means the other task has finished and
|
|
|
|
|
* stored the result in ap_scan_bus_result.
|
|
|
|
|
*/
|
|
|
|
|
if (mutex_lock_interruptible(&ap_scan_bus_mutex)) {
|
|
|
|
|
/* some error occurred, ignore and go out */
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
|
|
|
|
rc = ap_scan_bus_result;
|
|
|
|
|
mutex_unlock(&ap_scan_bus_mutex);
|
|
|
|
|
|
|
|
|
|
out:
|
2024-07-16 14:16:35 +02:00
|
|
|
pr_debug("rc=%d\n", rc);
|
2024-01-30 17:42:50 +01:00
|
|
|
return rc;
|
2012-09-10 21:34:26 +02:00
|
|
|
}
|
|
|
|
|
EXPORT_SYMBOL(ap_bus_force_rescan);
|
|
|
|
|
|
2019-02-18 12:01:35 -05:00
|
|
|
/*
|
2022-04-04 17:12:37 +02:00
|
|
|
* A config change has happened, force an ap bus rescan.
|
|
|
|
|
*/
|
2024-02-19 17:32:54 +01:00
|
|
|
static int ap_bus_cfg_chg(struct notifier_block *nb,
|
|
|
|
|
unsigned long action, void *data)
|
2019-02-18 12:01:35 -05:00
|
|
|
{
|
2024-02-19 17:32:54 +01:00
|
|
|
if (action != CHSC_NOTIFY_AP_CFG)
|
|
|
|
|
return NOTIFY_DONE;
|
|
|
|
|
|
2024-07-16 14:16:35 +02:00
|
|
|
pr_debug("config change, forcing bus rescan\n");
|
2019-02-18 12:01:35 -05:00
|
|
|
|
|
|
|
|
ap_bus_force_rescan();
|
2024-02-19 17:32:54 +01:00
|
|
|
|
|
|
|
|
return NOTIFY_OK;
|
2019-02-18 12:01:35 -05:00
|
|
|
}
|
|
|
|
|
|
2024-02-19 17:32:54 +01:00
|
|
|
static struct notifier_block ap_bus_nb = {
|
|
|
|
|
.notifier_call = ap_bus_cfg_chg,
|
|
|
|
|
};
|
|
|
|
|
|
2024-04-15 11:25:51 -04:00
|
|
|
int ap_hex2bitmap(const char *str, unsigned long *bitmap, int bits)
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
{
|
|
|
|
|
int i, n, b;
|
|
|
|
|
|
|
|
|
|
/* bits needs to be a multiple of 8 */
|
|
|
|
|
if (bits & 0x07)
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
|
|
if (str[0] == '0' && str[1] == 'x')
|
|
|
|
|
str++;
|
|
|
|
|
if (*str == 'x')
|
|
|
|
|
str++;
|
|
|
|
|
|
|
|
|
|
for (i = 0; isxdigit(*str) && i < bits; str++) {
|
|
|
|
|
b = hex_to_bin(*str);
|
|
|
|
|
for (n = 0; n < 4; n++)
|
|
|
|
|
if (b & (0x08 >> n))
|
|
|
|
|
set_bit_inv(i + n, bitmap);
|
|
|
|
|
i += 4;
|
|
|
|
|
}
|
|
|
|
|
|
2018-08-20 15:27:45 +02:00
|
|
|
if (*str == '\n')
|
|
|
|
|
str++;
|
|
|
|
|
if (*str)
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2024-04-15 11:25:51 -04:00
|
|
|
EXPORT_SYMBOL(ap_hex2bitmap);
|
2018-08-20 15:27:45 +02:00
|
|
|
|
|
|
|
|
/*
|
2018-09-05 07:45:11 +02:00
|
|
|
* modify_bitmap() - parse bitmask argument and modify an existing
|
|
|
|
|
* bit mask accordingly. A concatenation (done with ',') of these
|
|
|
|
|
* terms is recognized:
|
2018-08-20 15:27:45 +02:00
|
|
|
* +<bitnr>[-<bitnr>] or -<bitnr>[-<bitnr>]
|
|
|
|
|
* <bitnr> may be any valid number (hex, decimal or octal) in the range
|
|
|
|
|
* 0...bits-1; the leading + or - is required. Here are some examples:
|
|
|
|
|
* +0-15,+32,-128,-0xFF
|
|
|
|
|
* -0-255,+1-16,+0x128
|
|
|
|
|
* +1,+2,+3,+4,-5,-7-10
|
2018-09-05 07:45:11 +02:00
|
|
|
* Returns the new bitmap after all changes have been applied. Every
|
|
|
|
|
* positive value in the string will set a bit and every negative value
|
|
|
|
|
* in the string will clear a bit. As a bit may be touched more than once,
|
|
|
|
|
* the last 'operation' wins:
|
|
|
|
|
* +0-255,-128 = first bits 0-255 will be set, then bit 128 will be
|
|
|
|
|
* cleared again. All other bits are unmodified.
|
2018-08-20 15:27:45 +02:00
|
|
|
*/
|
2018-09-05 07:45:11 +02:00
|
|
|
static int modify_bitmap(const char *str, unsigned long *bitmap, int bits)
|
2018-08-20 15:27:45 +02:00
|
|
|
{
|
s390/ap: Fix crash in AP internal function modify_bitmap()
A system crash like this
Failing address: 200000cb7df6f000 TEID: 200000cb7df6f403
Fault in home space mode while using kernel ASCE.
AS:00000002d71bc007 R3:00000003fe5b8007 S:000000011a446000 P:000000015660c13d
Oops: 0038 ilc:3 [#1] PREEMPT SMP
Modules linked in: mlx5_ib ...
CPU: 8 PID: 7556 Comm: bash Not tainted 6.9.0-rc7 #8
Hardware name: IBM 3931 A01 704 (LPAR)
Krnl PSW : 0704e00180000000 0000014b75e7b606 (ap_parse_bitmap_str+0x10e/0x1f8)
R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3
Krnl GPRS: 0000000000000001 ffffffffffffffc0 0000000000000001 00000048f96b75d3
000000cb00000100 ffffffffffffffff ffffffffffffffff 000000cb7df6fce0
000000cb7df6fce0 00000000ffffffff 000000000000002b 00000048ffffffff
000003ff9b2dbc80 200000cb7df6fcd8 0000014bffffffc0 000000cb7df6fbc8
Krnl Code: 0000014b75e7b5fc: a7840047 brc 8,0000014b75e7b68a
0000014b75e7b600: 18b2 lr %r11,%r2
#0000014b75e7b602: a7f4000a brc 15,0000014b75e7b616
>0000014b75e7b606: eb22d00000e6 laog %r2,%r2,0(%r13)
0000014b75e7b60c: a7680001 lhi %r6,1
0000014b75e7b610: 187b lr %r7,%r11
0000014b75e7b612: 84960021 brxh %r9,%r6,0000014b75e7b654
0000014b75e7b616: 18e9 lr %r14,%r9
Call Trace:
[<0000014b75e7b606>] ap_parse_bitmap_str+0x10e/0x1f8
([<0000014b75e7b5dc>] ap_parse_bitmap_str+0xe4/0x1f8)
[<0000014b75e7b758>] apmask_store+0x68/0x140
[<0000014b75679196>] kernfs_fop_write_iter+0x14e/0x1e8
[<0000014b75598524>] vfs_write+0x1b4/0x448
[<0000014b7559894c>] ksys_write+0x74/0x100
[<0000014b7618a440>] __do_syscall+0x268/0x328
[<0000014b761a3558>] system_call+0x70/0x98
INFO: lockdep is turned off.
Last Breaking-Event-Address:
[<0000014b75e7b636>] ap_parse_bitmap_str+0x13e/0x1f8
Kernel panic - not syncing: Fatal exception: panic_on_oops
occured when /sys/bus/ap/a[pq]mask was updated with a relative mask value
(like +0x10-0x12,+60,-90) with one of the numeric values exceeding INT_MAX.
The fix is simple: use unsigned long values for the internal variables. The
correct checks are already in place in the function but a simple int for
the internal variables was used with the possibility to overflow.
Reported-by: Marc Hartmayer <mhartmay@linux.ibm.com>
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Tested-by: Marc Hartmayer <mhartmay@linux.ibm.com>
Reviewed-by: Holger Dengler <dengler@linux.ibm.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Heiko Carstens <hca@linux.ibm.com>
2024-05-13 14:49:13 +02:00
|
|
|
unsigned long a, i, z;
|
2018-08-20 15:27:45 +02:00
|
|
|
char *np, sign;
|
|
|
|
|
|
|
|
|
|
/* bits needs to be a multiple of 8 */
|
|
|
|
|
if (bits & 0x07)
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
return -EINVAL;
|
|
|
|
|
|
2018-08-20 15:27:45 +02:00
|
|
|
while (*str) {
|
|
|
|
|
sign = *str++;
|
|
|
|
|
if (sign != '+' && sign != '-')
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
a = z = simple_strtoul(str, &np, 0);
|
|
|
|
|
if (str == np || a >= bits)
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
str = np;
|
|
|
|
|
if (*str == '-') {
|
|
|
|
|
z = simple_strtoul(++str, &np, 0);
|
|
|
|
|
if (str == np || a > z || z >= bits)
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
str = np;
|
|
|
|
|
}
|
|
|
|
|
for (i = a; i <= z; i++)
|
2018-09-05 07:45:11 +02:00
|
|
|
if (sign == '+')
|
|
|
|
|
set_bit_inv(i, bitmap);
|
|
|
|
|
else
|
|
|
|
|
clear_bit_inv(i, bitmap);
|
2018-08-20 15:27:45 +02:00
|
|
|
while (*str == ',' || *str == '\n')
|
|
|
|
|
str++;
|
|
|
|
|
}
|
|
|
|
|
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2019-02-01 16:21:11 -05:00
|
|
|
static int ap_parse_bitmap_str(const char *str, unsigned long *bitmap, int bits,
|
|
|
|
|
unsigned long *newmap)
|
|
|
|
|
{
|
|
|
|
|
unsigned long size;
|
|
|
|
|
int rc;
|
|
|
|
|
|
|
|
|
|
size = BITS_TO_LONGS(bits) * sizeof(unsigned long);
|
|
|
|
|
if (*str == '+' || *str == '-') {
|
|
|
|
|
memcpy(newmap, bitmap, size);
|
|
|
|
|
rc = modify_bitmap(str, newmap, bits);
|
|
|
|
|
} else {
|
|
|
|
|
memset(newmap, 0, size);
|
2024-04-15 11:25:51 -04:00
|
|
|
rc = ap_hex2bitmap(str, newmap, bits);
|
2019-02-01 16:21:11 -05:00
|
|
|
}
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
s390/zcrypt: multiple zcrypt device nodes support
This patch is an extension to the zcrypt device driver to provide,
support and maintain multiple zcrypt device nodes. The individual
zcrypt device nodes can be restricted in terms of crypto cards,
domains and available ioctls. Such a device node can be used as a
base for container solutions like docker to control and restrict
the access to crypto resources.
The handling is done with a new sysfs subdir /sys/class/zcrypt.
Echoing a name (or an empty sting) into the attribute "create" creates
a new zcrypt device node. In /sys/class/zcrypt a new link will appear
which points to the sysfs device tree of this new device. The
attribute files "ioctlmask", "apmask" and "aqmask" in this directory
are used to customize this new zcrypt device node instance. Finally
the zcrypt device node can be destroyed by echoing the name into
/sys/class/zcrypt/destroy. The internal structs holding the device
info are reference counted - so a destroy will not hard remove a
device but only marks it as removable when the reference counter drops
to zero.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
* Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
* Relative format - a concatenation (done with ',') of the
terms +<bitnr>[-<bitnr>] or -<bitnr>[-<bitnr>]. <bitnr> may be any
valid number (hex, decimal or octal) in the range 0...255. Here are
some examples:
"+0-15,+32,-128,-0xFF"
"-0-255,+1-16,+0x128"
"+1,+2,+3,+4,-5,-7-10"
A simple usage examples:
# create new zcrypt device 'my_zcrypt':
echo "my_zcrypt" >/sys/class/zcrypt/create
# go into the device dir of this new device
echo "my_zcrypt" >create
cd my_zcrypt/
ls -l
total 0
-rw-r--r-- 1 root root 4096 Jul 20 15:23 apmask
-rw-r--r-- 1 root root 4096 Jul 20 15:23 aqmask
-r--r--r-- 1 root root 4096 Jul 20 15:23 dev
-rw-r--r-- 1 root root 4096 Jul 20 15:23 ioctlmask
lrwxrwxrwx 1 root root 0 Jul 20 15:23 subsystem -> ../../../../class/zcrypt
...
# customize this zcrypt node clone
# enable only adapter 0 and 2
echo "0xa0" >apmask
# enable only domain 6
echo "+6" >aqmask
# enable all 256 ioctls
echo "+0-255" >ioctls
# now the /dev/my_zcrypt may be used
# finally destroy it
echo "my_zcrypt" >/sys/class/zcrypt/destroy
Please note that a very similar 'filtering behavior' also applies to
the parent z90crypt device. The two mask attributes apmask and aqmask
in /sys/bus/ap act the very same for the z90crypt device node. However
the implementation here is totally different as the ap bus acts on
bind/unbind of queue devices and associated drivers but the effect is
still the same. So there are two filters active for each additional
zcrypt device node: The adapter/domain needs to be enabled on the ap
bus level and it needs to be active on the zcrypt device node level.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-09-17 16:18:41 +02:00
|
|
|
int ap_parse_mask_str(const char *str,
|
|
|
|
|
unsigned long *bitmap, int bits,
|
|
|
|
|
struct mutex *lock)
|
2018-08-20 15:27:45 +02:00
|
|
|
{
|
2018-09-05 07:45:11 +02:00
|
|
|
unsigned long *newmap, size;
|
|
|
|
|
int rc;
|
2018-08-20 15:27:45 +02:00
|
|
|
|
|
|
|
|
/* bits needs to be a multiple of 8 */
|
|
|
|
|
if (bits & 0x07)
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
2022-04-04 17:12:37 +02:00
|
|
|
size = BITS_TO_LONGS(bits) * sizeof(unsigned long);
|
2018-09-05 07:45:11 +02:00
|
|
|
newmap = kmalloc(size, GFP_KERNEL);
|
|
|
|
|
if (!newmap)
|
|
|
|
|
return -ENOMEM;
|
|
|
|
|
if (mutex_lock_interruptible(lock)) {
|
|
|
|
|
kfree(newmap);
|
|
|
|
|
return -ERESTARTSYS;
|
|
|
|
|
}
|
2019-02-01 16:21:11 -05:00
|
|
|
rc = ap_parse_bitmap_str(str, bitmap, bits, newmap);
|
2018-09-05 07:45:11 +02:00
|
|
|
if (rc == 0)
|
|
|
|
|
memcpy(bitmap, newmap, size);
|
2018-08-20 15:27:45 +02:00
|
|
|
mutex_unlock(lock);
|
2018-09-05 07:45:11 +02:00
|
|
|
kfree(newmap);
|
|
|
|
|
return rc;
|
2018-08-20 15:27:45 +02:00
|
|
|
}
|
s390/zcrypt: multiple zcrypt device nodes support
This patch is an extension to the zcrypt device driver to provide,
support and maintain multiple zcrypt device nodes. The individual
zcrypt device nodes can be restricted in terms of crypto cards,
domains and available ioctls. Such a device node can be used as a
base for container solutions like docker to control and restrict
the access to crypto resources.
The handling is done with a new sysfs subdir /sys/class/zcrypt.
Echoing a name (or an empty sting) into the attribute "create" creates
a new zcrypt device node. In /sys/class/zcrypt a new link will appear
which points to the sysfs device tree of this new device. The
attribute files "ioctlmask", "apmask" and "aqmask" in this directory
are used to customize this new zcrypt device node instance. Finally
the zcrypt device node can be destroyed by echoing the name into
/sys/class/zcrypt/destroy. The internal structs holding the device
info are reference counted - so a destroy will not hard remove a
device but only marks it as removable when the reference counter drops
to zero.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
* Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
* Relative format - a concatenation (done with ',') of the
terms +<bitnr>[-<bitnr>] or -<bitnr>[-<bitnr>]. <bitnr> may be any
valid number (hex, decimal or octal) in the range 0...255. Here are
some examples:
"+0-15,+32,-128,-0xFF"
"-0-255,+1-16,+0x128"
"+1,+2,+3,+4,-5,-7-10"
A simple usage examples:
# create new zcrypt device 'my_zcrypt':
echo "my_zcrypt" >/sys/class/zcrypt/create
# go into the device dir of this new device
echo "my_zcrypt" >create
cd my_zcrypt/
ls -l
total 0
-rw-r--r-- 1 root root 4096 Jul 20 15:23 apmask
-rw-r--r-- 1 root root 4096 Jul 20 15:23 aqmask
-r--r--r-- 1 root root 4096 Jul 20 15:23 dev
-rw-r--r-- 1 root root 4096 Jul 20 15:23 ioctlmask
lrwxrwxrwx 1 root root 0 Jul 20 15:23 subsystem -> ../../../../class/zcrypt
...
