| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 20 Dec 2023 12:23:40 +0100
From: Joel Granados <j.granados@...sung.com>
To: Yi Liu <yi.l.liu@...el.com>
CC: <joro@...tes.org>, <alex.williamson@...hat.com>, <jgg@...dia.com>,
<kevin.tian@...el.com>, <robin.murphy@....com>, <baolu.lu@...ux.intel.com>,
<cohuck@...hat.com>, <eric.auger@...hat.com>, <nicolinc@...dia.com>,
<kvm@...r.kernel.org>, <mjrosato@...ux.ibm.com>,
<chao.p.peng@...ux.intel.com>, <yi.y.sun@...ux.intel.com>,
<peterx@...hat.com>, <jasowang@...hat.com>,
<shameerali.kolothum.thodi@...wei.com>, <lulu@...hat.com>,
<suravee.suthikulpanit@....com>, <iommu@...ts.linux.dev>,
<linux-kernel@...r.kernel.org>, <linux-kselftest@...r.kernel.org>,
<zhenzhong.duan@...el.com>, <joao.m.martins@...cle.com>,
<xin.zeng@...el.com>, <yan.y.zhao@...el.com>
Subject: Re: [PATCH v6 0/6] iommufd: Add nesting infrastructure (part 2/2)
On Tue, Dec 19, 2023 at 05:26:21PM +0800, Yi Liu wrote:
> On 2023/12/17 19:21, Joel Granados wrote:
> > Hey Yi
> >
> > I have been working with https://protect2.fireeye.com/v1/url?k=b58750ce-ea1c9eaa-b586db81-000babda0201-365207d33731a099&q=1&e=ee73b69d-5c35-49ef-9e62-2355fb797f21&u=https%3A%2F%2Fgithub.com%2Fyiliu1765%2Fqemu%2Ftree%2Fzhenzhong%2Fwip%2Fiommufd_nesting_rfcv1
>
> good to know about it.
>
> > and have some questions regarding one of the commits in that series.
> > I however cannot find it in lore.kernel.org. Can you please direct me to
> > where the rfc was posted? If it has not been posted yet, do you have an
> > alternate place for discussion?
>
> the qemu series has not been posted yet as kernel side is still changing.
> It still needs some time to be ready for public review. Zhenzhong Duan
> is going to post it when it's ready. If you have questions to discuss,
> you can post your questions to Zhenzhong and me first. I guess it may be
> fine to cc Alex Williamson, Eric Auger, Nicolin Chen, Cédric Le Goater,
> Kevin Tian, Jason Gunthorpe and qemu mail list as this is discussion
> something that is going to be posted in public.
Thx for getting back to me. I'll direct my questions to these
recipients.
Best
>
> >
> > Best
> >
> > On Fri, Nov 17, 2023 at 05:07:11AM -0800, Yi Liu wrote:
> > > Nested translation is a hardware feature that is supported by many modern
> > > IOMMU hardwares. It has two stages (stage-1, stage-2) address translation
> > > to get access to the physical address. stage-1 translation table is owned
> > > by userspace (e.g. by a guest OS), while stage-2 is owned by kernel. Changes
> > > to stage-1 translation table should be followed by an IOTLB invalidation.
> > >
> > > Take Intel VT-d as an example, the stage-1 translation table is I/O page
> > > table. As the below diagram shows, guest I/O page table pointer in GPA
> > > (guest physical address) is passed to host and be used to perform the stage-1
> > > address translation. Along with it, modifications to present mappings in the
> > > guest I/O page table should be followed with an IOTLB invalidation.
> > >
> > > .-------------. .---------------------------.
> > > | vIOMMU | | Guest I/O page table |
> > > | | '---------------------------'
> > > .----------------/
> > > | PASID Entry |--- PASID cache flush --+
> > > '-------------' |
> > > | | V
> > > | | I/O page table pointer in GPA
> > > '-------------'
> > > Guest
> > > ------| Shadow |---------------------------|--------
> > > v v v
> > > Host
> > > .-------------. .------------------------.
> > > | pIOMMU | | FS for GIOVA->GPA |
> > > | | '------------------------'
> > > .----------------/ |
> > > | PASID Entry | V (Nested xlate)
> > > '----------------\.----------------------------------.
