| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 1 Jun 2021 06:16:10 +0000
From: "Tian, Kevin" <kevin.tian@...el.com>
To: Jason Wang <jasowang@...hat.com>,
Lu Baolu <baolu.lu@...ux.intel.com>,
Liu Yi L <yi.l.liu@...ux.intel.com>
CC: "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
Jonathan Corbet <corbet@....net>,
"iommu@...ts.linux-foundation.org" <iommu@...ts.linux-foundation.org>,
LKML <linux-kernel@...r.kernel.org>,
"Alex Williamson (alex.williamson@...hat.com)\"\""
<alex.williamson@...hat.com>, Jason Gunthorpe <jgg@...dia.com>,
"David Woodhouse" <dwmw2@...radead.org>
Subject: RE: [RFC] /dev/ioasid uAPI proposal
> From: Jason Wang
> Sent: Tuesday, June 1, 2021 2:07 PM
>
> 在 2021/6/1 下午1:42, Tian, Kevin 写道:
> >> From: Jason Wang
> >> Sent: Tuesday, June 1, 2021 1:30 PM
> >>
> >> 在 2021/6/1 下午1:23, Lu Baolu 写道:
> >>> Hi Jason W,
> >>>
> >>> On 6/1/21 1:08 PM, Jason Wang wrote:
> >>>>>> 2) If yes, what's the reason for not simply use the fd opened from
> >>>>>> /dev/ioas. (This is the question that is not answered) and what
> >>>>>> happens
> >>>>>> if we call GET_INFO for the ioasid_fd?
> >>>>>> 3) If not, how GET_INFO work?
> >>>>> oh, missed this question in prior reply. Personally, no special reason
> >>>>> yet. But using ID may give us opportunity to customize the
> management
> >>>>> of the handle. For one, better lookup efficiency by using xarray to
> >>>>> store the allocated IDs. For two, could categorize the allocated IDs
> >>>>> (parent or nested). GET_INFO just works with an input FD and an ID.
> >>>>
> >>>> I'm not sure I get this, for nesting cases you can still make the
> >>>> child an fd.
> >>>>
> >>>> And a question still, under what case we need to create multiple
> >>>> ioasids on a single ioasid fd?
> >>> One possible situation where multiple IOASIDs per FD could be used is
> >>> that devices with different underlying IOMMU capabilities are sharing a
> >>> single FD. In this case, only devices with consistent underlying IOMMU
> >>> capabilities could be put in an IOASID and multiple IOASIDs per FD could
> >>> be applied.
> >>>
> >>> Though, I still not sure about "multiple IOASID per-FD" vs "multiple
> >>> IOASID FDs" for such case.
> >>
> >> Right, that's exactly my question. The latter seems much more easier to
> >> be understood and implemented.
> >>
> > A simple reason discussed in previous thread - there could be 1M's
> > I/O address spaces per device while #FD's are precious resource.
>
>
> Is the concern for ulimit or performance? Note that we had
>
> #define NR_OPEN_MAX ~0U
>
> And with the fd semantic, you can do a lot of other stuffs: close on
> exec, passing via SCM_RIGHTS.
yes, fd has its merits.
>
> For the case of 1M, I would like to know what's the use case for a
> single process to handle 1M+ address spaces?
This single process is Qemu with an assigned device. Within the guest
there could be many guest processes. Though in reality I didn't see
such 1M processes on a single device, better not restrict it in uAPI?
>
>
> > So this RFC treats fd as a container of address spaces which is each
> > tagged by an IOASID.
>
>
> If the container and address space is 1:1 then the container seems useless.
>
yes, 1:1 then container is useless. But here it's assumed 1:M then
even a single fd is sufficient for all intended usages.
Thanks
Kevin
Powered by blists - more mailing lists