# customize this zcrypt node clone
# enable only adapter 0 and 2
echo "0xa0" >apmask
# enable only domain 6
echo "+6" >aqmask
# enable all 256 ioctls
echo "+0-255" >ioctls
# now the /dev/my_zcrypt may be used
# finally destroy it
echo "my_zcrypt" >/sys/class/zcrypt/destroy
Please note that a very similar 'filtering behavior' also applies to
the parent z90crypt device. The two mask attributes apmask and aqmask
in /sys/bus/ap act the very same for the z90crypt device node. However
the implementation here is totally different as the ap bus acts on
bind/unbind of queue devices and associated drivers but the effect is
still the same. So there are two filters active for each additional
zcrypt device node: The adapter/domain needs to be enabled on the ap
bus level and it needs to be active on the zcrypt device node level.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-09-17 16:18:41 +02:00
|
|
|
EXPORT_SYMBOL(ap_parse_mask_str);
|
2018-08-20 15:27:45 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* AP bus attributes.
|
|
|
|
|
*/
|
|
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t ap_domain_show(const struct bus_type *bus, char *buf)
|
2006-09-20 15:58:25 +02:00
|
|
|
{
|
2023-02-06 10:53:08 +01:00
|
|
|
return sysfs_emit(buf, "%d\n", ap_domain_index);
|
2006-09-20 15:58:25 +02:00
|
|
|
}
|
|
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t ap_domain_store(const struct bus_type *bus,
|
2016-08-25 11:11:30 +02:00
|
|
|
const char *buf, size_t count)
|
|
|
|
|
{
|
|
|
|
|
int domain;
|
|
|
|
|
|
|
|
|
|
if (sscanf(buf, "%i\n", &domain) != 1 ||
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
domain < 0 || domain > ap_max_domain_id ||
|
|
|
|
|
!test_bit_inv(domain, ap_perms.aqm))
|
2016-08-25 11:11:30 +02:00
|
|
|
return -EINVAL;
|
2020-07-01 12:40:39 +02:00
|
|
|
|
2016-08-25 11:11:30 +02:00
|
|
|
spin_lock_bh(&ap_domain_lock);
|
|
|
|
|
ap_domain_index = domain;
|
|
|
|
|
spin_unlock_bh(&ap_domain_lock);
|
2016-11-24 06:45:21 +01:00
|
|
|
|
2021-10-15 12:00:22 +02:00
|
|
|
AP_DBF_INFO("%s stored new default domain=%d\n",
|
|
|
|
|
__func__, domain);
|
2016-11-24 06:45:21 +01:00
|
|
|
|
2016-08-25 11:11:30 +02:00
|
|
|
return count;
|
|
|
|
|
}
|
|
|
|
|
|
2018-08-17 12:36:01 +02:00
|
|
|
static BUS_ATTR_RW(ap_domain);
|
2006-09-20 15:58:25 +02:00
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t ap_control_domain_mask_show(const struct bus_type *bus, char *buf)
|
2013-11-20 10:47:13 +01:00
|
|
|
{
|
2024-03-08 15:54:43 +01:00
|
|
|
if (!ap_qci_info->flags) /* QCI not supported */
|
2023-02-06 10:53:08 +01:00
|
|
|
return sysfs_emit(buf, "not supported\n");
|
2020-03-12 11:19:55 +01:00
|
|
|
|
2023-02-06 10:53:08 +01:00
|
|
|
return sysfs_emit(buf, "0x%08x%08x%08x%08x%08x%08x%08x%08x\n",
|
|
|
|
|
ap_qci_info->adm[0], ap_qci_info->adm[1],
|
|
|
|
|
ap_qci_info->adm[2], ap_qci_info->adm[3],
|
|
|
|
|
ap_qci_info->adm[4], ap_qci_info->adm[5],
|
|
|
|
|
ap_qci_info->adm[6], ap_qci_info->adm[7]);
|
2013-11-20 10:47:13 +01:00
|
|
|
}
|
|
|
|
|
|
2018-08-17 12:36:01 +02:00
|
|
|
static BUS_ATTR_RO(ap_control_domain_mask);
|
2013-11-20 10:47:13 +01:00
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t ap_usage_domain_mask_show(const struct bus_type *bus, char *buf)
|
2016-08-25 11:16:03 +02:00
|
|
|
{
|
2024-03-08 15:54:43 +01:00
|
|
|
if (!ap_qci_info->flags) /* QCI not supported */
|
2023-02-06 10:53:08 +01:00
|
|
|
return sysfs_emit(buf, "not supported\n");
|
2020-03-12 11:19:55 +01:00
|
|
|
|
2023-02-06 10:53:08 +01:00
|
|
|
return sysfs_emit(buf, "0x%08x%08x%08x%08x%08x%08x%08x%08x\n",
|
|
|
|
|
ap_qci_info->aqm[0], ap_qci_info->aqm[1],
|
|
|
|
|
ap_qci_info->aqm[2], ap_qci_info->aqm[3],
|
|
|
|
|
ap_qci_info->aqm[4], ap_qci_info->aqm[5],
|
|
|
|
|
ap_qci_info->aqm[6], ap_qci_info->aqm[7]);
|
2016-08-25 11:16:03 +02:00
|
|
|
}
|
|
|
|
|
|
2018-08-17 12:36:01 +02:00
|
|
|
static BUS_ATTR_RO(ap_usage_domain_mask);
|
2006-09-20 15:58:25 +02:00
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t ap_adapter_mask_show(const struct bus_type *bus, char *buf)
|
2018-10-01 15:29:01 +02:00
|
|
|
{
|
2024-03-08 15:54:43 +01:00
|
|
|
if (!ap_qci_info->flags) /* QCI not supported */
|
2023-02-06 10:53:08 +01:00
|
|
|
return sysfs_emit(buf, "not supported\n");
|
2020-03-12 11:19:55 +01:00
|
|
|
|
2023-02-06 10:53:08 +01:00
|
|
|
return sysfs_emit(buf, "0x%08x%08x%08x%08x%08x%08x%08x%08x\n",
|
|
|
|
|
ap_qci_info->apm[0], ap_qci_info->apm[1],
|
|
|
|
|
ap_qci_info->apm[2], ap_qci_info->apm[3],
|
|
|
|
|
ap_qci_info->apm[4], ap_qci_info->apm[5],
|
|
|
|
|
ap_qci_info->apm[6], ap_qci_info->apm[7]);
|
2018-10-01 15:29:01 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static BUS_ATTR_RO(ap_adapter_mask);
|
|
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t ap_interrupts_show(const struct bus_type *bus, char *buf)
|
2008-12-25 13:38:41 +01:00
|
|
|
{
|
2023-02-06 10:53:08 +01:00
|
|
|
return sysfs_emit(buf, "%d\n", ap_irq_flag ? 1 : 0);
|
2008-12-25 13:38:41 +01:00
|
|
|
}
|
|
|
|
|
|
2018-08-17 12:36:01 +02:00
|
|
|
static BUS_ATTR_RO(ap_interrupts);
|
|
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t config_time_show(const struct bus_type *bus, char *buf)
|
2018-08-17 12:36:01 +02:00
|
|
|
{
|
2024-01-30 16:50:05 +01:00
|
|
|
return sysfs_emit(buf, "%d\n", ap_scan_bus_time);
|
2018-08-17 12:36:01 +02:00
|
|
|
}
|
2008-12-25 13:38:41 +01:00
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t config_time_store(const struct bus_type *bus,
|
2018-08-17 12:36:01 +02:00
|
|
|
const char *buf, size_t count)
|
2006-09-20 15:58:25 +02:00
|
|
|
{
|
|
|
|
|
int time;
|
|
|
|
|
|
|
|
|
|
if (sscanf(buf, "%d\n", &time) != 1 || time < 5 || time > 120)
|
|
|
|
|
return -EINVAL;
|
2024-01-30 16:50:05 +01:00
|
|
|
ap_scan_bus_time = time;
|
|
|
|
|
mod_timer(&ap_scan_bus_timer, jiffies + ap_scan_bus_time * HZ);
|
2006-09-20 15:58:25 +02:00
|
|
|
return count;
|
|
|
|
|
}
|
|
|
|
|
|
2018-08-17 12:36:01 +02:00
|
|
|
static BUS_ATTR_RW(config_time);
|
2006-09-20 15:58:25 +02:00
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t poll_thread_show(const struct bus_type *bus, char *buf)
|
2006-09-20 15:58:25 +02:00
|
|
|
{
|
2023-02-06 10:53:08 +01:00
|
|
|
return sysfs_emit(buf, "%d\n", ap_poll_kthread ? 1 : 0);
|
2006-09-20 15:58:25 +02:00
|
|
|
}
|
|
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t poll_thread_store(const struct bus_type *bus,
|
2018-08-17 12:36:01 +02:00
|
|
|
const char *buf, size_t count)
|
2006-09-20 15:58:25 +02:00
|
|
|
{
|
2022-10-21 15:41:00 +02:00
|
|
|
bool value;
|
|
|
|
|
int rc;
|
2006-09-20 15:58:25 +02:00
|
|
|
|
2022-10-21 15:41:00 +02:00
|
|
|
rc = kstrtobool(buf, &value);
|
|
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
|
|
|
|
|
|
|
|
|
if (value) {
|
2006-09-20 15:58:25 +02:00
|
|
|
rc = ap_poll_thread_start();
|
|
|
|
|
if (rc)
|
2015-07-17 13:43:18 +02:00
|
|
|
count = rc;
|
2022-04-04 17:12:37 +02:00
|
|
|
} else {
|
2006-09-20 15:58:25 +02:00
|
|
|
ap_poll_thread_stop();
|
2022-04-04 17:12:37 +02:00
|
|
|
}
|
2006-09-20 15:58:25 +02:00
|
|
|
return count;
|
|
|
|
|
}
|
|
|
|
|
|
2018-08-17 12:36:01 +02:00
|
|
|
static BUS_ATTR_RW(poll_thread);
|
2006-09-20 15:58:25 +02:00
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t poll_timeout_show(const struct bus_type *bus, char *buf)
|
2008-07-14 09:59:08 +02:00
|
|
|
{
|
2022-10-21 15:41:00 +02:00
|
|
|
return sysfs_emit(buf, "%lu\n", poll_high_timeout);
|
2008-07-14 09:59:08 +02:00
|
|
|
}
|
|
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t poll_timeout_store(const struct bus_type *bus, const char *buf,
|
2008-07-14 09:59:08 +02:00
|
|
|
size_t count)
|
|
|
|
|
{
|
2022-10-21 15:41:00 +02:00
|
|
|
unsigned long value;
|
2008-07-14 09:59:08 +02:00
|
|
|
ktime_t hr_time;
|
2022-10-21 15:41:00 +02:00
|
|
|
int rc;
|
|
|
|
|
|
|
|
|
|
rc = kstrtoul(buf, 0, &value);
|
|
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
2008-07-14 09:59:08 +02:00
|
|
|
|
|
|
|
|
/* 120 seconds = maximum poll interval */
|
2022-10-21 15:41:00 +02:00
|
|
|
if (value > 120000000000UL)
|
2008-07-14 09:59:08 +02:00
|
|
|
return -EINVAL;
|
2022-10-21 15:41:00 +02:00
|
|
|
poll_high_timeout = value;
|
|
|
|
|
hr_time = poll_high_timeout;
|
2008-07-14 09:59:08 +02:00
|
|
|
|
2015-04-28 10:31:44 +02:00
|
|
|
spin_lock_bh(&ap_poll_timer_lock);
|
|
|
|
|
hrtimer_cancel(&ap_poll_timer);
|
|
|
|
|
hrtimer_set_expires(&ap_poll_timer, hr_time);
|
|
|
|
|
hrtimer_start_expires(&ap_poll_timer, HRTIMER_MODE_ABS);
|
|
|
|
|
spin_unlock_bh(&ap_poll_timer_lock);
|
|
|
|
|
|
2008-07-14 09:59:08 +02:00
|
|
|
return count;
|
|
|
|
|
}
|
|
|
|
|
|
2018-08-17 12:36:01 +02:00
|
|
|
static BUS_ATTR_RW(poll_timeout);
|
2008-07-14 09:59:08 +02:00
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t ap_max_domain_id_show(const struct bus_type *bus, char *buf)
|
2015-01-23 13:27:04 +01:00
|
|
|
{
|
2023-02-06 10:53:08 +01:00
|
|
|
return sysfs_emit(buf, "%d\n", ap_max_domain_id);
|
2015-01-23 13:27:04 +01:00
|
|
|
}
|
|
|
|
|
|
2018-08-17 12:36:01 +02:00
|
|
|
static BUS_ATTR_RO(ap_max_domain_id);
|
2015-01-23 13:27:04 +01:00
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t ap_max_adapter_id_show(const struct bus_type *bus, char *buf)
|
2020-07-01 12:40:39 +02:00
|
|
|
{
|
2023-02-06 10:53:08 +01:00
|
|
|
return sysfs_emit(buf, "%d\n", ap_max_adapter_id);
|
2020-07-01 12:40:39 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static BUS_ATTR_RO(ap_max_adapter_id);
|
|
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t apmask_show(const struct bus_type *bus, char *buf)
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
|
|
|
|
|
if (mutex_lock_interruptible(&ap_perms_mutex))
|
|
|
|
|
return -ERESTARTSYS;
|
2023-02-06 10:53:08 +01:00
|
|
|
rc = sysfs_emit(buf, "0x%016lx%016lx%016lx%016lx\n",
|
|
|
|
|
ap_perms.apm[0], ap_perms.apm[1],
|
|
|
|
|
ap_perms.apm[2], ap_perms.apm[3]);
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
mutex_unlock(&ap_perms_mutex);
|
|
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
2019-02-01 16:21:11 -05:00
|
|
|
static int __verify_card_reservations(struct device_driver *drv, void *data)
|
|
|
|
|
{
|
|
|
|
|
int rc = 0;
|
|
|
|
|
struct ap_driver *ap_drv = to_ap_drv(drv);
|
|
|
|
|
unsigned long *newapm = (unsigned long *)data;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* increase the driver's module refcounter to be sure it is not
|
|
|
|
|
* going away when we invoke the callback function.
|
|
|
|
|
*/
|
|
|
|
|
if (!try_module_get(drv->owner))
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
if (ap_drv->in_use) {
|
|
|
|
|
rc = ap_drv->in_use(newapm, ap_perms.aqm);
|
|
|
|
|
if (rc)
|
|
|
|
|
rc = -EBUSY;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* release the driver's module */
|
|
|
|
|
module_put(drv->owner);
|
|
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int apmask_commit(unsigned long *newapm)
|
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
unsigned long reserved[BITS_TO_LONGS(AP_DEVICES)];
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Check if any bits in the apmask have been set which will
|
|
|
|
|
* result in queues being removed from non-default drivers
|
|
|
|
|
*/
|
|
|
|
|
if (bitmap_andnot(reserved, newapm, ap_perms.apm, AP_DEVICES)) {
|
|
|
|
|
rc = bus_for_each_drv(&ap_bus_type, NULL, reserved,
|
|
|
|
|
__verify_card_reservations);
|
|
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
memcpy(ap_perms.apm, newapm, APMASKSIZE);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t apmask_store(const struct bus_type *bus, const char *buf,
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
size_t count)
|
|
|
|
|
{
|
2022-03-23 12:13:32 +01:00
|
|
|
int rc, changes = 0;
|
2019-02-01 16:21:11 -05:00
|
|
|
DECLARE_BITMAP(newapm, AP_DEVICES);
|
|
|
|
|
|
|
|
|
|
if (mutex_lock_interruptible(&ap_perms_mutex))
|
|
|
|
|
return -ERESTARTSYS;
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
|
2019-02-01 16:21:11 -05:00
|
|
|
rc = ap_parse_bitmap_str(buf, ap_perms.apm, AP_DEVICES, newapm);
|
|
|
|
|
if (rc)
|
|
|
|
|
goto done;
|
|
|
|
|
|
2022-03-23 12:13:32 +01:00
|
|
|
changes = memcmp(ap_perms.apm, newapm, APMASKSIZE);
|
|
|
|
|
if (changes)
|
|
|
|
|
rc = apmask_commit(newapm);
|
2019-02-01 16:21:11 -05:00
|
|
|
|
|
|
|
|
done:
|
|
|
|
|
mutex_unlock(&ap_perms_mutex);
|
2018-08-20 15:27:45 +02:00
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
|
2022-03-23 12:13:32 +01:00
|
|
|
if (changes) {
|
|
|
|
|
ap_bus_revise_bindings();
|
|
|
|
|
ap_send_mask_changed_uevent(newapm, NULL);
|
|
|
|
|
}
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
|
|
|
|
|
return count;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static BUS_ATTR_RW(apmask);
|
|
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t aqmask_show(const struct bus_type *bus, char *buf)
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
|
|
|
|
|
if (mutex_lock_interruptible(&ap_perms_mutex))
|
|
|
|
|
return -ERESTARTSYS;
|
2023-02-06 10:53:08 +01:00
|
|
|
rc = sysfs_emit(buf, "0x%016lx%016lx%016lx%016lx\n",
|
|
|
|
|
ap_perms.aqm[0], ap_perms.aqm[1],
|
|
|
|
|
ap_perms.aqm[2], ap_perms.aqm[3]);
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
mutex_unlock(&ap_perms_mutex);
|
|
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
2019-02-01 16:21:11 -05:00
|
|
|
static int __verify_queue_reservations(struct device_driver *drv, void *data)
|
|
|
|
|
{
|
|
|
|
|
int rc = 0;
|
|
|
|
|
struct ap_driver *ap_drv = to_ap_drv(drv);
|
|
|
|
|
unsigned long *newaqm = (unsigned long *)data;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* increase the driver's module refcounter to be sure it is not
|
|
|
|
|
* going away when we invoke the callback function.
