| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 28 Jun 2017 09:09:52 -0700
From: Jacob Pan <jacob.jun.pan@...ux.intel.com>
To: Joerg Roedel <joro@...tes.org>
Cc: iommu@...ts.linux-foundation.org,
LKML <linux-kernel@...r.kernel.org>,
David Woodhouse <dwmw2@...radead.org>,
"Liu, Yi L" <yi.l.liu@...el.com>,
Lan Tianyu <tianyu.lan@...el.com>,
"Tian, Kevin" <kevin.tian@...el.com>,
Raj Ashok <ashok.raj@...el.com>,
Alex Williamson <alex.williamson@...hat.com>,
Jean Delvare <khali@...ux-fr.org>,
"Liu, Yi L" <yi.l.liu@...ux.intel.com>,
jacob.jun.pan@...ux.intel.com
Subject: Re: [PATCH 3/9] iommu: Introduce iommu do invalidate API function
On Wed, 28 Jun 2017 12:08:23 +0200
Joerg Roedel <joro@...tes.org> wrote:
> On Tue, Jun 27, 2017 at 12:47:57PM -0700, Jacob Pan wrote:
> > From: "Liu, Yi L" <yi.l.liu@...ux.intel.com>
> >
> > When a SVM capable device is assigned to a guest, the first level
> > page tables are owned by the guest and the guest PASID table
> > pointer is linked to the device context entry of the physical IOMMU.
> >
> > Host IOMMU driver has no knowledge of caching structure updates
> > unless the guest invalidation activities are passed down to the
> > host. The primary usage is derived from emulated IOMMU in the
> > guest, where QEMU can trap invalidation activities before pass them
> > down the host/physical IOMMU. There are IOMMU architectural
> > specific actions need to be taken which requires the generic APIs
> > introduced in this patch to have opaque data in the
> > tlb_invalidate_info argument.
>
> Which "IOMMU architectural specific actions" are you thinking of?
>
construction of queued invalidation descriptors, then submit them to
the IOMMU QI interface.
> > +int iommu_invalidate(struct iommu_domain *domain,
> > + struct device *dev, struct tlb_invalidate_info
> > *inv_info) +{
> > + int ret = 0;
> > +
> > + if (unlikely(!domain->ops->invalidate))
> > + return -ENODEV;
> > +
> > + ret = domain->ops->invalidate(domain, dev, inv_info);
> > +
> > + return ret;
> > +}
> > +EXPORT_SYMBOL_GPL(iommu_invalidate);
>
> [...]
>
> > +struct tlb_invalidate_info {
> > + __u32 model;
> > + __u32 length;
> > + __u8 opaque[];
> > +};
>
> This interface is aweful. It requires the user of a generic api to
> know details about the implementation behind to do anything useful.
>
> Please explain in more detail why this is needed. My feeling is that
> we can make this more generic with a small set of invalidation
> functions in the iommu-api.
>
My thinking was that via configuration control, there will be unlikely
any mixed IOMMU models between pIOMMU and vIOMMU. We could have just
model specific data pass through layers of SW (QEMU, VFIO) for
performance reasons. We do have an earlier hybrid version that has
generic data and opaque raw data. Would the below work for all IOMMU
models?
https://www.spinics.net/lists/kvm/msg148798.html
struct tlb_invalidate_info
{
__u32 model; /* Vendor number */
__u8 granularity
#define DEVICE_SELECTVIE_INV (1 << 0)
#define PAGE_SELECTIVE_INV (1 << 0)
#define PASID_SELECTIVE_INV (1 << 1)
__u32 pasid;
__u64 addr;
__u64 size;
/* Since IOMMU format has already been validated for this table,
the IOMMU driver knows that the following structure is in a
format it knows */
__u8 opaque[];
};
>
>
> Joerg
>
[Jacob Pan]
Powered by blists - more mailing lists