Re: [Qemu-devel] [PATCH v2 5/5] s390x/cpumodel: Set up CPU model for AP device support

[Pierre Morel]

On 07/03/2018 15:41, Cornelia Huck wrote:
> On Wed, 7 Mar 2018 11:09:46 +0100
> Pierre Morel <address@hidden> wrote:
>
> > What I mean is the reverse implication
> >
> > ECA_APIE => ap=on
> >
> > But you can have ap = on and ECA_APIE = off
> > This is interception or emulation.
> >
> > and the second thing is that we need two QEMU cpu features
> > AP : guest API to say we provide AP instructions to the guest (what ever
> > we do to provide it)
> > ECA_APIE : kernel will setup the SIE with interpretation
> >
> > other said:
> > if( !ap)
> >       return -ENODEVICE
> > if(ECA_API)
> >       set_interpretation()
> > else
> >       set_interception()
> This discussion is giving me a headache, so let's take a step back and
> figure out what is needed/wanted/possible.
>
> * straight passthrough of tuples, SIE doing the heavy lifting
>    -> what this patchset is doing, and should be fine, even regarding
>       nesting
>
> * remapping of tuples, SIE doing most of the work

Currently the SIE do not allow remapping.
Only interception can allow remapping.

> (IIRC it's possible
>    to only intercept for a subset of instructions?)

More than possible: some AP instructions, when existing, are always 
intercepted and some
other are intercepted based on a specific condition and on STFLE bits 
but for them
SIE Execution control bit is ignored.

However, we do not use these instructions in this patch series.

>    -> that's where it gets complicated, and IIUC we can't have any mixed
>       straight/remap setups, and we may have issues regarding nesting

We do not have issues regarding nesting, we can not nest
a guest doing SIE interpretation inside another doing interception.
It is an architectural design, not an issue.

To guaranty this, the architecture provide Effective Execution Control,
EEC.

The handling of ECA28 for guests execution is combined into a
single description, the EECA, when operating at guest level 2
the EECA.28 is the logical AND of the guest level 1 ECA.28 and the
guest level 2 ECA.28

When using vSIE we need to propagate this handling.

>    Question: How important is that use case? Can we drop it and make our
>    lives much easier?

AFAIK, and as long as my information is up to date, we can not close the 
door to interception.

In other word, we need to separate the CPU feature defining "if AP 
instructions are available"
from the QEMU property defining "How we provide the instructions".

ECA28 obviously belongs to the "how" and not to the "if".



> * full emulation (which would be the only option for tcg, obviously)
>    -> even if it were doable, I doubt it would be very useful
>    It would be great if we could have a design that would also
>    accommodate this (and I have rooted for that in the past), but the
>    more I hear about the issues here, the more I doubt whether this is
>    something we should spend time on.
>
> Another question: Can some of the use cases be serviced via
> virtio-crypto as well (clear key)? Would that in combination with
> straight passthrough be enough?

--
Pierre Morel
Linux/KVM/QEMU in Böblingen - Germany