|
|
|
|
|
*/
|
|
|
|
|
if (!try_module_get(drv->owner))
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
if (ap_drv->in_use) {
|
|
|
|
|
rc = ap_drv->in_use(ap_perms.apm, newaqm);
|
|
|
|
|
if (rc)
|
2022-07-06 17:43:29 -04:00
|
|
|
rc = -EBUSY;
|
2019-02-01 16:21:11 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* release the driver's module */
|
|
|
|
|
module_put(drv->owner);
|
|
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int aqmask_commit(unsigned long *newaqm)
|
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
unsigned long reserved[BITS_TO_LONGS(AP_DOMAINS)];
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Check if any bits in the aqmask have been set which will
|
|
|
|
|
* result in queues being removed from non-default drivers
|
|
|
|
|
*/
|
|
|
|
|
if (bitmap_andnot(reserved, newaqm, ap_perms.aqm, AP_DOMAINS)) {
|
|
|
|
|
rc = bus_for_each_drv(&ap_bus_type, NULL, reserved,
|
|
|
|
|
__verify_queue_reservations);
|
|
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
memcpy(ap_perms.aqm, newaqm, AQMASKSIZE);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t aqmask_store(const struct bus_type *bus, const char *buf,
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
size_t count)
|
|
|
|
|
{
|
2022-03-23 12:13:32 +01:00
|
|
|
int rc, changes = 0;
|
2019-02-01 16:21:11 -05:00
|
|
|
DECLARE_BITMAP(newaqm, AP_DOMAINS);
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
|
2019-02-01 16:21:11 -05:00
|
|
|
if (mutex_lock_interruptible(&ap_perms_mutex))
|
|
|
|
|
return -ERESTARTSYS;
|
|
|
|
|
|
|
|
|
|
rc = ap_parse_bitmap_str(buf, ap_perms.aqm, AP_DOMAINS, newaqm);
|
|
|
|
|
if (rc)
|
|
|
|
|
goto done;
|
|
|
|
|
|
2022-03-23 12:13:32 +01:00
|
|
|
changes = memcmp(ap_perms.aqm, newaqm, APMASKSIZE);
|
|
|
|
|
if (changes)
|
|
|
|
|
rc = aqmask_commit(newaqm);
|
2019-02-01 16:21:11 -05:00
|
|
|
|
|
|
|
|
done:
|
|
|
|
|
mutex_unlock(&ap_perms_mutex);
|
2018-08-20 15:27:45 +02:00
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
|
2022-03-23 12:13:32 +01:00
|
|
|
if (changes) {
|
|
|
|
|
ap_bus_revise_bindings();
|
|
|
|
|
ap_send_mask_changed_uevent(NULL, newaqm);
|
|
|
|
|
}
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
|
|
|
|
|
return count;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static BUS_ATTR_RW(aqmask);
|
|
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t scans_show(const struct bus_type *bus, char *buf)
|
2020-08-31 10:16:26 +02:00
|
|
|
{
|
2023-02-06 10:53:08 +01:00
|
|
|
return sysfs_emit(buf, "%llu\n", atomic64_read(&ap_scan_bus_count));
|
2020-08-31 10:16:26 +02:00
|
|
|
}
|
|
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t scans_store(const struct bus_type *bus, const char *buf,
|
2022-02-16 12:30:34 +01:00
|
|
|
size_t count)
|
|
|
|
|
{
|
|
|
|
|
AP_DBF_INFO("%s force AP bus rescan\n", __func__);
|
|
|
|
|
|
|
|
|
|
ap_bus_force_rescan();
|
|
|
|
|
|
|
|
|
|
return count;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static BUS_ATTR_RW(scans);
|
2020-08-31 10:16:26 +02:00
|
|
|
|
2023-03-13 19:29:05 +01:00
|
|
|
static ssize_t bindings_show(const struct bus_type *bus, char *buf)
|
2020-08-31 10:16:26 +02:00
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
unsigned int apqns, n;
|
|
|
|
|
|
|
|
|
|
ap_calc_bound_apqns(&apqns, &n);
|
|
|
|
|
if (atomic64_read(&ap_scan_bus_count) >= 1 && n == apqns)
|
2023-02-06 10:53:08 +01:00
|
|
|
rc = sysfs_emit(buf, "%u/%u (complete)\n", n, apqns);
|
2020-08-31 10:16:26 +02:00
|
|
|
else
|
2023-02-06 10:53:08 +01:00
|
|
|
rc = sysfs_emit(buf, "%u/%u\n", n, apqns);
|
2020-08-31 10:16:26 +02:00
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static BUS_ATTR_RO(bindings);
|
|
|
|
|
|
s390 updates for the 6.4 merge window
- Add support for stackleak feature. Also allow specifying
architecture-specific stackleak poison function to enable faster
implementation. On s390, the mvc-based implementation helps decrease
typical overhead from a factor of 3 to just 25%
- Convert all assembler files to use SYM* style macros, deprecating the
ENTRY() macro and other annotations. Select ARCH_USE_SYM_ANNOTATIONS
- Improve KASLR to also randomize module and special amode31 code
base load addresses
- Rework decompressor memory tracking to support memory holes and improve
error handling
- Add support for protected virtualization AP binding
- Add support for set_direct_map() calls
- Implement set_memory_rox() and noexec module_alloc()
- Remove obsolete overriding of mem*() functions for KASAN
- Rework kexec/kdump to avoid using nodat_stack to call purgatory
- Convert the rest of the s390 code to use flexible-array member instead
of a zero-length array
- Clean up uaccess inline asm
- Enable ARCH_HAS_MEMBARRIER_SYNC_CORE
- Convert to using CONFIG_FUNCTION_ALIGNMENT and enable
DEBUG_FORCE_FUNCTION_ALIGN_64B
- Resolve last_break in userspace fault reports
- Simplify one-level sysctl registration
- Clean up branch prediction handling
- Rework CPU counter facility to retrieve available counter sets just
once
- Other various small fixes and improvements all over the code
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEE3QHqV+H2a8xAv27vjYWKoQLXFBgFAmRM8pwACgkQjYWKoQLX
FBjV1AgAlvAhu1XkwOdwqdT4GqE8pcN4XXzydog1MYihrSO2PdgWAxpEW7o2QURN
W+3xa6RIqt7nX2YBiwTanMZ12TYaFY7noGl3eUpD/NhueprweVirVl7VZUEuRoW/
j0mbx77xsVzLfuDFxkpVwE6/j+tTO78kLyjUHwcN9rFVUaL7/orJneDJf+V8fZG0
sHLOv0aljF7Jr2IIkw82lCmW/vdk7k0dACWMXK2kj1H3dIK34B9X4AdKDDf/WKXk
/OSElBeZ93tSGEfNDRIda6iR52xocROaRnQAaDtargKFl9VO0/dN9ADxO+SLNHjN
pFE/9VD6xT/xo4IuZZh/Z3TcYfiLvA==
=Geqx
-----END PGP SIGNATURE-----
Merge tag 's390-6.4-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux
Pull s390 updates from Vasily Gorbik:
- Add support for stackleak feature. Also allow specifying
architecture-specific stackleak poison function to enable faster
implementation. On s390, the mvc-based implementation helps decrease
typical overhead from a factor of 3 to just 25%
- Convert all assembler files to use SYM* style macros, deprecating the
ENTRY() macro and other annotations. Select ARCH_USE_SYM_ANNOTATIONS
- Improve KASLR to also randomize module and special amode31 code base
load addresses
- Rework decompressor memory tracking to support memory holes and
improve error handling
- Add support for protected virtualization AP binding
- Add support for set_direct_map() calls
- Implement set_memory_rox() and noexec module_alloc()
- Remove obsolete overriding of mem*() functions for KASAN
- Rework kexec/kdump to avoid using nodat_stack to call purgatory
- Convert the rest of the s390 code to use flexible-array member
instead of a zero-length array
- Clean up uaccess inline asm
- Enable ARCH_HAS_MEMBARRIER_SYNC_CORE
- Convert to using CONFIG_FUNCTION_ALIGNMENT and enable
DEBUG_FORCE_FUNCTION_ALIGN_64B
- Resolve last_break in userspace fault reports
- Simplify one-level sysctl registration
- Clean up branch prediction handling
- Rework CPU counter facility to retrieve available counter sets just
once
- Other various small fixes and improvements all over the code
* tag 's390-6.4-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux: (118 commits)
s390/stackleak: provide fast __stackleak_poison() implementation
stackleak: allow to specify arch specific stackleak poison function
s390: select ARCH_USE_SYM_ANNOTATIONS
s390/mm: use VM_FLUSH_RESET_PERMS in module_alloc()
s390: wire up memfd_secret system call
s390/mm: enable ARCH_HAS_SET_DIRECT_MAP
s390/mm: use BIT macro to generate SET_MEMORY bit masks
s390/relocate_kernel: adjust indentation
s390/relocate_kernel: use SYM* macros instead of ENTRY(), etc.
s390/entry: use SYM* macros instead of ENTRY(), etc.
s390/purgatory: use SYM* macros instead of ENTRY(), etc.
s390/kprobes: use SYM* macros instead of ENTRY(), etc.
s390/reipl: use SYM* macros instead of ENTRY(), etc.
s390/head64: use SYM* macros instead of ENTRY(), etc.
s390/earlypgm: use SYM* macros instead of ENTRY(), etc.
s390/mcount: use SYM* macros instead of ENTRY(), etc.
s390/crc32le: use SYM* macros instead of ENTRY(), etc.
s390/crc32be: use SYM* macros instead of ENTRY(), etc.
s390/crypto,chacha: use SYM* macros instead of ENTRY(), etc.
s390/amode31: use SYM* macros instead of ENTRY(), etc.
...
2023-04-30 11:43:31 -07:00
|
|
|
static ssize_t features_show(const struct bus_type *bus, char *buf)
|
2022-09-20 15:18:39 +02:00
|
|
|
{
|
|
|
|
|
int n = 0;
|
|
|
|
|
|
2024-03-08 15:54:43 +01:00
|
|
|
if (!ap_qci_info->flags) /* QCI not supported */
|
2022-09-20 15:18:39 +02:00
|
|
|
return sysfs_emit(buf, "-\n");
|
|
|
|
|
|
|
|
|
|
if (ap_qci_info->apsc)
|
|
|
|
|
n += sysfs_emit_at(buf, n, "APSC ");
|
|
|
|
|
if (ap_qci_info->apxa)
|
|
|
|
|
n += sysfs_emit_at(buf, n, "APXA ");
|
|
|
|
|
if (ap_qci_info->qact)
|
|
|
|
|
n += sysfs_emit_at(buf, n, "QACT ");
|
|
|
|
|
if (ap_qci_info->rc8a)
|
|
|
|
|
n += sysfs_emit_at(buf, n, "RC8A ");
|
|
|
|
|
if (ap_qci_info->apsb)
|
|
|
|
|
n += sysfs_emit_at(buf, n, "APSB ");
|
|
|
|
|
|
|
|
|
|
sysfs_emit_at(buf, n == 0 ? 0 : n - 1, "\n");
|
|
|
|
|
|
|
|
|
|
return n;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static BUS_ATTR_RO(features);
|
|
|
|
|
|
2020-11-09 14:41:07 +01:00
|
|
|
static struct attribute *ap_bus_attrs[] = {
|
|
|
|
|
&bus_attr_ap_domain.attr,
|
|
|
|
|
&bus_attr_ap_control_domain_mask.attr,
|
|
|
|
|
&bus_attr_ap_usage_domain_mask.attr,
|
|
|
|
|
&bus_attr_ap_adapter_mask.attr,
|
|
|
|
|
&bus_attr_config_time.attr,
|
|
|
|
|
&bus_attr_poll_thread.attr,
|
|
|
|
|
&bus_attr_ap_interrupts.attr,
|
|
|
|
|
&bus_attr_poll_timeout.attr,
|
|
|
|
|
&bus_attr_ap_max_domain_id.attr,
|
|
|
|
|
&bus_attr_ap_max_adapter_id.attr,
|
|
|
|
|
&bus_attr_apmask.attr,
|
|
|
|
|
&bus_attr_aqmask.attr,
|
|
|
|
|
&bus_attr_scans.attr,
|
|
|
|
|
&bus_attr_bindings.attr,
|
2022-09-20 15:18:39 +02:00
|
|
|
&bus_attr_features.attr,
|
2008-07-14 09:59:08 +02:00
|
|
|
NULL,
|
2006-09-20 15:58:25 +02:00
|
|
|
};
|
2020-11-09 14:41:07 +01:00
|
|
|
ATTRIBUTE_GROUPS(ap_bus);
|
|
|
|
|
|
2024-02-03 11:58:02 -03:00
|
|
|
static const struct bus_type ap_bus_type = {
|
2020-11-09 14:41:07 +01:00
|
|
|
.name = "ap",
|
|
|
|
|
.bus_groups = ap_bus_groups,
|
|
|
|
|
.match = &ap_bus_match,
|
|
|
|
|
.uevent = &ap_uevent,
|
2021-04-16 12:46:27 +02:00
|
|
|
.probe = ap_device_probe,
|
|
|
|
|
.remove = ap_device_remove,
|
2020-11-09 14:41:07 +01:00
|
|
|
};
|
2006-09-20 15:58:25 +02:00
|
|
|
|
|
|
|
|
/**
|
2018-09-17 15:23:03 +02:00
|
|
|
* ap_select_domain(): Select an AP domain if possible and we haven't
|
|
|
|
|
* already done so before.
|
2006-09-20 15:58:25 +02:00
|
|
|
*/
|
2018-09-17 15:23:03 +02:00
|
|
|
static void ap_select_domain(void)
|
2006-09-20 15:58:25 +02:00
|
|
|
{
|
2015-06-26 15:40:41 +02:00
|
|
|
struct ap_queue_status status;
|
2020-07-01 12:40:39 +02:00
|
|
|
int card, dom;
|
2006-09-20 15:58:25 +02:00
|
|
|
|
2008-04-17 07:46:28 +02:00
|
|
|
/*
|
2020-07-01 12:40:39 +02:00
|
|
|
* Choose the default domain. Either the one specified with
|
|
|
|
|
* the "domain=" parameter or the first domain with at least
|
|
|
|
|
* one valid APQN.
|
2006-09-20 15:58:25 +02:00
|
|
|
*/
|
2016-08-25 11:11:30 +02:00
|
|
|
spin_lock_bh(&ap_domain_lock);
|
|
|
|
|
if (ap_domain_index >= 0) {
|
2006-09-20 15:58:25 +02:00
|
|
|
/* Domain has already been selected. */
|
2020-07-01 12:40:39 +02:00
|
|
|
goto out;
|
2016-08-25 11:11:30 +02:00
|
|
|
}
|
2020-07-01 12:40:39 +02:00
|
|
|
for (dom = 0; dom <= ap_max_domain_id; dom++) {
|
|
|
|
|
if (!ap_test_config_usage_domain(dom) ||
|
|
|
|
|
!test_bit_inv(dom, ap_perms.aqm))
|
2012-08-28 16:41:50 +02:00
|
|
|
continue;
|
2020-07-01 12:40:39 +02:00
|
|
|
for (card = 0; card <= ap_max_adapter_id; card++) {
|
|
|
|
|
if (!ap_test_config_card_id(card) ||
|
|
|
|
|
!test_bit_inv(card, ap_perms.apm))
|
2012-08-28 16:41:50 +02:00
|
|
|
continue;
|
2020-07-01 12:40:39 +02:00
|
|
|
status = ap_test_queue(AP_MKQID(card, dom),
|
2016-11-08 07:09:13 +01:00
|
|
|
ap_apft_available(),
|
|
|
|
|
NULL);
|
2020-07-01 12:40:39 +02:00
|
|
|
if (status.response_code == AP_RESPONSE_NORMAL)
|
|
|
|
|
break;
|
2006-09-20 15:58:25 +02:00
|
|
|
}
|
2020-07-01 12:40:39 +02:00
|
|
|
if (card <= ap_max_adapter_id)
|
|
|
|
|
break;
|
2006-09-20 15:58:25 +02:00
|
|
|
}
|
2020-07-01 12:40:39 +02:00
|
|
|
if (dom <= ap_max_domain_id) {
|
|
|
|
|
ap_domain_index = dom;
|
2020-07-02 15:56:15 +02:00
|
|
|
AP_DBF_INFO("%s new default domain is %d\n",
|
|
|
|
|
__func__, ap_domain_index);
|
2006-09-20 15:58:25 +02:00
|
|
|
}
|
2020-07-01 12:40:39 +02:00
|
|
|
out:
|
2016-08-25 11:11:30 +02:00
|
|
|
spin_unlock_bh(&ap_domain_lock);
|
2006-09-20 15:58:25 +02:00
|
|
|
}
|
|
|
|
|
|
2017-10-16 12:28:35 +02:00
|
|
|
/*
|
|
|
|
|
* This function checks the type and returns either 0 for not
|
|
|
|
|
* supported or the highest compatible type value (which may
|
|
|
|
|
* include the input type value).
