lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230621235508.113949-1-suravee.suthikulpanit@amd.com>
Date:   Wed, 21 Jun 2023 18:54:47 -0500
From:   Suravee Suthikulpanit <suravee.suthikulpanit@....com>
To:     <linux-kernel@...r.kernel.org>, <iommu@...ts.linux.dev>,
        <kvm@...r.kernel.org>
CC:     <joro@...tes.org>, <robin.murphy@....com>, <yi.l.liu@...el.com>,
        <alex.williamson@...hat.com>, <jgg@...dia.com>,
        <nicolinc@...dia.com>, <baolu.lu@...ux.intel.com>,
        <eric.auger@...hat.com>, <pandoh@...gle.com>,
        <kumaranand@...gle.com>, <jon.grimm@....com>,
        <santosh.shukla@....com>, <vasant.hegde@....com>,
        <jay.chen@....com>, <joseph.chung@....com>,
        "Suravee Suthikulpanit" <suravee.suthikulpanit@....com>
Subject: [RFC PATCH 00/21] iommu/amd: Introduce support for HW accelerated vIOMMU w/ nested page table

OVERVIEW
--------
AMD IOMMU Hardware Accelerated Virtualized IOMMU (HW-vIOMMU) feature
provides partial hardware acceleration for implementing guest IOMMUs.
When the feature is  enabled, the following components are virtualized:
  * Guest Command Buffer
  * Guest Event Log (work-in-progress)
  * Guest PPR Log (work-in-progress))

In addition, this feature can be used in combination with nested IOMMU page
tables to accelerated address translation from GIOVA to GPA. In this case,
the host page table (a.k.a stage2 or v1) is managed by the hypervisor
(i.e. KVM/VFIO) and the guest page table (a.k.a stage1 or v2) is managed
by the guest IOMMU driver (e.g. when booting guest kernel with
amd_iommu=pgtable_v2 mode).

Since the IOMMU hardware virtualizes the guest command buffer, this allows
IOMMU operations to be accelerated such as invalidation of guest pages
(i.e. stage1) when the command is issued by the guest kernel without
intervention from the hypervisor.

This series is implemented on top of the IOMMUFD framework. It leverages
the exisiting APIs and ioctls for providing guest iommu information
(i.e. struct iommu_hw_info_amd), and allowing guest to provide guest page
table information (i.e. struct iommu_hwpt_amd_v2) for setting up user
domain.

Please see the [4],[5], and [6] for more detail on the AMD HW-vIOMMU.

NOTES
-----
This series is organized into two parts:
  * Part1: Preparing IOMMU driver for HW-vIOMMU support (Patch 1-8).

  * Part2: Introducing HW-vIOMMU support (Patch 9-21).

  * Patch 12 and 21 extends the existing IOMMUFD ioctls to support
    additional opterations, which can be categorized into:
    - Ioctls to init/destroy AMD HW-vIOMMU instance
    - Ioctls to attach/detach guest devices to the AMD HW-vIOMMU instance.
    - Ioctls to attach/detach guest domains to the AMD HW-vIOMMU instance.
    - Ioctls to trap certain AMD HW-vIOMMU MMIO register accesses.
    - Ioctls to trap AMD HW-vIOMMU command buffer initialization.
 
    Since these are specific to AMD HW-vIOMMU implementation but still
    want to leverage /dev/iommu, they are separated from existing VFIO-related
    ioctls.

  * Initial revision only supports 1 pasid in the guest (i.e. pasid 0).
    Multiple pasids support will be added in subsequent revision.

GITHUB
------
* Working Linux kernel prototype of this series [1] is based on [3].
* This sereis is tested with QEMU [2] (work-in-progress)

REFERENCES
----------
[1] Linux Github branch for this series
    https://github.com/AMDESE/linux/tree/wip/iommufd_nesting-06192023-yi_amd_viommu_20230621

[2] QEMU Github branch to be used for testing this series.
    https://github.com/AMDESE/qemu/tree/wip/iommufd_rfcv4.mig.reset.v4_var3%2Bnesting_amd_viommu_202300621

[3] Base Github branch from Yi Lui.
    https://github.com/yiliu1765/iommufd/tree/wip/iommufd_nesting-06192023-yi

[4] AMD IOMMU Specification
    https://www.amd.com/system/files/TechDocs/48882_3.07_PUB.pdf

[5] KVM Forum 2020 Presentation
    https://tinyurl.com/2p8b543c

[6] KVM Forum 2021 Presentation
    https://tinyurl.com/49sy42ry

Thank you,
Suravee Suthikulpanit

Suravee Suthikulpanit (21):
  iommu/amd: Declare helper functions as extern
  iommu/amd: Clean up spacing in amd_iommu_ops declaration
  iommu/amd: Update PASID, GATS, and GLX feature related macros
  iommu/amd: Modify domain_enable_v2() to add giov parameter
  iommu/amd: Refactor set_dte_entry() helper function
  iommu/amd: Modify set_dte_entry() to add gcr3 input parameter
  iommu/amd: Modify set_dte_entry() to add user domain input parameter
  iommu/amd: Allow nested IOMMU page tables
  iommu/amd: Add support for hw_info for iommu capability query
  iommu/amd: Introduce vIOMMU-specific events and event info
  iommu/amd: Introduce Reset vMMIO Command
  iommu/amd: Introduce AMD vIOMMU-specific UAPI
  iommu/amd: Introduce vIOMMU command-line option
  iommu/amd: Initialize vIOMMU private address space regions
  iommu/amd: Introduce vIOMMU vminit and vmdestroy ioctl
  iommu/amd: Introduce vIOMMU ioctl for updating device mapping table
  iommu/amd: Introduce vIOMMU ioctl for updating domain mapping
  iommu/amd: Introduce vIOMMU ioctl for handling guest MMIO accesses
  iommu/amd: Introduce vIOMMU ioctl for handling command buffer mapping
  iommu/amd: Introduce vIOMMU ioctl for setting up guest CR3
  iommufd: Introduce AMD HW-vIOMMU IOCTL

 drivers/iommu/amd/Makefile          |    2 +-
 drivers/iommu/amd/amd_iommu.h       |   40 +-
 drivers/iommu/amd/amd_iommu_types.h |   62 +-
 drivers/iommu/amd/amd_viommu.h      |   57 ++
 drivers/iommu/amd/init.c            |   29 +-
 drivers/iommu/amd/io_pgtable.c      |   18 +-
 drivers/iommu/amd/iommu.c           |  370 +++++++--
 drivers/iommu/amd/iommu_v2.c        |    2 +-
 drivers/iommu/amd/viommu.c          | 1110 +++++++++++++++++++++++++++
 drivers/iommu/iommufd/Makefile      |    3 +-
 drivers/iommu/iommufd/amd_viommu.c  |  158 ++++
 drivers/iommu/iommufd/main.c        |   17 +-
 include/linux/amd-viommu.h          |   26 +
 include/linux/iommu.h               |    1 +
 include/linux/iommufd.h             |    8 +
 include/uapi/linux/amd_viommu.h     |  145 ++++
 include/uapi/linux/iommufd.h        |   31 +
 17 files changed, 1964 insertions(+), 115 deletions(-)
 create mode 100644 drivers/iommu/amd/amd_viommu.h
 create mode 100644 drivers/iommu/amd/viommu.c
 create mode 100644 drivers/iommu/iommufd/amd_viommu.c
 create mode 100644 include/linux/amd-viommu.h
 create mode 100644 include/uapi/linux/amd_viommu.h

-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