Re: [PATCH v9 07/22] KVM: s390: refactor crypto initialization

From: Tony Krowiak
Date: Tue Aug 21 2018 - 09:29:21 EST

On 08/20/2018 04:41 PM, David Hildenbrand wrote:
+ if (test_kvm_cpu_feat(vcpu->kvm, KVM_S390_VM_CPU_FEAT_AP))
+ vcpu->arch.sie_block->eca |= ECA_APIE;
- vcpu->arch.sie_block->crycbd = vcpu->kvm->arch.crypto.crycbd;
+ /* If MSAX3 is installed on the guest, set up protected key support */
+ if (test_kvm_facility(vcpu->kvm, 76)) {
+ if (vcpu->kvm->arch.crypto.aes_kw)
+ vcpu->arch.sie_block->ecb3 |= ECB3_AES;
+ if (vcpu->kvm->arch.crypto.dea_kw)
+ vcpu->arch.sie_block->ecb3 |= ECB3_DEA;
+ }
As the feature can never change, and aes_kw/dea_kw are only set to 1 in
case we have test_kvm_facility(vcpu->kvm, 76), this change is not needed.

I think this function can be pretty much left alone. Just add the
KVM_S390_VM_CPU_FEAT_AP handling.
I disagree, what about the case where the KVM_S390_VM_CPU_FEAT_AP is
configured for the guest but the MSAX3 facility (76) is not?
Then aes_kw/dea_kw can never be set.

kvm_s390_vm_set_crypto() and kvm_s390_crypto_init() correctly test for
facility 76.

Or am I missing a case?

I stand corrected, you are right. I'll remove the test.

void kvm_s390_vcpu_unsetup_cmma(struct kvm_vcpu *vcpu)