|
|
|
|
|
*/
|
|
|
|
|
static int ap_get_compatible_type(ap_qid_t qid, int rawtype, unsigned int func)
|
|
|
|
|
{
|
|
|
|
|
int comp_type = 0;
|
|
|
|
|
|
2023-06-28 12:36:08 +02:00
|
|
|
/* < CEX4 is not supported */
|
|
|
|
|
if (rawtype < AP_DEVICE_TYPE_CEX4) {
|
2021-10-15 12:00:22 +02:00
|
|
|
AP_DBF_WARN("%s queue=%02x.%04x unsupported type %d\n",
|
|
|
|
|
__func__, AP_QID_CARD(qid),
|
|
|
|
|
AP_QID_QUEUE(qid), rawtype);
|
2017-10-16 12:28:35 +02:00
|
|
|
return 0;
|
2020-07-02 15:56:15 +02:00
|
|
|
}
|
2021-11-16 14:54:19 +01:00
|
|
|
/* up to CEX8 known and fully supported */
|
|
|
|
|
if (rawtype <= AP_DEVICE_TYPE_CEX8)
|
2017-10-16 12:28:35 +02:00
|
|
|
return rawtype;
|
|
|
|
|
/*
|
2021-11-16 14:54:19 +01:00
|
|
|
* unknown new type > CEX8, check for compatibility
|
2017-10-16 12:28:35 +02:00
|
|
|
* to the highest known and supported type which is
|
2021-11-16 14:54:19 +01:00
|
|
|
* currently CEX8 with the help of the QACT function.
|
2017-10-16 12:28:35 +02:00
|
|
|
*/
|
|
|
|
|
if (ap_qact_available()) {
|
|
|
|
|
struct ap_queue_status status;
|
2017-10-30 12:10:54 +01:00
|
|
|
union ap_qact_ap_info apinfo = {0};
|
2017-10-16 12:28:35 +02:00
|
|
|
|
|
|
|
|
apinfo.mode = (func >> 26) & 0x07;
|
2021-11-16 14:54:19 +01:00
|
|
|
apinfo.cat = AP_DEVICE_TYPE_CEX8;
|
2017-10-16 12:28:35 +02:00
|
|
|
status = ap_qact(qid, 0, &apinfo);
|
2022-04-04 17:12:37 +02:00
|
|
|
if (status.response_code == AP_RESPONSE_NORMAL &&
|
2023-06-28 12:36:08 +02:00
|
|
|
apinfo.cat >= AP_DEVICE_TYPE_CEX4 &&
|
2022-04-04 17:12:37 +02:00
|
|
|
apinfo.cat <= AP_DEVICE_TYPE_CEX8)
|
2017-10-16 12:28:35 +02:00
|
|
|
comp_type = apinfo.cat;
|
|
|
|
|
}
|
|
|
|
|
if (!comp_type)
|
2021-10-15 12:00:22 +02:00
|
|
|
AP_DBF_WARN("%s queue=%02x.%04x unable to map type %d\n",
|
|
|
|
|
__func__, AP_QID_CARD(qid),
|
|
|
|
|
AP_QID_QUEUE(qid), rawtype);
|
2017-10-16 12:28:35 +02:00
|
|
|
else if (comp_type != rawtype)
|
2021-10-15 12:00:22 +02:00
|
|
|
AP_DBF_INFO("%s queue=%02x.%04x map type %d to %d\n",
|
|
|
|
|
__func__, AP_QID_CARD(qid), AP_QID_QUEUE(qid),
|
2020-07-02 15:56:15 +02:00
|
|
|
rawtype, comp_type);
|
2017-10-16 12:28:35 +02:00
|
|
|
return comp_type;
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-25 11:16:03 +02:00
|
|
|
/*
|
2018-11-29 11:50:16 +01:00
|
|
|
* Helper function to be used with bus_find_dev
|
2016-08-25 11:16:03 +02:00
|
|
|
* matches for the card device with the given id
|
2006-09-20 15:58:25 +02:00
|
|
|
*/
|
2019-06-14 18:53:59 +01:00
|
|
|
static int __match_card_device_with_id(struct device *dev, const void *data)
|
2006-09-20 15:58:25 +02:00
|
|
|
{
|
2022-04-04 17:12:37 +02:00
|
|
|
return is_card_dev(dev) && to_ap_card(dev)->id == (int)(long)(void *)data;
|
2006-09-20 15:58:25 +02:00
|
|
|
}
|
|
|
|
|
|
2018-11-29 11:50:16 +01:00
|
|
|
/*
|
|
|
|
|
* Helper function to be used with bus_find_dev
|
2016-08-25 11:16:03 +02:00
|
|
|
* matches for the queue device with a given qid
|
|
|
|
|
*/
|
2019-06-14 18:53:59 +01:00
|
|
|
static int __match_queue_device_with_qid(struct device *dev, const void *data)
|
2016-08-25 11:16:03 +02:00
|
|
|
{
|
2022-04-04 17:12:37 +02:00
|
|
|
return is_queue_dev(dev) && to_ap_queue(dev)->qid == (int)(long)data;
|
2016-08-25 11:16:03 +02:00
|
|
|
}
|
|
|
|
|
|
2019-02-05 17:22:36 +01:00
|
|
|
/*
|
|
|
|
|
* Helper function to be used with bus_find_dev
|
|
|
|
|
* matches any queue device with given queue id
|
|
|
|
|
*/
|
2019-06-14 18:53:59 +01:00
|
|
|
static int __match_queue_device_with_queue_id(struct device *dev, const void *data)
|
2019-02-05 17:22:36 +01:00
|
|
|
{
|
2022-04-04 17:12:37 +02:00
|
|
|
return is_queue_dev(dev) &&
|
|
|
|
|
AP_QID_QUEUE(to_ap_queue(dev)->qid) == (int)(long)data;
|
2019-02-05 17:22:36 +01:00
|
|
|
}
|
|
|
|
|
|
s390/ap: notify drivers on config changed and scan complete callbacks
This patch introduces an extension to the ap bus to notify device drivers
when the host AP configuration changes - i.e., adapters, domains or
control domains are added or removed. When an adapter or domain is added to
the host's AP configuration, the AP bus will create the associated queue
devices in the linux sysfs device model. Each new type 10 (i.e., CEX4) or
newer queue device with an APQN that is not reserved for the default device
driver will get bound to the vfio_ap device driver. Likewise, whan an
adapter or domain is removed from the host's AP configuration, the AP bus
will remove the associated queue devices from the sysfs device model. Each
of the queues that is bound to the vfio_ap device driver will get unbound.
With the introduction of hot plug support, binding or unbinding of a
queue device will result in plugging or unplugging one or more queues from
a guest that is using the queue. If there are multiple changes to the
host's AP configuration, it could result in the probe and remove callbacks
getting invoked multiple times. Each time queues are plugged into or
unplugged from a guest, the guest's VCPUs must be taken out of SIE.
If this occurs multiple times due to changes in the host's AP
configuration, that can have an undesirable negative affect on the guest's
performance.
To alleviate this problem, this patch introduces two new callbacks: one to
notify the vfio_ap device driver when the AP bus scan routine detects a
change to the host's AP configuration; and, one to notify the driver when
the AP bus is done scanning. This will allow the vfio_ap driver to do
bulk processing of all affected adapters, domains and control domains for
affected guests rather than plugging or unplugging them one at a time when
the probe or remove callback is invoked. The two new callbacks are:
void (*on_config_changed)(struct ap_config_info *new_config_info,
struct ap_config_info *old_config_info);
This callback is invoked at the start of the AP bus scan
function when it determines that the host AP configuration information
has changed since the previous scan. This is done by storing
an old and current QCI info struct and comparing them. If there is any
difference, the callback is invoked.
void (*on_scan_complete)(struct ap_config_info *new_config_info,
struct ap_config_info *old_config_info);
The on_scan_complete callback is invoked after the ap bus scan is
completed if the host AP configuration data has changed.
Signed-off-by: Tony Krowiak <akrowiak@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2021-10-01 13:39:13 -04:00
|
|
|
/* Helper function for notify_config_changed */
|
|
|
|
|
static int __drv_notify_config_changed(struct device_driver *drv, void *data)
|
|
|
|
|
{
|
|
|
|
|
struct ap_driver *ap_drv = to_ap_drv(drv);
|
|
|
|
|
|
|
|
|
|
if (try_module_get(drv->owner)) {
|
|
|
|
|
if (ap_drv->on_config_changed)
|
|
|
|
|
ap_drv->on_config_changed(ap_qci_info, ap_qci_info_old);
|
|
|
|
|
module_put(drv->owner);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Notify all drivers about an qci config change */
|
|
|
|
|
static inline void notify_config_changed(void)
|
|
|
|
|
{
|
|
|
|
|
bus_for_each_drv(&ap_bus_type, NULL, NULL,
|
|
|
|
|
__drv_notify_config_changed);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Helper function for notify_scan_complete */
|
|
|
|
|
static int __drv_notify_scan_complete(struct device_driver *drv, void *data)
|
|
|
|
|
{
|
|
|
|
|
struct ap_driver *ap_drv = to_ap_drv(drv);
|
|
|
|
|
|
|
|
|
|
if (try_module_get(drv->owner)) {
|
|
|
|
|
if (ap_drv->on_scan_complete)
|
|
|
|
|
ap_drv->on_scan_complete(ap_qci_info,
|
|
|
|
|
ap_qci_info_old);
|
|
|
|
|
module_put(drv->owner);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Notify all drivers about bus scan complete */
|
|
|
|
|
static inline void notify_scan_complete(void)
|
|
|
|
|
{
|
|
|
|
|
bus_for_each_drv(&ap_bus_type, NULL, NULL,
|
|
|
|
|
__drv_notify_scan_complete);
|
|
|
|
|
}
|
|
|
|
|
|
2018-11-29 11:50:16 +01:00
|
|
|
/*
|
|
|
|
|
* Helper function for ap_scan_bus().
|
2020-07-02 16:57:00 +02:00
|
|
|
* Remove card device and associated queue devices.
|
|
|
|
|
*/
|
|
|
|
|
static inline void ap_scan_rm_card_dev_and_queue_devs(struct ap_card *ac)
|
|
|
|
|
{
|
|
|
|
|
bus_for_each_dev(&ap_bus_type, NULL,
|
2022-04-04 17:12:37 +02:00
|
|
|
(void *)(long)ac->id,
|
2020-07-02 16:57:00 +02:00
|
|
|
__ap_queue_devices_with_id_unregister);
|
|
|
|
|
device_unregister(&ac->ap_dev.device);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Helper function for ap_scan_bus().
|
|
|
|
|
* Does the scan bus job for all the domains within
|
|
|
|
|
* a valid adapter given by an ap_card ptr.
