[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <161315658638.7320.9686203003395567745.stgit@gimli.home>
Date: Fri, 12 Feb 2021 12:27:19 -0700
From: Alex Williamson <alex.williamson@...hat.com>
To: alex.williamson@...hat.com
Cc: cohuck@...hat.com, kvm@...r.kernel.org,
linux-kernel@...r.kernel.org, jgg@...dia.com, peterx@...hat.com
Subject: [PATCH 0/3] vfio: Device memory DMA mapping improvements
This series intends to improve some long standing issues with mapping
device memory through the vfio IOMMU interface (ie. P2P DMA mappings).
Unlike mapping DMA to RAM, we can't pin device memory, nor is it
always accessible. We attempt to tackle this (predominantly the
first issue in this iteration) by creating a registration and
notification interface through vfio-core, between the IOMMU backend
and the bus driver. This allows us to do things like automatically
remove a DMA mapping to device if it's closed by the user. We also
keep references to the device container such that it remains isolated
while this mapping exists.
Unlike my previous attempt[1], this version works across containers.
For example if a user has device1 with IOMMU context in container1
and device2 in container2, a mapping of device2 memory into container1
IOMMU context would be removed when device2 is released.
What I don't tackle here is when device memory is disabled, such as
for a PCI device when the command register memory bit is cleared or
while the device is in reset. Ideally is seems like it might be
nice to have IOMMU API interfaces that could remove r/w permissions
from the IOTLB entry w/o removing it entirely, but I'm also unsure
of the ultimate value in modifying the IOTLB entries at this point.
In the PCI example again, I'd expect a DMA to disabled or unavailable
device memory to get an Unsupported Request response. If we play
with the IOTLB mapping, we might change this to an IOMMU fault for
either page permissions or page not present, depending on how we
choose to invalidate that entry. However, it seems that a system that
escalates an UR error to fatal, through things like firmware first
handling, is just as likely to also make the IOMMU fault fatal. Are
there cases where we expect otherwise, and if not is there value to
tracking device memory enable state to that extent in the IOMMU?
Jason, I'm also curious if this scratches your itch relative to your
suggestion to solve this with dma-bufs, and if that's still your
preference, I'd love an outline to accomplish this same with that
method.
Thanks,
Alex
[1]https://lore.kernel.org/kvm/158947414729.12590.4345248265094886807.stgit@gimli.home/
---
Alex Williamson (3):
vfio: Introduce vma ops registration and notifier
vfio/pci: Implement vm_ops registration
vfio/type1: Implement vma registration and restriction
drivers/vfio/pci/Kconfig | 1
drivers/vfio/pci/vfio_pci.c | 87 ++++++++++++++++
drivers/vfio/pci/vfio_pci_private.h | 1
drivers/vfio/vfio.c | 120 ++++++++++++++++++++++
drivers/vfio/vfio_iommu_type1.c | 192 ++++++++++++++++++++++++++++-------
include/linux/vfio.h | 20 ++++
6 files changed, 384 insertions(+), 37 deletions(-)
Powered by blists - more mailing lists