lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 13 Jul 2017 01:07:03 +0300
From:   "Michael S. Tsirkin" <mst@...hat.com>
To:     Will Deacon <will.deacon@....com>
Cc:     Eric Auger <eric.auger@...hat.com>, eric.auger.pro@...il.com,
        iommu@...ts.linux-foundation.org, linux-kernel@...r.kernel.org,
        robin.murphy@....com, Jean-Philippe.Brucker@....com,
        christoffer.dall@...aro.org, Marc.Zyngier@....com,
        alex.williamson@...hat.com, peterx@...hat.com
Subject: Re: [RFC 0/2] arm-smmu-v3 tlbi-on-map option

On Wed, Jul 12, 2017 at 06:54:56PM +0100, Will Deacon wrote:
> Hi Eric,
> 
> On Sun, Jul 09, 2017 at 05:15:01PM +0200, Eric Auger wrote:
> > This series adds a new tlbi-on-map option to the smmuv3 driver.
> > When set, the IO_PGTABLE_QUIRK_TLBI_ON_MAP quirk is applied for 
> > LPAE tables and the smmuv3 driver sends TLB invalidations on map.
> > 
> > This mode is useful when running the driver on a guest as it allows
> > the virtualizer to trap any change to the translation structures.
> > This is similar to the Intel vtd caching mode (CM).
> > 
> > This is especially needed for VFIO integration integration where
> > guest mappings must be applied to the physical IOMMU.
> > 
> > At the moment the option only is available for DT probing.
> 
> I'm really not a fan of this approach. If a virtual IOMMU implementation is
> advertising itself as an SMMUv3, then it should adhere to the SMMUv3
> architecture and not require non-standard behaviour from the driver.

You can also just enable e.g. building existing intel VTD code on ARM,
that emulation is already there.

> If
> we're going to allow that, then we're better off going the extra mile and
> using a PV approach. Given that the the SMMU3 architecture does *not*
> require TLBI on map, then I don't think we should be quirking our behaviour
> in this way. 

I think using hardware support for nesting is the right final
solution. It will take some time though. Given this, what should
we do meanwhile?

Assuming that's the final destination, a simple quirk like this
seems to be preferable to virtio-iommu which we'll never be
able to offload to hardware.

>The fact that you only have this implemented for DT is the
> canary in the coal mine imo.
> 
> Will

As to the last point, I agree absolutely. Need to support ACPI
as well or nothing. It would be nicer IMHO to get it from some
kind of device register, assuming ARM can promise to reserve
some bits for hypervisors to play with.

-- 
MST

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