|
2016-08-25 11:16:03 +02:00
|
|
|
*/
|
2020-07-02 16:57:00 +02:00
|
|
|
static inline void ap_scan_domains(struct ap_card *ac)
|
2006-09-20 15:58:25 +02:00
|
|
|
{
|
2023-11-04 10:04:31 +01:00
|
|
|
struct ap_tapq_hwinfo hwinfo;
|
2021-11-17 15:38:39 +01:00
|
|
|
bool decfg, chkstop;
|
2018-11-29 11:50:16 +01:00
|
|
|
struct ap_queue *aq;
|
2023-02-15 15:08:15 +01:00
|
|
|
struct device *dev;
|
|
|
|
|
ap_qid_t qid;
|
2023-11-04 10:04:31 +01:00
|
|
|
int rc, dom;
|
2020-07-02 16:57:00 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Go through the configuration for the domains and compare them
|
|
|
|
|
* to the existing queue devices. Also take care of the config
|
|
|
|
|
* and error state for the queue devices.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
for (dom = 0; dom <= ap_max_domain_id; dom++) {
|
|
|
|
|
qid = AP_MKQID(ac->id, dom);
|
|
|
|
|
dev = bus_find_device(&ap_bus_type, NULL,
|
2022-04-04 17:12:37 +02:00
|
|
|
(void *)(long)qid,
|
2020-07-02 16:57:00 +02:00
|
|
|
__match_queue_device_with_qid);
|
|
|
|
|
aq = dev ? to_ap_queue(dev) : NULL;
|
|
|
|
|
if (!ap_test_config_usage_domain(dom)) {
|
|
|
|
|
if (dev) {
|
2021-10-15 12:00:22 +02:00
|
|
|
AP_DBF_INFO("%s(%d,%d) not in config anymore, rm queue dev\n",
|
2020-07-02 16:57:00 +02:00
|
|
|
__func__, ac->id, dom);
|
|
|
|
|
device_unregister(dev);
|
|
|
|
|
}
|
2023-02-15 15:08:15 +01:00
|
|
|
goto put_dev_and_continue;
|
2020-07-02 16:57:00 +02:00
|
|
|
}
|
|
|
|
|
/* domain is valid, get info from this APQN */
|
2023-11-04 10:04:31 +01:00
|
|
|
rc = ap_queue_info(qid, &hwinfo, &decfg, &chkstop);
|
2023-02-15 15:08:15 +01:00
|
|
|
switch (rc) {
|
|
|
|
|
case -1:
|
|
|
|
|
if (dev) {
|
2021-10-15 12:00:22 +02:00
|
|
|
AP_DBF_INFO("%s(%d,%d) queue_info() failed, rm queue dev\n",
|
|
|
|
|
__func__, ac->id, dom);
|
2020-07-02 16:57:00 +02:00
|
|
|
device_unregister(dev);
|
|
|
|
|
}
|
2023-02-15 15:08:15 +01:00
|
|
|
fallthrough;
|
|
|
|
|
case 0:
|
|
|
|
|
goto put_dev_and_continue;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
2020-07-02 16:57:00 +02:00
|
|
|
}
|
|
|
|
|
/* if no queue device exists, create a new one */
|
|
|
|
|
if (!aq) {
|
2024-09-25 15:31:06 +02:00
|
|
|
aq = ap_queue_create(qid, ac);
|
2020-07-02 16:57:00 +02:00
|
|
|
if (!aq) {
|
|
|
|
|
AP_DBF_WARN("%s(%d,%d) ap_queue_create() failed\n",
|
|
|
|
|
__func__, ac->id, dom);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
aq->config = !decfg;
|
2021-11-17 15:38:39 +01:00
|
|
|
aq->chkstop = chkstop;
|
2023-11-09 11:24:20 +01:00
|
|
|
aq->se_bstate = hwinfo.bs;
|
2020-07-02 16:57:00 +02:00
|
|
|
dev = &aq->ap_dev.device;
|
|
|
|
|
dev->bus = &ap_bus_type;
|
|
|
|
|
dev->parent = &ac->ap_dev.device;
|
|
|
|
|
dev_set_name(dev, "%02x.%04x", ac->id, dom);
|
|
|
|
|
/* register queue device */
|
|
|
|
|
rc = device_register(dev);
|
|
|
|
|
if (rc) {
|
|
|
|
|
AP_DBF_WARN("%s(%d,%d) device_register() failed\n",
|
|
|
|
|
__func__, ac->id, dom);
|
|
|
|
|
goto put_dev_and_continue;
|
|
|
|
|
}
|
2020-10-20 12:20:30 +02:00
|
|
|
/* get it and thus adjust reference counter */
|
|
|
|
|
get_device(dev);
|
2023-09-12 09:54:25 +02:00
|
|
|
if (decfg) {
|
2021-10-15 12:00:22 +02:00
|
|
|
AP_DBF_INFO("%s(%d,%d) new (decfg) queue dev created\n",
|
2020-07-02 16:57:00 +02:00
|
|
|
__func__, ac->id, dom);
|
2023-09-12 09:54:25 +02:00
|
|
|
} else if (chkstop) {
|
2021-11-17 15:38:39 +01:00
|
|
|
AP_DBF_INFO("%s(%d,%d) new (chkstop) queue dev created\n",
|
|
|
|
|
__func__, ac->id, dom);
|
2023-09-12 09:54:25 +02:00
|
|
|
} else {
|
|
|
|
|
/* nudge the queue's state machine */
|
|
|
|
|
ap_queue_init_state(aq);
|
2021-10-15 12:00:22 +02:00
|
|
|
AP_DBF_INFO("%s(%d,%d) new queue dev created\n",
|
2020-07-02 16:57:00 +02:00
|
|
|
__func__, ac->id, dom);
|
2023-09-12 09:54:25 +02:00
|
|
|
}
|
2020-07-02 16:57:00 +02:00
|
|
|
goto put_dev_and_continue;
|
|
|
|
|
}
|
2021-11-17 15:38:39 +01:00
|
|
|
/* handle state changes on already existing queue device */
|
2020-07-02 16:57:00 +02:00
|
|
|
spin_lock_bh(&aq->lock);
|
2023-11-09 11:24:20 +01:00
|
|
|
/* SE bind state */
|
|
|
|
|
aq->se_bstate = hwinfo.bs;
|
2021-11-17 15:38:39 +01:00
|
|
|
/* checkstop state */
|
|
|
|
|
if (chkstop && !aq->chkstop) {
|
|
|
|
|
/* checkstop on */
|
|
|
|
|
aq->chkstop = true;
|
|
|
|
|
if (aq->dev_state > AP_DEV_STATE_UNINITIATED) {
|
|
|
|
|
aq->dev_state = AP_DEV_STATE_ERROR;
|
|
|
|
|
aq->last_err_rc = AP_RESPONSE_CHECKSTOPPED;
|
|
|
|
|
}
|
|
|
|
|
spin_unlock_bh(&aq->lock);
|
2024-07-16 14:16:35 +02:00
|
|
|
pr_debug("(%d,%d) queue dev checkstop on\n",
|
|
|
|
|
ac->id, dom);
|
2021-11-17 15:38:39 +01:00
|
|
|
/* 'receive' pending messages with -EAGAIN */
|
|
|
|
|
ap_flush_queue(aq);
|
|
|
|
|
goto put_dev_and_continue;
|
|
|
|
|
} else if (!chkstop && aq->chkstop) {
|
|
|
|
|
/* checkstop off */
|
|
|
|
|
aq->chkstop = false;
|
2023-09-12 09:54:25 +02:00
|
|
|
if (aq->dev_state > AP_DEV_STATE_UNINITIATED)
|
|
|
|
|
_ap_queue_init_state(aq);
|
2021-11-17 15:38:39 +01:00
|
|
|
spin_unlock_bh(&aq->lock);
|
2024-07-16 14:16:35 +02:00
|
|
|
pr_debug("(%d,%d) queue dev checkstop off\n",
|
|
|
|
|
ac->id, dom);
|
2021-11-17 15:38:39 +01:00
|
|
|
goto put_dev_and_continue;
|
|
|
|
|
}
|
|
|
|
|
/* config state change */
|
2020-07-02 16:57:00 +02:00
|
|
|
if (decfg && aq->config) {
|
|
|
|
|
/* config off this queue device */
|
|
|
|
|
aq->config = false;
|
|
|
|
|
if (aq->dev_state > AP_DEV_STATE_UNINITIATED) {
|
|
|
|
|
aq->dev_state = AP_DEV_STATE_ERROR;
|
|
|
|
|
aq->last_err_rc = AP_RESPONSE_DECONFIGURED;
|
|
|
|
|
}
|
|
|
|
|
spin_unlock_bh(&aq->lock);
|
2024-07-16 14:16:35 +02:00
|
|
|
pr_debug("(%d,%d) queue dev config off\n",
|
|
|
|
|
ac->id, dom);
|
2021-04-13 18:11:09 +02:00
|
|
|
ap_send_config_uevent(&aq->ap_dev, aq->config);
|
2020-07-02 16:57:00 +02:00
|
|
|
/* 'receive' pending messages with -EAGAIN */
|
|
|
|
|
ap_flush_queue(aq);
|
|
|
|
|
goto put_dev_and_continue;
|
2021-11-17 15:38:39 +01:00
|
|
|
} else if (!decfg && !aq->config) {
|
2020-07-02 16:57:00 +02:00
|
|
|
/* config on this queue device */
|
|
|
|
|
aq->config = true;
|
2023-09-12 09:54:25 +02:00
|
|
|
if (aq->dev_state > AP_DEV_STATE_UNINITIATED)
|
|
|
|
|
_ap_queue_init_state(aq);
|
2020-07-02 16:57:00 +02:00
|
|
|
spin_unlock_bh(&aq->lock);
|
2024-07-16 14:16:35 +02:00
|
|
|
pr_debug("(%d,%d) queue dev config on\n",
|
|
|
|
|
ac->id, dom);
|
2021-04-13 18:11:09 +02:00
|
|
|
ap_send_config_uevent(&aq->ap_dev, aq->config);
|
2020-07-02 16:57:00 +02:00
|
|
|
goto put_dev_and_continue;
|
|
|
|
|
}
|
|
|
|
|
/* handle other error states */
|
|
|
|
|
if (!decfg && aq->dev_state == AP_DEV_STATE_ERROR) {
|
|
|
|
|
spin_unlock_bh(&aq->lock);
|
|
|
|
|
/* 'receive' pending messages with -EAGAIN */
|
|
|
|
|
ap_flush_queue(aq);
|
|
|
|
|
/* re-init (with reset) the queue device */
|
|
|
|
|
ap_queue_init_state(aq);
|
2021-10-15 12:00:22 +02:00
|
|
|
AP_DBF_INFO("%s(%d,%d) queue dev reinit enforced\n",
|
2020-07-02 16:57:00 +02:00
|
|
|
__func__, ac->id, dom);
|
|
|
|
|
goto put_dev_and_continue;
|
|
|
|
|
}
|
|
|
|
|
spin_unlock_bh(&aq->lock);
|
|
|
|
|
put_dev_and_continue:
|
|
|
|
|
put_device(dev);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Helper function for ap_scan_bus().
|
|
|
|
|
* Does the scan bus job for the given adapter id.
|
|
|
|
|
*/
|
|
|
|
|
static inline void ap_scan_adapter(int ap)
|
|
|
|
|
{
|
2023-11-04 10:04:31 +01:00
|
|
|
struct ap_tapq_hwinfo hwinfo;
|
|
|
|
|
int rc, dom, comp_type;
|
2021-11-17 15:38:39 +01:00
|
|
|
bool decfg, chkstop;
|
2020-07-02 16:57:00 +02:00
|
|
|
struct ap_card *ac;
|
2023-02-15 15:08:15 +01:00
|
|
|
struct device *dev;
|
|
|
|
|
ap_qid_t qid;
|
2018-11-29 11:50:16 +01:00
|
|
|
|
2020-07-02 16:57:00 +02:00
|
|
|
/* Is there currently a card device for this adapter ? */
|
2018-11-29 11:50:16 +01:00
|
|
|
dev = bus_find_device(&ap_bus_type, NULL,
|
2022-04-04 17:12:37 +02:00
|
|
|
(void *)(long)ap,
|
2018-11-29 11:50:16 +01:00
|
|
|
__match_card_device_with_id);
|
|
|
|
|
ac = dev ? to_ap_card(dev) : NULL;
|
2020-07-02 16:57:00 +02:00
|
|
|
|
|
|
|
|
/* Adapter not in configuration ? */
|
|
|
|
|
if (!ap_test_config_card_id(ap)) {
|
|
|
|
|
if (ac) {
|
2021-10-15 12:00:22 +02:00
|
|
|
AP_DBF_INFO("%s(%d) ap not in config any more, rm card and queue devs\n",
|
2020-07-02 16:57:00 +02:00
|
|
|
__func__, ap);
|
|
|
|
|
ap_scan_rm_card_dev_and_queue_devs(ac);
|
2018-11-29 11:50:16 +01:00
|
|
|
put_device(dev);
|
|
|
|
|
}
|
|
|
|
|
return;
|
|
|
|
|
}
|
2016-11-24 06:45:21 +01:00
|
|
|
|
2018-11-29 11:50:16 +01:00
|
|
|
/*
|
2020-07-02 16:57:00 +02:00
|
|
|
* Adapter ap is valid in the current configuration. So do some checks:
|
|
|
|
|
* If no card device exists, build one. If a card device exists, check
|
|
|
|
|
* for type and functions changed. For all this we need to find a valid
|
|
|
|
|
* APQN first.
|
2018-11-29 11:50:16 +01:00
|
|
|
*/
|
2020-07-02 16:57:00 +02:00
|
|
|
|
|
|
|
|
for (dom = 0; dom <= ap_max_domain_id; dom++)
|
|
|
|
|
if (ap_test_config_usage_domain(dom)) {
|
|
|
|
|
qid = AP_MKQID(ap, dom);
|
2023-11-04 10:04:31 +01:00
|
|
|
if (ap_queue_info(qid, &hwinfo, &decfg, &chkstop) > 0)
|
2018-11-29 11:50:16 +01:00
|
|
|
break;
|
|
|
|
|
}
|
2020-07-02 16:57:00 +02:00
|
|
|
if (dom > ap_max_domain_id) {
|
2023-02-15 15:08:15 +01:00
|
|
|
/* Could not find one valid APQN for this adapter */
|
2020-07-02 16:57:00 +02:00
|
|
|
if (ac) {
|
2021-10-15 12:00:22 +02:00
|
|
|
AP_DBF_INFO("%s(%d) no type info (no APQN found), rm card and queue devs\n",
|
|
|
|
|
__func__, ap);
|
2020-07-02 16:57:00 +02:00
|
|
|
ap_scan_rm_card_dev_and_queue_devs(ac);
|
|
|
|
|
put_device(dev);
|
|
|
|
|
} else {
|
2024-07-16 14:16:35 +02:00
|
|
|
pr_debug("(%d) no type info (no APQN found), ignored\n",
|
|
|
|
|
ap);
|
2018-11-29 11:50:16 +01:00
|
|
|
}
|
2020-07-02 16:57:00 +02:00
|
|
|
return;
|
|
|
|
|
}
|
2023-11-04 10:04:31 +01:00
|
|
|
if (!hwinfo.at) {
|
2020-07-02 16:57:00 +02:00
|
|
|
/* No apdater type info available, an unusable adapter */
|
|
|
|
|
if (ac) {
|
2021-10-15 12:00:22 +02:00
|
|
|
AP_DBF_INFO("%s(%d) no valid type (0) info, rm card and queue devs\n",
|
2020-07-02 16:57:00 +02:00
|
|
|
__func__, ap);
|
|
|
|
|
ap_scan_rm_card_dev_and_queue_devs(ac);
|
2018-11-29 11:50:16 +01:00
|
|
|
put_device(dev);
|
2020-07-02 16:57:00 +02:00
|
|
|
} else {
|
2024-07-16 14:16:35 +02:00
|
|
|
pr_debug("(%d) no valid type (0) info, ignored\n", ap);
|
2018-11-29 11:50:16 +01:00
|
|
|
}
|
2020-07-02 16:57:00 +02:00
|
|
|
return;
|
2018-11-29 11:50:16 +01:00
|
|
|
}
|
2023-11-04 10:04:31 +01:00
|
|
|
hwinfo.value &= TAPQ_CARD_HWINFO_MASK; /* filter card specific hwinfo */
|
2020-07-02 16:57:00 +02:00
|
|
|
if (ac) {
|
|
|
|
|
/* Check APQN against existing card device for changes */
|
2023-11-04 10:04:31 +01:00
|
|
|
if (ac->hwinfo.at != hwinfo.at) {
|
2021-10-15 12:00:22 +02:00
|
|
|
AP_DBF_INFO("%s(%d) hwtype %d changed, rm card and queue devs\n",
|
2023-11-04 10:04:31 +01:00
|
|
|
__func__, ap, hwinfo.at);
|
2020-07-02 16:57:00 +02:00
|
|
|
ap_scan_rm_card_dev_and_queue_devs(ac);
|
|
|
|
|
put_device(dev);
|
|
|
|
|
ac = NULL;
|
2023-11-04 10:04:31 +01:00
|
|
|
} else if (ac->hwinfo.fac != hwinfo.fac) {
|
2021-10-15 12:00:22 +02:00
|
|
|
AP_DBF_INFO("%s(%d) functions 0x%08x changed, rm card and queue devs\n",
|
2023-11-04 10:04:31 +01:00
|
|
|
__func__, ap, hwinfo.fac);
|
2020-07-02 16:57:00 +02:00
|
|
|
ap_scan_rm_card_dev_and_queue_devs(ac);
|
|
|
|
|
put_device(dev);
|
|
|
|
|
ac = NULL;
|
|
|
|
|
} else {
|
2021-11-17 15:38:39 +01:00
|
|
|
/* handle checkstop state change */
|
|
|
|
|
if (chkstop && !ac->chkstop) {
|
|
|
|
|
/* checkstop on */
|
|
|
|
|
ac->chkstop = true;
|
|
|
|
|
AP_DBF_INFO("%s(%d) card dev checkstop on\n",
|
|
|
|
|
__func__, ap);
|
|
|
|
|
} else if (!chkstop && ac->chkstop) {
|
|
|
|
|
/* checkstop off */
|
|
|
|
|
ac->chkstop = false;
|
|
|
|
|
AP_DBF_INFO("%s(%d) card dev checkstop off\n",
|
|
|
|
|
__func__, ap);
|
|
|
|
|
}
|
|
|
|
|
/* handle config state change */
|
2020-07-02 16:57:00 +02:00
|
|
|
if (decfg && ac->config) {
|
|
|
|
|
ac->config = false;
|
2021-10-15 12:00:22 +02:00
|
|
|
AP_DBF_INFO("%s(%d) card dev config off\n",
|
2020-07-02 16:57:00 +02:00
|
|
|
__func__, ap);
|
2021-04-13 18:11:09 +02:00
|
|
|
ap_send_config_uevent(&ac->ap_dev, ac->config);
|
2021-11-17 15:38:39 +01:00
|
|
|
} else if (!decfg && !ac->config) {
|
2020-07-02 16:57:00 +02:00
|
|
|
ac->config = true;
|
2021-10-15 12:00:22 +02:00
|
|
|
AP_DBF_INFO("%s(%d) card dev config on\n",
|
2020-07-02 16:57:00 +02:00
|
|
|
__func__, ap);
|
2021-04-13 18:11:09 +02:00
|
|
|
ap_send_config_uevent(&ac->ap_dev, ac->config);
|
2019-02-05 17:22:36 +01:00
|
|
|
}
|
2018-11-29 11:50:16 +01:00
|
|
|
}
|
2020-07-02 16:57:00 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!ac) {
|
|
|
|
|
/* Build a new card device */
|
2023-11-04 10:04:31 +01:00
|
|
|
comp_type = ap_get_compatible_type(qid, hwinfo.at, hwinfo.fac);
|
2020-07-02 16:57:00 +02:00
|
|
|
if (!comp_type) {
|
|
|
|
|
AP_DBF_WARN("%s(%d) type %d, can't get compatibility type\n",
|
2023-11-04 10:04:31 +01:00
|
|
|
__func__, ap, hwinfo.at);
|
2020-07-02 16:57:00 +02:00
|
|
|
return;
|
|
|
|
|
}
|
2023-11-04 10:04:31 +01:00
|
|
|
ac = ap_card_create(ap, hwinfo, comp_type);
|
2018-11-29 11:50:16 +01:00
|
|
|
if (!ac) {
|
2020-07-02 16:57:00 +02:00
|
|
|
AP_DBF_WARN("%s(%d) ap_card_create() failed\n",
|
|
|
|
|
__func__, ap);
|
|
|
|
|
return;
|
2018-11-29 11:50:16 +01:00
|
|
|
}
|
2020-07-02 16:57:00 +02:00
|
|
|
ac->config = !decfg;
|
2021-11-17 15:38:39 +01:00
|
|
|
ac->chkstop = chkstop;
|
2020-07-02 16:57:00 +02:00
|
|
|
dev = &ac->ap_dev.device;
|
|
|
|
|
dev->bus = &ap_bus_type;
|
|
|
|
|
dev->parent = ap_root_device;
|
|
|
|
|
dev_set_name(dev, "card%02x", ap);
|
2021-06-25 12:29:46 +02:00
|
|
|
/* maybe enlarge ap_max_msg_size to support this card */
|
|
|
|
|
if (ac->maxmsgsize > atomic_read(&ap_max_msg_size)) {
|
|
|
|
|
atomic_set(&ap_max_msg_size, ac->maxmsgsize);
|
|
|
|
|
AP_DBF_INFO("%s(%d) ap_max_msg_size update to %d byte\n",
|
2021-10-15 12:00:22 +02:00
|
|
|
__func__, ap,
|
|
|
|
|
atomic_read(&ap_max_msg_size));
|
2021-06-25 12:29:46 +02:00
|
|
|
}
|
2020-07-02 16:57:00 +02:00
|
|
|
/* Register the new card device with AP bus */
|
|
|
|
|
rc = device_register(dev);
|
2018-11-29 11:50:16 +01:00
|
|
|
if (rc) {
|
2020-07-02 16:57:00 +02:00
|
|
|
AP_DBF_WARN("%s(%d) device_register() failed\n",
|
|
|
|
|
__func__, ap);
|
|
|
|
|
put_device(dev);
|
|
|
|
|
return;
|
2015-09-14 17:01:23 +02:00
|
|
|
}
|
2020-07-02 16:57:00 +02:00
|
|
|
/* get it and thus adjust reference counter */
|
|
|
|
|
get_device(dev);
|
|
|
|
|
if (decfg)
|
2021-10-15 12:00:22 +02:00
|
|
|
AP_DBF_INFO("%s(%d) new (decfg) card dev type=%d func=0x%08x created\n",
|
2023-11-04 10:04:31 +01:00
|
|
|
__func__, ap, hwinfo.at, hwinfo.fac);
|
2021-11-17 15:38:39 +01:00
|
|
|
else if (chkstop)
|
|
|
|
|
AP_DBF_INFO("%s(%d) new (chkstop) card dev type=%d func=0x%08x created\n",
|
2023-11-04 10:04:31 +01:00
|
|
|
__func__, ap, hwinfo.at, hwinfo.fac);
|
2020-07-02 16:57:00 +02:00
|
|
|
else
|
2021-10-15 12:00:22 +02:00
|
|
|
AP_DBF_INFO("%s(%d) new card dev type=%d func=0x%08x created\n",
|
2023-11-04 10:04:31 +01:00
|
|
|
__func__, ap, hwinfo.at, hwinfo.fac);
|
2020-07-02 16:57:00 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Verify the domains and the queue devices for this card */
|
|
|
|
|
ap_scan_domains(ac);
|
2018-11-29 11:50:16 +01:00
|
|
|
|
2020-07-02 16:57:00 +02:00
|
|
|
/* release the card device */
|
|
|
|
|
put_device(&ac->ap_dev.device);
|
2018-11-29 11:50:16 +01:00
|
|
|
}
|
2017-05-12 16:35:14 +02:00
|
|
|
|
s390/ap: notify drivers on config changed and scan complete callbacks
This patch introduces an extension to the ap bus to notify device drivers
when the host AP configuration changes - i.e., adapters, domains or
control domains are added or removed. When an adapter or domain is added to
the host's AP configuration, the AP bus will create the associated queue
devices in the linux sysfs device model. Each new type 10 (i.e., CEX4) or
newer queue device with an APQN that is not reserved for the default device
driver will get bound to the vfio_ap device driver. Likewise, whan an
adapter or domain is removed from the host's AP configuration, the AP bus
will remove the associated queue devices from the sysfs device model. Each
of the queues that is bound to the vfio_ap device driver will get unbound.
