lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20220701214455.14992-3-nicolinc@nvidia.com>
Date:   Fri, 1 Jul 2022 14:44:52 -0700
From:   Nicolin Chen <nicolinc@...dia.com>
To:     <joro@...tes.org>, <will@...nel.org>, <marcan@...can.st>,
        <sven@...npeter.dev>, <robin.murphy@....com>,
        <robdclark@...il.com>, <baolu.lu@...ux.intel.com>,
        <orsonzhai@...il.com>, <baolin.wang7@...il.com>,
        <zhang.lyra@...il.com>, <jean-philippe@...aro.org>,
        <alex.williamson@...hat.com>, <jgg@...dia.com>,
        <kevin.tian@...el.com>
CC:     <suravee.suthikulpanit@....com>, <alyssa@...enzweig.io>,
        <dwmw2@...radead.org>, <mjrosato@...ux.ibm.com>,
        <gerald.schaefer@...ux.ibm.com>, <thierry.reding@...il.com>,
        <vdumpa@...dia.com>, <jonathanh@...dia.com>, <cohuck@...hat.com>,
        <thunder.leizhen@...wei.com>, <christophe.jaillet@...adoo.fr>,
        <chenxiang66@...ilicon.com>, <john.garry@...wei.com>,
        <yangyingliang@...wei.com>, <iommu@...ts.linux-foundation.org>,
        <iommu@...ts.linux.dev>, <linux-kernel@...r.kernel.org>,
        <linux-arm-kernel@...ts.infradead.org>,
        <linux-arm-msm@...r.kernel.org>, <linux-s390@...r.kernel.org>,
        <linux-tegra@...r.kernel.org>,
        <virtualization@...ts.linux-foundation.org>, <kvm@...r.kernel.org>
Subject: [PATCH v5 2/5] vfio/iommu_type1: Prefer to reuse domains vs match enforced cache coherency

From: Jason Gunthorpe <jgg@...dia.com>

The KVM mechanism for controlling wbinvd is based on OR of the coherency
property of all devices attached to a guest, no matter whether those
devices are attached to a single domain or multiple domains.

On the other hand, the benefit to using separate domains was that those
devices attached to domains supporting enforced cache coherency always
mapped with the attributes necessary to provide that feature, therefore
if a non-enforced domain was dropped, the associated group removal would
re-trigger an evaluation by KVM.

In practice however, the only known cases of such mixed domains included
an Intel IGD device behind an IOMMU lacking snoop control, where such
devices do not support hotplug, therefore this scenario lacks testing and
is not considered sufficiently relevant to support.

After all, KVM won't take advantage of trying to push a device that could
do enforced cache coherency to a dedicated domain vs re-using an existing
domain, which is non-coherent.

Simplify this code and eliminate the test. This removes the only logic
that needed to have a dummy domain attached prior to searching for a
matching domain and simplifies the next patches.

It's unclear whether we want to further optimize the Intel driver to
update the domain coherency after a device is detached from it, at
least not before KVM can be verified to handle such dynamics in related
emulation paths (wbinvd, vcpu load, write_cr0, ept, etc.). In reality
we don't see an usage requiring such optimization as the only device
which imposes such non-coherency is Intel GPU which even doesn't
support hotplug/hot remove.

Signed-off-by: Jason Gunthorpe <jgg@...dia.com>
Reviewed-by: Kevin Tian <kevin.tian@...el.com>
Reviewed-by: Lu Baolu <baolu.lu@...ux.intel.com>
Signed-off-by: Nicolin Chen <nicolinc@...dia.com>
---
 drivers/vfio/vfio_iommu_type1.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/drivers/vfio/vfio_iommu_type1.c b/drivers/vfio/vfio_iommu_type1.c
index c496b7d0b96f..7530f0d727e5 100644
--- a/drivers/vfio/vfio_iommu_type1.c
+++ b/drivers/vfio/vfio_iommu_type1.c
@@ -2288,9 +2288,7 @@ static int vfio_iommu_type1_attach_group(void *iommu_data,
 	 * testing if they're on the same bus_type.
 	 */
 	list_for_each_entry(d, &iommu->domain_list, next) {
-		if (d->domain->ops == domain->domain->ops &&
-		    d->enforce_cache_coherency ==
-			    domain->enforce_cache_coherency) {
+		if (d->domain->ops == domain->domain->ops) {
 			iommu_detach_group(domain->domain, group->iommu_group);
 			if (!iommu_attach_group(d->domain,
 						group->iommu_group)) {
-- 
2.17.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