| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 15 Nov 2020 23:11:27 +0100
From: Thomas Gleixner <tglx@...utronix.de>
To: "Raj\, Ashok" <ashok.raj@...el.com>
Cc: Christoph Hellwig <hch@...radead.org>,
Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>,
"Tian\, Kevin" <kevin.tian@...el.com>,
Jason Gunthorpe <jgg@...dia.com>,
"Williams\, Dan J" <dan.j.williams@...el.com>,
"Jiang\, Dave" <dave.jiang@...el.com>,
Bjorn Helgaas <helgaas@...nel.org>,
"vkoul\@kernel.org" <vkoul@...nel.org>,
"Dey\, Megha" <megha.dey@...el.com>,
"maz\@kernel.org" <maz@...nel.org>,
"bhelgaas\@google.com" <bhelgaas@...gle.com>,
"alex.williamson\@redhat.com" <alex.williamson@...hat.com>,
"Pan\, Jacob jun" <jacob.jun.pan@...el.com>,
"Liu\, Yi L" <yi.l.liu@...el.com>,
"Lu\, Baolu" <baolu.lu@...el.com>,
"Kumar\, Sanjay K" <sanjay.k.kumar@...el.com>,
"Luck\, Tony" <tony.luck@...el.com>,
"kwankhede\@nvidia.com" <kwankhede@...dia.com>,
"eric.auger\@redhat.com" <eric.auger@...hat.com>,
"parav\@mellanox.com" <parav@...lanox.com>,
"rafael\@kernel.org" <rafael@...nel.org>,
"netanelg\@mellanox.com" <netanelg@...lanox.com>,
"shahafs\@mellanox.com" <shahafs@...lanox.com>,
"yan.y.zhao\@linux.intel.com" <yan.y.zhao@...ux.intel.com>,
"pbonzini\@redhat.com" <pbonzini@...hat.com>,
"Ortiz\, Samuel" <samuel.ortiz@...el.com>,
"Hossain\, Mona" <mona.hossain@...el.com>,
"dmaengine\@vger.kernel.org" <dmaengine@...r.kernel.org>,
"linux-kernel\@vger.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-pci\@vger.kernel.org" <linux-pci@...r.kernel.org>,
"kvm\@vger.kernel.org" <kvm@...r.kernel.org>,
Ashok Raj <ashok.raj@...el.com>
Subject: Re: [PATCH v4 06/17] PCI: add SIOV and IMS capability detection
On Sun, Nov 15 2020 at 11:31, Ashok Raj wrote:
> On Sun, Nov 15, 2020 at 12:26:22PM +0100, Thomas Gleixner wrote:
>> > opt-in by device or kernel? The way we are planning to support this is:
>> >
>> > Device support for IMS - Can discover in device specific means
>> > Kernel support for IMS. - Supported by IOMMU driver.
>>
>> And why exactly do we have to enforce IOMMU support? Please stop looking
>> at IMS purely from the IDXD perspective. We are talking about the
>> general concept here and not about the restricted Intel universe.
>
> I think you have mentioned it almost every reply :-)..Got that! Point taken
> several emails ago!! :-)
You sure? I _try_ to not mention it again then. No promise though. :)
> I didn't mean just for idxd, I said for *ANY* device driver that wants to
> use IMS.
Which is wrong. Again:
A) For PF/VF on bare metal there is absolutely no IOMMU dependency
because it does not have a PASID requirement. It's just an
alternative solution to MSI[X], which allows optimizations like
storing the message in driver manages queue memory or lifting the
restriction of 2048 interrupts per device. Nothing else.
B) For PF/VF in a guest the IOMMU dependency of IMS is a red herring.
There is no direct dependency on the IOMMU.
The problem is the inability of the VMM to trap the message write to
the IMS storage if the storage is in guest driver managed memory.
This can be solved with either
- a hypercall which translates the guest MSI message
or
- a vIOMMU which uses a hypercall or whatever to translate the guest
MSI message
C) Subdevices ala mdev are a different story. They require PASID which
enforces IOMMU and the IMS part is not managed by the users anyway.
So we have a couple of problems to solve:
1) Figure out whether the OS runs on bare metal
There is no reliable answer to that, so we either:
- Use heuristics and assume that failure is unlikely and in case
of failure blame the incompetence of VMM authors and/or
sysadmins
or
- Default to IMS disabled and let the sysadmin enable it via
command line option.
If the kernel detects to run in a VM it yells and disables it
unless the OS and the hypervisor agree to provide support for
that scenario (see #2).
That's fails as well if the sysadmin does so when the OS runs on
a VMM which is not identifiable, but at least we can rightfully
blame the sysadmin in that case.
or
- Declare that IMS always depends on IOMMU
I personaly don't care, but people working on these kind of
device already said, that they want to avoid it when possible.
If you want to go that route, then please talk to those folks
and ask them to agree in public.
You also need to take into account that this must work on all
architectures which support virtualization because IMS is
architecture independent.
2) Guest support for PF/VF
Again we have several scenarios depending on the IMS storage
type.
- If the storage type is device memory then it's pretty much the
same as MSI[X] just a different location.
- If the storage is in driver managed memory then this needs
#1 plus guest OS and hypervisor support (hypercall/vIOMMU)
3) Guest support for PF/VF and guest managed subdevice (mdev)
Depends on #1 and #2 and is an orthogonal problem if I'm not
missing something.
To move forward we need to make a decision about #1 and #2 now.
This needs to be well thought out as changing it after the fact is
going to be a nightmare.
/me grudgingly refrains from mentioning the obvious once more.
Thanks,
tglx
Powered by blists - more mailing lists