With the introduction of hot plug support, binding or unbinding of a
queue device will result in plugging or unplugging one or more queues from
a guest that is using the queue. If there are multiple changes to the
host's AP configuration, it could result in the probe and remove callbacks
getting invoked multiple times. Each time queues are plugged into or
unplugged from a guest, the guest's VCPUs must be taken out of SIE.
If this occurs multiple times due to changes in the host's AP
configuration, that can have an undesirable negative affect on the guest's
performance.
To alleviate this problem, this patch introduces two new callbacks: one to
notify the vfio_ap device driver when the AP bus scan routine detects a
change to the host's AP configuration; and, one to notify the driver when
the AP bus is done scanning. This will allow the vfio_ap driver to do
bulk processing of all affected adapters, domains and control domains for
affected guests rather than plugging or unplugging them one at a time when
the probe or remove callback is invoked. The two new callbacks are:
void (*on_config_changed)(struct ap_config_info *new_config_info,
struct ap_config_info *old_config_info);
This callback is invoked at the start of the AP bus scan
function when it determines that the host AP configuration information
has changed since the previous scan. This is done by storing
an old and current QCI info struct and comparing them. If there is any
difference, the callback is invoked.
void (*on_scan_complete)(struct ap_config_info *new_config_info,
struct ap_config_info *old_config_info);
The on_scan_complete callback is invoked after the ap bus scan is
completed if the host AP configuration data has changed.
Signed-off-by: Tony Krowiak <akrowiak@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2021-10-01 13:39:13 -04:00
|
|
|
/**
|
|
|
|
|
* ap_get_configuration - get the host AP configuration
|
|
|
|
|
*
|
|
|
|
|
* Stores the host AP configuration information returned from the previous call
|
|
|
|
|
* to Query Configuration Information (QCI), then retrieves and stores the
|
|
|
|
|
* current AP configuration returned from QCI.
|
|
|
|
|
*
|
|
|
|
|
* Return: true if the host AP configuration changed between calls to QCI;
|
|
|
|
|
* otherwise, return false.
|
|
|
|
|
*/
|
|
|
|
|
static bool ap_get_configuration(void)
|
|
|
|
|
{
|
2024-03-08 15:54:43 +01:00
|
|
|
if (!ap_qci_info->flags) /* QCI not supported */
|
2022-07-15 12:23:48 +02:00
|
|
|
return false;
|
|
|
|
|
|
s390/ap: notify drivers on config changed and scan complete callbacks
This patch introduces an extension to the ap bus to notify device drivers
when the host AP configuration changes - i.e., adapters, domains or
control domains are added or removed. When an adapter or domain is added to
the host's AP configuration, the AP bus will create the associated queue
devices in the linux sysfs device model. Each new type 10 (i.e., CEX4) or
newer queue device with an APQN that is not reserved for the default device
driver will get bound to the vfio_ap device driver. Likewise, whan an
adapter or domain is removed from the host's AP configuration, the AP bus
will remove the associated queue devices from the sysfs device model. Each
of the queues that is bound to the vfio_ap device driver will get unbound.
With the introduction of hot plug support, binding or unbinding of a
queue device will result in plugging or unplugging one or more queues from
a guest that is using the queue. If there are multiple changes to the
host's AP configuration, it could result in the probe and remove callbacks
getting invoked multiple times. Each time queues are plugged into or
unplugged from a guest, the guest's VCPUs must be taken out of SIE.
If this occurs multiple times due to changes in the host's AP
configuration, that can have an undesirable negative affect on the guest's
performance.
To alleviate this problem, this patch introduces two new callbacks: one to
notify the vfio_ap device driver when the AP bus scan routine detects a
change to the host's AP configuration; and, one to notify the driver when
the AP bus is done scanning. This will allow the vfio_ap driver to do
bulk processing of all affected adapters, domains and control domains for
affected guests rather than plugging or unplugging them one at a time when
the probe or remove callback is invoked. The two new callbacks are:
void (*on_config_changed)(struct ap_config_info *new_config_info,
struct ap_config_info *old_config_info);
This callback is invoked at the start of the AP bus scan
function when it determines that the host AP configuration information
has changed since the previous scan. This is done by storing
an old and current QCI info struct and comparing them. If there is any
difference, the callback is invoked.
void (*on_scan_complete)(struct ap_config_info *new_config_info,
struct ap_config_info *old_config_info);
The on_scan_complete callback is invoked after the ap bus scan is
completed if the host AP configuration data has changed.
Signed-off-by: Tony Krowiak <akrowiak@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2021-10-01 13:39:13 -04:00
|
|
|
memcpy(ap_qci_info_old, ap_qci_info, sizeof(*ap_qci_info));
|
2024-03-08 15:54:43 +01:00
|
|
|
ap_qci(ap_qci_info);
|
s390/ap: notify drivers on config changed and scan complete callbacks
This patch introduces an extension to the ap bus to notify device drivers
when the host AP configuration changes - i.e., adapters, domains or
control domains are added or removed. When an adapter or domain is added to
the host's AP configuration, the AP bus will create the associated queue
devices in the linux sysfs device model. Each new type 10 (i.e., CEX4) or
newer queue device with an APQN that is not reserved for the default device
driver will get bound to the vfio_ap device driver. Likewise, whan an
adapter or domain is removed from the host's AP configuration, the AP bus
will remove the associated queue devices from the sysfs device model. Each
of the queues that is bound to the vfio_ap device driver will get unbound.
With the introduction of hot plug support, binding or unbinding of a
queue device will result in plugging or unplugging one or more queues from
a guest that is using the queue. If there are multiple changes to the
host's AP configuration, it could result in the probe and remove callbacks
getting invoked multiple times. Each time queues are plugged into or
unplugged from a guest, the guest's VCPUs must be taken out of SIE.
If this occurs multiple times due to changes in the host's AP
configuration, that can have an undesirable negative affect on the guest's
performance.
To alleviate this problem, this patch introduces two new callbacks: one to
notify the vfio_ap device driver when the AP bus scan routine detects a
change to the host's AP configuration; and, one to notify the driver when
the AP bus is done scanning. This will allow the vfio_ap driver to do
bulk processing of all affected adapters, domains and control domains for
affected guests rather than plugging or unplugging them one at a time when
the probe or remove callback is invoked. The two new callbacks are:
void (*on_config_changed)(struct ap_config_info *new_config_info,
struct ap_config_info *old_config_info);
This callback is invoked at the start of the AP bus scan
function when it determines that the host AP configuration information
has changed since the previous scan. This is done by storing
an old and current QCI info struct and comparing them. If there is any
difference, the callback is invoked.
void (*on_scan_complete)(struct ap_config_info *new_config_info,
struct ap_config_info *old_config_info);
The on_scan_complete callback is invoked after the ap bus scan is
completed if the host AP configuration data has changed.
Signed-off-by: Tony Krowiak <akrowiak@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2021-10-01 13:39:13 -04:00
|
|
|
|
|
|
|
|
return memcmp(ap_qci_info, ap_qci_info_old,
|
|
|
|
|
sizeof(struct ap_config_info)) != 0;
|
|
|
|
|
}
|
|
|
|
|
|
2024-01-30 15:30:22 +01:00
|
|
|
/*
|
|
|
|
|
* ap_config_has_new_aps - Check current against old qci info if
|
|
|
|
|
* new adapters have appeared. Returns true if at least one new
|
|
|
|
|
* adapter in the apm mask is showing up. Existing adapters or
|
|
|
|
|
* receding adapters are not counted.
|
|
|
|
|
*/
|
|
|
|
|
static bool ap_config_has_new_aps(void)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
unsigned long m[BITS_TO_LONGS(AP_DEVICES)];
|
|
|
|
|
|
2024-03-08 15:54:43 +01:00
|
|
|
if (!ap_qci_info->flags)
|
2024-01-30 15:30:22 +01:00
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
bitmap_andnot(m, (unsigned long *)ap_qci_info->apm,
|
|
|
|
|
(unsigned long *)ap_qci_info_old->apm, AP_DEVICES);
|
|
|
|
|
if (!bitmap_empty(m, AP_DEVICES))
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* ap_config_has_new_doms - Check current against old qci info if
|
|
|
|
|
* new (usage) domains have appeared. Returns true if at least one
|
|
|
|
|
* new domain in the aqm mask is showing up. Existing domains or
|
|
|
|
|
* receding domains are not counted.
|
|
|
|
|
*/
|
|
|
|
|
static bool ap_config_has_new_doms(void)
|
|
|
|
|
{
|
|
|
|
|
unsigned long m[BITS_TO_LONGS(AP_DOMAINS)];
|
|
|
|
|
|
2024-03-08 15:54:43 +01:00
|
|
|
if (!ap_qci_info->flags)
|
2024-01-30 15:30:22 +01:00
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
bitmap_andnot(m, (unsigned long *)ap_qci_info->aqm,
|
|
|
|
|
(unsigned long *)ap_qci_info_old->aqm, AP_DOMAINS);
|
|
|
|
|
if (!bitmap_empty(m, AP_DOMAINS))
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2018-11-29 11:50:16 +01:00
|
|
|
/**
|
|
|
|
|
* ap_scan_bus(): Scan the AP bus for new devices
|
2024-01-30 17:42:50 +01:00
|
|
|
* Always run under mutex ap_scan_bus_mutex protection
|
|
|
|
|
* which needs to get locked/unlocked by the caller!
|
2024-01-30 17:15:47 +01:00
|
|
|
* Returns true if any config change has been detected
|
2024-01-30 17:42:50 +01:00
|
|
|
* during the scan, otherwise false.
|
2018-11-29 11:50:16 +01:00
|
|
|
*/
|
2024-01-30 17:15:47 +01:00
|
|
|
static bool ap_scan_bus(void)
|
2018-11-29 11:50:16 +01:00
|
|
|
{
|
2024-01-30 17:15:47 +01:00
|
|
|
bool config_changed;
|
|
|
|
|
int ap;
|
2018-11-29 11:50:16 +01:00
|
|
|
|
2024-07-16 14:16:35 +02:00
|
|
|
pr_debug(">\n");
|
2024-01-30 10:07:28 +01:00
|
|
|
|
2024-01-30 15:30:22 +01:00
|
|
|
/* (re-)fetch configuration via QCI */
|
s390/ap: notify drivers on config changed and scan complete callbacks
This patch introduces an extension to the ap bus to notify device drivers
when the host AP configuration changes - i.e., adapters, domains or
control domains are added or removed. When an adapter or domain is added to
the host's AP configuration, the AP bus will create the associated queue
devices in the linux sysfs device model. Each new type 10 (i.e., CEX4) or
newer queue device with an APQN that is not reserved for the default device
driver will get bound to the vfio_ap device driver. Likewise, whan an
adapter or domain is removed from the host's AP configuration, the AP bus
will remove the associated queue devices from the sysfs device model. Each
of the queues that is bound to the vfio_ap device driver will get unbound.
With the introduction of hot plug support, binding or unbinding of a
queue device will result in plugging or unplugging one or more queues from
a guest that is using the queue. If there are multiple changes to the
host's AP configuration, it could result in the probe and remove callbacks
getting invoked multiple times. Each time queues are plugged into or
unplugged from a guest, the guest's VCPUs must be taken out of SIE.
If this occurs multiple times due to changes in the host's AP
configuration, that can have an undesirable negative affect on the guest's
performance.
To alleviate this problem, this patch introduces two new callbacks: one to
notify the vfio_ap device driver when the AP bus scan routine detects a
change to the host's AP configuration; and, one to notify the driver when
the AP bus is done scanning. This will allow the vfio_ap driver to do
bulk processing of all affected adapters, domains and control domains for
affected guests rather than plugging or unplugging them one at a time when
the probe or remove callback is invoked. The two new callbacks are:
void (*on_config_changed)(struct ap_config_info *new_config_info,
struct ap_config_info *old_config_info);
This callback is invoked at the start of the AP bus scan
function when it determines that the host AP configuration information
has changed since the previous scan. This is done by storing
an old and current QCI info struct and comparing them. If there is any
difference, the callback is invoked.
void (*on_scan_complete)(struct ap_config_info *new_config_info,
struct ap_config_info *old_config_info);
The on_scan_complete callback is invoked after the ap bus scan is
completed if the host AP configuration data has changed.
Signed-off-by: Tony Krowiak <akrowiak@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2021-10-01 13:39:13 -04:00
|
|
|
config_changed = ap_get_configuration();
|
2024-01-30 15:30:22 +01:00
|
|
|
if (config_changed) {
|
|
|
|
|
if (ap_config_has_new_aps() || ap_config_has_new_doms()) {
|
|
|
|
|
/*
|
|
|
|
|
* Appearance of new adapters and/or domains need to
|
|
|
|
|
* build new ap devices which need to get bound to an
|
|
|
|
|
* device driver. Thus reset the APQN bindings complete
|
|
|
|
|
* completion.
|
|
|
|
|
*/
|
|
|
|
|
reinit_completion(&ap_apqn_bindings_complete);
|
|
|
|
|
}
|
|
|
|
|
/* post a config change notify */
|
s390/ap: notify drivers on config changed and scan complete callbacks
This patch introduces an extension to the ap bus to notify device drivers
when the host AP configuration changes - i.e., adapters, domains or
control domains are added or removed. When an adapter or domain is added to
the host's AP configuration, the AP bus will create the associated queue
devices in the linux sysfs device model. Each new type 10 (i.e., CEX4) or
newer queue device with an APQN that is not reserved for the default device
driver will get bound to the vfio_ap device driver. Likewise, whan an
adapter or domain is removed from the host's AP configuration, the AP bus
will remove the associated queue devices from the sysfs device model. Each
of the queues that is bound to the vfio_ap device driver will get unbound.
With the introduction of hot plug support, binding or unbinding of a
queue device will result in plugging or unplugging one or more queues from
a guest that is using the queue. If there are multiple changes to the
host's AP configuration, it could result in the probe and remove callbacks
getting invoked multiple times. Each time queues are plugged into or
unplugged from a guest, the guest's VCPUs must be taken out of SIE.
If this occurs multiple times due to changes in the host's AP
configuration, that can have an undesirable negative affect on the guest's
performance.
To alleviate this problem, this patch introduces two new callbacks: one to
notify the vfio_ap device driver when the AP bus scan routine detects a
change to the host's AP configuration; and, one to notify the driver when
the AP bus is done scanning. This will allow the vfio_ap driver to do
bulk processing of all affected adapters, domains and control domains for
affected guests rather than plugging or unplugging them one at a time when
the probe or remove callback is invoked. The two new callbacks are:
void (*on_config_changed)(struct ap_config_info *new_config_info,
struct ap_config_info *old_config_info);
This callback is invoked at the start of the AP bus scan
function when it determines that the host AP configuration information
has changed since the previous scan. This is done by storing
an old and current QCI info struct and comparing them. If there is any
difference, the callback is invoked.
void (*on_scan_complete)(struct ap_config_info *new_config_info,
struct ap_config_info *old_config_info);
The on_scan_complete callback is invoked after the ap bus scan is
completed if the host AP configuration data has changed.
Signed-off-by: Tony Krowiak <akrowiak@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2021-10-01 13:39:13 -04:00
|
|
|
notify_config_changed();
|
2024-01-30 15:30:22 +01:00
|
|
|
}
|
2018-11-29 11:50:16 +01:00
|
|
|
ap_select_domain();
|
|
|
|
|
|
|
|
|
|
/* loop over all possible adapters */
|
2020-07-02 16:57:00 +02:00
|
|
|
for (ap = 0; ap <= ap_max_adapter_id; ap++)
|
|
|
|
|
ap_scan_adapter(ap);
|
2018-11-29 11:50:16 +01:00
|
|
|
|
s390/ap: notify drivers on config changed and scan complete callbacks
This patch introduces an extension to the ap bus to notify device drivers
when the host AP configuration changes - i.e., adapters, domains or
control domains are added or removed. When an adapter or domain is added to
the host's AP configuration, the AP bus will create the associated queue
devices in the linux sysfs device model. Each new type 10 (i.e., CEX4) or
newer queue device with an APQN that is not reserved for the default device
driver will get bound to the vfio_ap device driver. Likewise, whan an
adapter or domain is removed from the host's AP configuration, the AP bus
will remove the associated queue devices from the sysfs device model. Each
of the queues that is bound to the vfio_ap device driver will get unbound.
With the introduction of hot plug support, binding or unbinding of a
queue device will result in plugging or unplugging one or more queues from
a guest that is using the queue. If there are multiple changes to the
host's AP configuration, it could result in the probe and remove callbacks
getting invoked multiple times. Each time queues are plugged into or
unplugged from a guest, the guest's VCPUs must be taken out of SIE.
If this occurs multiple times due to changes in the host's AP
configuration, that can have an undesirable negative affect on the guest's
performance.
To alleviate this problem, this patch introduces two new callbacks: one to
notify the vfio_ap device driver when the AP bus scan routine detects a
change to the host's AP configuration; and, one to notify the driver when
the AP bus is done scanning. This will allow the vfio_ap driver to do
bulk processing of all affected adapters, domains and control domains for
affected guests rather than plugging or unplugging them one at a time when
the probe or remove callback is invoked. The two new callbacks are:
void (*on_config_changed)(struct ap_config_info *new_config_info,
struct ap_config_info *old_config_info);
This callback is invoked at the start of the AP bus scan
function when it determines that the host AP configuration information
has changed since the previous scan. This is done by storing
an old and current QCI info struct and comparing them. If there is any
difference, the callback is invoked.
void (*on_scan_complete)(struct ap_config_info *new_config_info,
struct ap_config_info *old_config_info);
The on_scan_complete callback is invoked after the ap bus scan is
completed if the host AP configuration data has changed.
Signed-off-by: Tony Krowiak <akrowiak@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
2021-10-01 13:39:13 -04:00
|
|
|
/* scan complete notify */
|
|
|
|
|
if (config_changed)
|
|
|
|
|
notify_scan_complete();
|
|
|
|
|
|
2018-11-29 11:50:16 +01:00
|
|
|
/* check if there is at least one queue available with default domain */
|
|
|
|
|
if (ap_domain_index >= 0) {
|
|
|
|
|
struct device *dev =
|
|
|
|
|
bus_find_device(&ap_bus_type, NULL,
|
2022-04-04 17:12:37 +02:00
|
|
|
(void *)(long)ap_domain_index,
|
2019-02-05 17:22:36 +01:00
|
|
|
__match_queue_device_with_queue_id);
|
2018-11-29 11:50:16 +01:00
|
|
|
if (dev)
|
|
|
|
|
put_device(dev);
|
|
|
|
|
else
|
2021-10-15 12:00:22 +02:00
|
|
|
AP_DBF_INFO("%s no queue device with default domain %d available\n",
|
|
|
|
|
__func__, ap_domain_index);
|
2018-11-29 11:50:16 +01:00
|
|
|
}
|
2017-05-12 16:35:14 +02:00
|
|
|
|
2020-08-31 10:16:26 +02:00
|
|
|
if (atomic64_inc_return(&ap_scan_bus_count) == 1) {
|
2024-07-16 14:16:35 +02:00
|
|
|
pr_debug("init scan complete\n");
|
2020-08-31 10:16:26 +02:00
|
|
|
ap_send_init_scan_done_uevent();
|
|
|
|
|
}
|
|
|
|
|
|
2024-01-30 15:30:22 +01:00
|
|
|
ap_check_bindings_complete();
|
|
|
|
|
|
2024-01-30 16:50:05 +01:00
|
|
|
mod_timer(&ap_scan_bus_timer, jiffies + ap_scan_bus_time * HZ);
|
2024-01-30 10:07:28 +01:00
|
|
|
|
2024-07-16 14:16:35 +02:00
|
|
|
pr_debug("< config_changed=%d\n", config_changed);
|
2024-01-30 17:15:47 +01:00
|
|
|
|
|
|
|
|
return config_changed;
|
2006-09-20 15:58:25 +02:00
|
|
|
}
|
|
|
|
|
|
2024-01-30 16:50:05 +01:00
|
|
|
/*
|
|
|
|
|
* Callback for the ap_scan_bus_timer
|
2024-01-30 17:15:47 +01:00
|
|
|
* Runs periodically, workqueue timer (ap_scan_bus_time)
|
2024-01-30 16:50:05 +01:00
|
|
|
*/
|
|
|
|
|
static void ap_scan_bus_timer_callback(struct timer_list *unused)
|
2006-09-20 15:58:25 +02:00
|
|
|
{
|
2024-01-30 16:50:05 +01:00
|
|
|
/*
|
|
|
|
|
* schedule work into the system long wq which when
|
|
|
|
|
* the work is finally executed, calls the AP bus scan.
|
|
|
|
|
*/
|
|
|
|
|
queue_work(system_long_wq, &ap_scan_bus_work);
|
2006-09-20 15:58:25 +02:00
|
|
|
}
|
2006-12-15 17:18:17 +01:00
|
|
|
|
2024-01-30 17:15:47 +01:00
|
|
|
/*
|
|
|
|
|
* Callback for the ap_scan_bus_work
|
|
|
|
|
*/
|
|
|
|
|
static void ap_scan_bus_wq_callback(struct work_struct *unused)
|
|
|
|
|
{
|
2024-01-30 17:42:50 +01:00
|
|
|
/*
|
|
|
|
|
* Try to invoke an ap_scan_bus(). If the mutex acquisition
|
|
|
|
|
* fails there is currently another task already running the
|
|
|
|
|
* AP scan bus and there is no need to wait and re-trigger the
|
|
|
|
|
* scan again. Please note at the end of the scan bus function
|
|
|
|
|
* the AP scan bus timer is re-armed which triggers then the
|
|
|
|
|
* ap_scan_bus_timer_callback which enqueues a work into the
|
|
|
|
|
* system_long_wq which invokes this function here again.
|
|
|
|
|
*/
|
|
|
|
|
if (mutex_trylock(&ap_scan_bus_mutex)) {
|
2024-08-28 14:25:08 +02:00
|
|
|
ap_scan_bus_task = current;
|
2024-01-30 17:42:50 +01:00
|
|
|
ap_scan_bus_result = ap_scan_bus();
|
2024-08-28 14:25:08 +02:00
|
|
|
ap_scan_bus_task = NULL;
|
2024-01-30 17:42:50 +01:00
|
|
|
mutex_unlock(&ap_scan_bus_mutex);
|
|
|
|
|
}
|
2024-01-30 17:15:47 +01:00
|
|
|
}
|
|
|
|
|
|
2024-02-19 18:10:19 +01:00
|
|
|
static inline void __exit ap_async_exit(void)
|
|
|
|
|
{
|
|
|
|
|
if (ap_thread_flag)
|
|
|
|
|
ap_poll_thread_stop();
|
|
|
|
|
chsc_notifier_unregister(&ap_bus_nb);
|
|
|
|
|
cancel_work(&ap_scan_bus_work);
|
|
|
|
|
hrtimer_cancel(&ap_poll_timer);
|
|
|
|
|
timer_delete(&ap_scan_bus_timer);
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-08 17:13:48 +01:00
|
|
|
static inline int __init ap_async_init(void)
|
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
|
|
|
|
|
/* Setup the AP bus rescan timer. */
|
|
|
|
|
timer_setup(&ap_scan_bus_timer, ap_scan_bus_timer_callback, 0);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Setup the high resolution poll timer.
|
|
|
|
|
* If we are running under z/VM adjust polling to z/VM polling rate.
|
|
|
|
|
*/
|
2025-02-07 15:49:07 +01:00
|
|
|
if (machine_is_vm())
|
2024-03-08 17:13:48 +01:00
|
|
|
poll_high_timeout = 1500000;
|
|
|
|
|
hrtimer_init(&ap_poll_timer, CLOCK_MONOTONIC, HRTIMER_MODE_ABS);
|
|
|
|
|
ap_poll_timer.function = ap_poll_timeout;
|
|
|
|
|
|
|
|
|
|
queue_work(system_long_wq, &ap_scan_bus_work);
|
|
|
|
|
|
2024-02-19 17:32:54 +01:00
|
|
|
rc = chsc_notifier_register(&ap_bus_nb);
|
|
|
|
|
if (rc)
|
|
|
|
|
goto out;
|
|
|
|
|
|
2024-03-08 17:13:48 +01:00
|
|
|
/* Start the low priority AP bus poll thread. */
|
|
|
|
|
if (!ap_thread_flag)
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
rc = ap_poll_thread_start();
|
|
|
|
|
if (rc)
|
2024-02-19 17:32:54 +01:00
|
|
|
goto out_notifier;
|
2024-03-08 17:13:48 +01:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
2024-02-19 17:32:54 +01:00
|
|
|
out_notifier:
|
|
|
|
|
chsc_notifier_unregister(&ap_bus_nb);
|
2024-03-08 17:13:48 +01:00
|
|
|
out:
|
|
|
|
|
cancel_work(&ap_scan_bus_work);
|
|
|
|
|
hrtimer_cancel(&ap_poll_timer);
|
|
|
|
|
timer_delete(&ap_scan_bus_timer);
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline void ap_irq_exit(void)
|
|
|
|
|
{
|
|
|
|
|
if (ap_irq_flag)
|
|
|
|
|
unregister_adapter_interrupt(&ap_airq);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline int __init ap_irq_init(void)
|
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
|
|
|
|
|
if (!ap_interrupts_available() || !ap_useirq)
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
rc = register_adapter_interrupt(&ap_airq);
|
|
|
|
|
ap_irq_flag = (rc == 0);
|
|
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline void ap_debug_exit(void)
|
|
|
|
|
{
|
|
|
|
|
debug_unregister(ap_dbf_info);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline int __init ap_debug_init(void)
|
2016-11-24 06:45:21 +01:00
|
|
|
{
|
2021-10-15 12:00:22 +02:00
|
|
|
ap_dbf_info = debug_register("ap", 2, 1,
|
2024-01-29 16:53:21 +01:00
|
|
|
AP_DBF_MAX_SPRINTF_ARGS * sizeof(long));
|
2016-11-24 06:45:21 +01:00
|
|
|
debug_register_view(ap_dbf_info, &debug_sprintf_view);
|
|
|
|
|
debug_set_level(ap_dbf_info, DBF_ERR);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
static void __init ap_perms_init(void)
|
|
|
|
|
{
|
2022-04-04 17:12:37 +02:00
|
|
|
/* all resources usable if no kernel parameter string given */
|
s390/zcrypt: multiple zcrypt device nodes support
This patch is an extension to the zcrypt device driver to provide,
support and maintain multiple zcrypt device nodes. The individual
zcrypt device nodes can be restricted in terms of crypto cards,
domains and available ioctls. Such a device node can be used as a
base for container solutions like docker to control and restrict
the access to crypto resources.
The handling is done with a new sysfs subdir /sys/class/zcrypt.
Echoing a name (or an empty sting) into the attribute "create" creates
a new zcrypt device node. In /sys/class/zcrypt a new link will appear
which points to the sysfs device tree of this new device. The
attribute files "ioctlmask", "apmask" and "aqmask" in this directory
are used to customize this new zcrypt device node instance. Finally
the zcrypt device node can be destroyed by echoing the name into
/sys/class/zcrypt/destroy. The internal structs holding the device
info are reference counted - so a destroy will not hard remove a
device but only marks it as removable when the reference counter drops
to zero.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
* Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
* Relative format - a concatenation (done with ',') of the
terms +<bitnr>[-<bitnr>] or -<bitnr>[-<bitnr>]. <bitnr> may be any
valid number (hex, decimal or octal) in the range 0...255. Here are
some examples:
"+0-15,+32,-128,-0xFF"
"-0-255,+1-16,+0x128"
"+1,+2,+3,+4,-5,-7-10"
A simple usage examples:
# create new zcrypt device 'my_zcrypt':
echo "my_zcrypt" >/sys/class/zcrypt/create
# go into the device dir of this new device
echo "my_zcrypt" >create
cd my_zcrypt/
ls -l
total 0
-rw-r--r-- 1 root root 4096 Jul 20 15:23 apmask
-rw-r--r-- 1 root root 4096 Jul 20 15:23 aqmask
-r--r--r-- 1 root root 4096 Jul 20 15:23 dev
-rw-r--r-- 1 root root 4096 Jul 20 15:23 ioctlmask
lrwxrwxrwx 1 root root 0 Jul 20 15:23 subsystem -> ../../../../class/zcrypt
...
# customize this zcrypt node clone
# enable only adapter 0 and 2
echo "0xa0" >apmask
# enable only domain 6
echo "+6" >aqmask
# enable all 256 ioctls
echo "+0-255" >ioctls
# now the /dev/my_zcrypt may be used
# finally destroy it
echo "my_zcrypt" >/sys/class/zcrypt/destroy
Please note that a very similar 'filtering behavior' also applies to
the parent z90crypt device. The two mask attributes apmask and aqmask
in /sys/bus/ap act the very same for the z90crypt device node. However
the implementation here is totally different as the ap bus acts on
bind/unbind of queue devices and associated drivers but the effect is
still the same. So there are two filters active for each additional
zcrypt device node: The adapter/domain needs to be enabled on the ap
bus level and it needs to be active on the zcrypt device node level.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-09-17 16:18:41 +02:00
|
|
|
memset(&ap_perms.ioctlm, 0xFF, sizeof(ap_perms.ioctlm));
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
memset(&ap_perms.apm, 0xFF, sizeof(ap_perms.apm));
|
|
|
|
|
memset(&ap_perms.aqm, 0xFF, sizeof(ap_perms.aqm));
|
|
|
|
|
|
2018-08-20 15:27:45 +02:00
|
|
|
/* apm kernel parameter string */
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
if (apm_str) {
|
2018-08-20 15:27:45 +02:00
|
|
|
memset(&ap_perms.apm, 0, sizeof(ap_perms.apm));
|
s390/zcrypt: multiple zcrypt device nodes support
This patch is an extension to the zcrypt device driver to provide,
support and maintain multiple zcrypt device nodes. The individual
zcrypt device nodes can be restricted in terms of crypto cards,
domains and available ioctls. Such a device node can be used as a
base for container solutions like docker to control and restrict
the access to crypto resources.
The handling is done with a new sysfs subdir /sys/class/zcrypt.
Echoing a name (or an empty sting) into the attribute "create" creates
a new zcrypt device node. In /sys/class/zcrypt a new link will appear
which points to the sysfs device tree of this new device. The
attribute files "ioctlmask", "apmask" and "aqmask" in this directory
are used to customize this new zcrypt device node instance. Finally
the zcrypt device node can be destroyed by echoing the name into
/sys/class/zcrypt/destroy. The internal structs holding the device
info are reference counted - so a destroy will not hard remove a
device but only marks it as removable when the reference counter drops
to zero.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
* Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
* Relative format - a concatenation (done with ',') of the
terms +<bitnr>[-<bitnr>] or -<bitnr>[-<bitnr>]. <bitnr> may be any
valid number (hex, decimal or octal) in the range 0...255. Here are
some examples:
"+0-15,+32,-128,-0xFF"
"-0-255,+1-16,+0x128"
"+1,+2,+3,+4,-5,-7-10"
A simple usage examples:
# create new zcrypt device 'my_zcrypt':
echo "my_zcrypt" >/sys/class/zcrypt/create
# go into the device dir of this new device
echo "my_zcrypt" >create
cd my_zcrypt/
ls -l
total 0
-rw-r--r-- 1 root root 4096 Jul 20 15:23 apmask
-rw-r--r-- 1 root root 4096 Jul 20 15:23 aqmask
-r--r--r-- 1 root root 4096 Jul 20 15:23 dev
-rw-r--r-- 1 root root 4096 Jul 20 15:23 ioctlmask
lrwxrwxrwx 1 root root 0 Jul 20 15:23 subsystem -> ../../../../class/zcrypt
...
# customize this zcrypt node clone
# enable only adapter 0 and 2
echo "0xa0" >apmask
# enable only domain 6
echo "+6" >aqmask
# enable all 256 ioctls
echo "+0-255" >ioctls
# now the /dev/my_zcrypt may be used
# finally destroy it
echo "my_zcrypt" >/sys/class/zcrypt/destroy
Please note that a very similar 'filtering behavior' also applies to
the parent z90crypt device. The two mask attributes apmask and aqmask
in /sys/bus/ap act the very same for the z90crypt device node. However
the implementation here is totally different as the ap bus acts on
bind/unbind of queue devices and associated drivers but the effect is
still the same. So there are two filters active for each additional
zcrypt device node: The adapter/domain needs to be enabled on the ap
bus level and it needs to be active on the zcrypt device node level.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-09-17 16:18:41 +02:00
|
|
|
ap_parse_mask_str(apm_str, ap_perms.apm, AP_DEVICES,
|
|
|
|
|
&ap_perms_mutex);
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
}
|
|
|
|
|
|
2018-08-20 15:27:45 +02:00
|
|
|
/* aqm kernel parameter string */
|
|
|
|
|
if (aqm_str) {
|
|
|
|
|
memset(&ap_perms.aqm, 0, sizeof(ap_perms.aqm));
|
s390/zcrypt: multiple zcrypt device nodes support
This patch is an extension to the zcrypt device driver to provide,
support and maintain multiple zcrypt device nodes. The individual
zcrypt device nodes can be restricted in terms of crypto cards,
domains and available ioctls. Such a device node can be used as a
base for container solutions like docker to control and restrict
the access to crypto resources.
The handling is done with a new sysfs subdir /sys/class/zcrypt.
Echoing a name (or an empty sting) into the attribute "create" creates
a new zcrypt device node. In /sys/class/zcrypt a new link will appear
which points to the sysfs device tree of this new device. The
attribute files "ioctlmask", "apmask" and "aqmask" in this directory
are used to customize this new zcrypt device node instance. Finally
the zcrypt device node can be destroyed by echoing the name into
/sys/class/zcrypt/destroy. The internal structs holding the device
info are reference counted - so a destroy will not hard remove a
device but only marks it as removable when the reference counter drops
to zero.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
* Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
* Relative format - a concatenation (done with ',') of the
terms +<bitnr>[-<bitnr>] or -<bitnr>[-<bitnr>]. <bitnr> may be any
valid number (hex, decimal or octal) in the range 0...255. Here are
some examples:
"+0-15,+32,-128,-0xFF"
"-0-255,+1-16,+0x128"
"+1,+2,+3,+4,-5,-7-10"
A simple usage examples:
# create new zcrypt device 'my_zcrypt':
echo "my_zcrypt" >/sys/class/zcrypt/create
# go into the device dir of this new device
echo "my_zcrypt" >create
cd my_zcrypt/
ls -l
total 0
-rw-r--r-- 1 root root 4096 Jul 20 15:23 apmask
-rw-r--r-- 1 root root 4096 Jul 20 15:23 aqmask
-r--r--r-- 1 root root 4096 Jul 20 15:23 dev
-rw-r--r-- 1 root root 4096 Jul 20 15:23 ioctlmask
lrwxrwxrwx 1 root root 0 Jul 20 15:23 subsystem -> ../../../../class/zcrypt
...
# customize this zcrypt node clone
# enable only adapter 0 and 2
echo "0xa0" >apmask
# enable only domain 6
echo "+6" >aqmask
# enable all 256 ioctls
echo "+0-255" >ioctls
# now the /dev/my_zcrypt may be used
# finally destroy it
echo "my_zcrypt" >/sys/class/zcrypt/destroy
Please note that a very similar 'filtering behavior' also applies to
the parent z90crypt device. The two mask attributes apmask and aqmask
in /sys/bus/ap act the very same for the z90crypt device node. However
the implementation here is totally different as the ap bus acts on
bind/unbind of queue devices and associated drivers but the effect is
still the same. So there are two filters active for each additional
zcrypt device node: The adapter/domain needs to be enabled on the ap
bus level and it needs to be active on the zcrypt device node level.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-09-17 16:18:41 +02:00
|
|
|
ap_parse_mask_str(aqm_str, ap_perms.aqm, AP_DOMAINS,
|
|
|
|
|
&ap_perms_mutex);
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2006-09-20 15:58:25 +02:00
|
|
|
/**
|
2008-04-17 07:46:28 +02:00
|
|
|
* ap_module_init(): The module initialization code.
|
|
|
|
|
*
|
|
|
|
|
* Initializes the module.
|
2006-09-20 15:58:25 +02:00
|
|
|
*/
|
2018-04-04 07:14:17 +02:00
|
|
|
static int __init ap_module_init(void)
|
2006-09-20 15:58:25 +02:00
|
|
|
{
|
2020-11-09 14:41:07 +01:00
|
|
|
int rc;
|
2006-09-20 15:58:25 +02:00
|
|
|
|
2016-11-24 06:45:21 +01:00
|
|
|
rc = ap_debug_init();
|
|
|
|
|
if (rc)
|
|
|
|
|
return rc;
|
|
|
|
|
|
2018-08-09 11:59:34 +02:00
|
|
|
if (!ap_instructions_available()) {
|
2015-06-26 16:55:35 +02:00
|
|
|
pr_warn("The hardware system does not support AP instructions\n");
|
|
|
|
|
return -ENODEV;
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-08 15:51:19 +02:00
|
|
|
/* init ap_queue hashtable */
|
|
|
|
|
hash_init(ap_queues);
|
|
|
|
|
|
s390/zcrypt: multiple zcrypt device nodes support
This patch is an extension to the zcrypt device driver to provide,
support and maintain multiple zcrypt device nodes. The individual
zcrypt device nodes can be restricted in terms of crypto cards,
domains and available ioctls. Such a device node can be used as a
base for container solutions like docker to control and restrict
the access to crypto resources.
The handling is done with a new sysfs subdir /sys/class/zcrypt.
Echoing a name (or an empty sting) into the attribute "create" creates
a new zcrypt device node. In /sys/class/zcrypt a new link will appear
which points to the sysfs device tree of this new device. The
attribute files "ioctlmask", "apmask" and "aqmask" in this directory
are used to customize this new zcrypt device node instance. Finally
the zcrypt device node can be destroyed by echoing the name into
/sys/class/zcrypt/destroy. The internal structs holding the device
info are reference counted - so a destroy will not hard remove a
device but only marks it as removable when the reference counter drops
to zero.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
* Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
* Relative format - a concatenation (done with ',') of the
terms +<bitnr>[-<bitnr>] or -<bitnr>[-<bitnr>]. <bitnr> may be any
valid number (hex, decimal or octal) in the range 0...255. Here are
some examples:
"+0-15,+32,-128,-0xFF"
"-0-255,+1-16,+0x128"
"+1,+2,+3,+4,-5,-7-10"
A simple usage examples:
# create new zcrypt device 'my_zcrypt':
echo "my_zcrypt" >/sys/class/zcrypt/create
# go into the device dir of this new device
echo "my_zcrypt" >create
cd my_zcrypt/
ls -l
total 0
-rw-r--r-- 1 root root 4096 Jul 20 15:23 apmask
-rw-r--r-- 1 root root 4096 Jul 20 15:23 aqmask
-r--r--r-- 1 root root 4096 Jul 20 15:23 dev
-rw-r--r-- 1 root root 4096 Jul 20 15:23 ioctlmask
lrwxrwxrwx 1 root root 0 Jul 20 15:23 subsystem -> ../../../../class/zcrypt
...
# customize this zcrypt node clone
# enable only adapter 0 and 2
echo "0xa0" >apmask
# enable only domain 6
echo "+6" >aqmask
# enable all 256 ioctls
echo "+0-255" >ioctls
# now the /dev/my_zcrypt may be used
# finally destroy it
echo "my_zcrypt" >/sys/class/zcrypt/destroy
Please note that a very similar 'filtering behavior' also applies to
the parent z90crypt device. The two mask attributes apmask and aqmask
in /sys/bus/ap act the very same for the z90crypt device node. However
the implementation here is totally different as the ap bus acts on
bind/unbind of queue devices and associated drivers but the effect is
still the same. So there are two filters active for each additional
zcrypt device node: The adapter/domain needs to be enabled on the ap
bus level and it needs to be active on the zcrypt device node level.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-09-17 16:18:41 +02:00
|
|
|
/* set up the AP permissions (ioctls, ap and aq masks) */
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
ap_perms_init();
|
|
|
|
|
|
2015-06-26 16:55:35 +02:00
|
|
|
/* Get AP configuration data if available */
|
2020-07-01 12:40:39 +02:00
|
|
|
ap_init_qci_info();
|
|
|
|
|
|
|
|
|
|
/* check default domain setting */
|
|
|
|
|
if (ap_domain_index < -1 || ap_domain_index > ap_max_domain_id ||
|
s390/zcrypt: AP bus support for alternate driver(s)
The current AP bus, AP devices and AP device drivers implementation
uses a clearly defined mapping for binding AP devices to AP device
drivers. So for example a CEX6C queue will always be bound to the
cex4queue device driver.
The Linux Device Driver model has no sensitivity for more than one
device driver eligible for one device type. If there exist more than
one drivers matching to the device type, simple all drivers are tried
consecutively. There is no way to determine and influence the probing
order of the drivers.
With KVM there is a need to provide additional device drivers matching
to the very same type of AP devices. With a simple implementation the
KVM drivers run in competition to the regular drivers. Whichever
'wins' a device depends on build order and implementation details
within the common Linux Device Driver Model and is not
deterministic. However, a userspace process could figure out which
device should be bound to which driver and sort out the correct
binding by manipulating attributes in the sysfs.
If for security reasons a AP device must not get bound to the 'wrong'
device driver the sorting out has to be done within the Linux kernel
by the AP bus code. This patch modifies the behavior of the AP bus
for probing drivers for devices in a way that two sets of drivers are
usable. Two new bitmasks 'apmask' and 'aqmask' are used to mark a
subset of the APQN range for 'usable by the ap bus and the default
drivers' or 'not usable by the default drivers and thus available for
alternate drivers like vfio-xxx'. So an APQN which is addressed by
this masking only the default drivers will be probed. In contrary an
APQN which is not addressed by the masks will never be probed and
bound to default drivers but onny to alternate drivers.
Eventually the two masks give a way to divide the range of APQNs into
two pools: one pool of APQNs used by the AP bus and the default
drivers and thus via zcrypt drivers available to the userspace of the
system. And another pool where no zcrypt drivers are bound to and
which can be used by alternate drivers (like vfio-xxx) for their
needs. This division is hot-plug save and makes sure a APQN assigned
to an alternate driver is at no time somehow exploitable by the wrong
party.
The two masks are located in sysfs at /sys/bus/ap/apmask and
/sys/bus/ap/aqmask. The mask syntax is exactly the same as the
already existing mask attributes in the /sys/bus/ap directory (for
example ap_usage_domain_mask and ap_control_domain_mask).
By default all APQNs belong to the ap bus and the default drivers:
cat /sys/bus/ap/apmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
cat /sys/bus/ap/aqmask
0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
The masks can be changed at boot time with the kernel command line
like this:
... ap.apmask=0xffff ap.aqmask=0x40
This would give these two pools:
default drivers pool: adapter 0 - 15, domain 1
alternate drivers pool: adapter 0 - 15, all but domain 1
adapter 16-255, all domains
The sysfs attributes for this two masks are writeable and an
administrator is able to reconfigure the assignements on the fly by
writing new mask values into. With changing the mask(s) a revision of
the existing queue to driver bindings is done. So all APQNs which are
bound to the 'wrong' driver are reprobed via kernel function
device_reprobe() and thus the new correct driver will be assigned with
respect of the changed apmask and aqmask bits.
The mask values are bitmaps in big endian order starting with bit 0.
So adapter number 0 is the leftmost bit, mask is 0x8000... The sysfs
attributes accept 2 different formats:
- Absolute hex string starting with 0x like "0x12345678" does set
the mask starting from left to right. If the given string is shorter
than the mask it is padded with 0s on the right. If the string is
longer than the mask an error comes back (EINVAL).
- '+' or '-' followed by a numerical value. Valid examples are "+1",
"-13", "+0x41", "-0xff" and even "+0" and "-0". Only the addressed
bit in the mask is switched on ('+') or off ('-').
This patch will also be the base for an upcoming extension to the
zcrypt drivers to be able to provide additional zcrypt device nodes
with filtering based on ap and aq masks.
Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
2018-07-20 08:36:53 +02:00
|
|
|
(ap_domain_index >= 0 &&
|
|
|
|
|
!test_bit_inv(ap_domain_index, ap_perms.aqm))) {
|
2015-06-26 16:55:35 +02:00
|
|
|
pr_warn("%d is not a valid cryptographic domain\n",
|
|
|
|
|
ap_domain_index);
|
2017-05-12 16:35:14 +02:00
|
|
|
ap_domain_index = -1;
|
2006-09-20 15:58:25 +02:00
|
|
|
}
|
2009-09-22 22:58:51 +02:00
|
|
|
|
2006-09-20 15:58:25 +02:00
|
|
|
/* Create /sys/bus/ap. */
|
|
|
|
|
rc = bus_register(&ap_bus_type);
|
|
|
|
|
if (rc)
|
2024-03-08 17:23:25 +01:00
|
|
|
goto out;
|
2006-09-20 15:58:25 +02:00
|
|
|
|
|
|
|
|
/* Create /sys/devices/ap. */
|
2008-12-15 12:58:29 +00:00
|
|
|
ap_root_device = root_device_register("ap");
|
2018-07-18 23:42:05 -05:00
|
|
|
rc = PTR_ERR_OR_ZERO(ap_root_device);
|
2006-09-20 15:58:25 +02:00
|
|
|
if (rc)
|
|
|
|
|
goto out_bus;
|
2020-08-31 10:16:26 +02:00
|
|
|
ap_root_device->bus = &ap_bus_type;
|
2006-09-20 15:58:25 +02:00
|
|
|
|
2024-03-08 17:23:25 +01:00
|
|
|
/* enable interrupts if available */
|
|
|
|
|
rc = ap_irq_init();
|
|
|
|
|
if (rc)
|
|
|
|
|
goto out_device;
|
|
|
|
|
|
2024-03-08 17:13:48 +01:00
|
|
|
/* Setup asynchronous work (timers, workqueue, etc). */
|
|
|
|
|
rc = ap_async_init();
|
|
|
|
|
if (rc)
|
2024-03-08 17:23:25 +01:00
|
|
|
goto out_irq;
|
2015-09-14 17:01:23 +02:00
|
|
|
|
2006-09-20 15:58:25 +02:00
|
|
|
return 0;
|
|
|
|
|
|
2024-03-08 17:23:25 +01:00
|
|
|
out_irq:
|
|
|
|
|
ap_irq_exit();
|
2024-03-08 17:13:48 +01:00
|
|
|
out_device:
|
2008-12-15 12:58:29 +00:00
|
|
|
root_device_unregister(ap_root_device);
|
2006-09-20 15:58:25 +02:00
|
|
|
out_bus:
|
|
|
|
|
bus_unregister(&ap_bus_type);
|
|
|
|
|
out:
|
2024-03-08 17:13:48 +01:00
|
|
|
ap_debug_exit();
|
2006-09-20 15:58:25 +02:00
|
|
|
return rc;
|
|
|
|
|
}
|
2024-02-19 18:10:19 +01:00
|
|
|
|
|
|
|
|
static void __exit ap_module_exit(void)
|
|
|
|
|
{
|
|
|
|
|
ap_async_exit();
|
|
|
|
|
ap_irq_exit();
|
|
|
|
|
root_device_unregister(ap_root_device);
|
|
|
|
|
bus_unregister(&ap_bus_type);
|
|
|
|
|
ap_debug_exit();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
module_init(ap_module_init);
|
|
|
|
|
module_exit(ap_module_exit);
|