> > > | | | SS for GPA->HPA, unmanaged domain|
> > > | | '----------------------------------'
> > > '-------------'
> > > Where:
> > > - FS = First stage page tables
> > > - SS = Second stage page tables
> > > <Intel VT-d Nested translation>
> > >
> > > This series adds the cache invalidation path for the userspace to invalidate
> > > cache after modifying the stage-1 page table. This is based on the first part
> > > of nesting [1]
> > >
> > > Complete code can be found in [2], QEMU could can be found in [3].
> > >
> > > At last, this is a team work together with Nicolin Chen, Lu Baolu. Thanks
> > > them for the help. ^_^. Look forward to your feedbacks.
> > >
> > > [1] https://lore.kernel.org/linux-iommu/20231026044216.64964-1-yi.l.liu@intel.com/ - merged
> > > [2] https://protect2.fireeye.com/v1/url?k=38b56f01-672ea165-38b4e44e-000babda0201-469ae350f21411ca&q=1&e=ee73b69d-5c35-49ef-9e62-2355fb797f21&u=https%3A%2F%2Fgithub.com%2Fyiliu1765%2Fiommufd%2Ftree%2Fiommufd_nesting
> > > [3] https://protect2.fireeye.com/v1/url?k=d6e01ed1-897bd0b5-d6e1959e-000babda0201-bcf2b26a8dc8b34d&q=1&e=ee73b69d-5c35-49ef-9e62-2355fb797f21&u=https%3A%2F%2Fgithub.com%2Fyiliu1765%2Fqemu%2Ftree%2Fzhenzhong%2Fwip%2Fiommufd_nesting_rfcv1
> > >
> > > Change log:
> > >
> > > v6:
> > > - No much change, just rebase on top of 6.7-rc1 as part 1/2 is merged
> > >
> > > v5: https://lore.kernel.org/linux-iommu/20231020092426.13907-1-yi.l.liu@intel.com/#t
> > > - Split the iommufd nesting series into two parts of alloc_user and
> > > invalidation (Jason)
> > > - Split IOMMUFD_OBJ_HW_PAGETABLE to IOMMUFD_OBJ_HWPT_PAGING/_NESTED, and
> > > do the same with the structures/alloc()/abort()/destroy(). Reworked the
> > > selftest accordingly too. (Jason)
> > > - Move hwpt/data_type into struct iommu_user_data from standalone op
> > > arguments. (Jason)
> > > - Rename hwpt_type to be data_type, the HWPT_TYPE to be HWPT_ALLOC_DATA,
> > > _TYPE_DEFAULT to be _ALLOC_DATA_NONE (Jason, Kevin)
> > > - Rename iommu_copy_user_data() to iommu_copy_struct_from_user() (Kevin)
> > > - Add macro to the iommu_copy_struct_from_user() to calculate min_size
> > > (Jason)
> > > - Fix two bugs spotted by ZhaoYan
> > >
> > > v4: https://lore.kernel.org/linux-iommu/20230921075138.124099-1-yi.l.liu@intel.com/
> > > - Separate HWPT alloc/destroy/abort functions between user-managed HWPTs
> > > and kernel-managed HWPTs
> > > - Rework invalidate uAPI to be a multi-request array-based design
> > > - Add a struct iommu_user_data_array and a helper for driver to sanitize
> > > and copy the entry data from user space invalidation array
> > > - Add a patch fixing TEST_LENGTH() in selftest program
> > > - Drop IOMMU_RESV_IOVA_RANGES patches
> > > - Update kdoc and inline comments
> > > - Drop the code to add IOMMU_RESV_SW_MSI to kernel-managed HWPT in nested translation,
> > > this does not change the rule that resv regions should only be added to the
> > > kernel-managed HWPT. The IOMMU_RESV_SW_MSI stuff will be added in later series
> > > as it is needed only by SMMU so far.
> > >
> > > v3: https://lore.kernel.org/linux-iommu/20230724110406.107212-1-yi.l.liu@intel.com/
> > > - Add new uAPI things in alphabetical order
> > > - Pass in "enum iommu_hwpt_type hwpt_type" to op->domain_alloc_user for
> > > sanity, replacing the previous op->domain_alloc_user_data_len solution
> > > - Return ERR_PTR from domain_alloc_user instead of NULL
> > > - Only add IOMMU_RESV_SW_MSI to kernel-managed HWPT in nested translation (Kevin)
> > > - Add IOMMU_RESV_IOVA_RANGES to report resv iova ranges to userspace hence
> > > userspace is able to exclude the ranges in the stage-1 HWPT (e.g. guest I/O
> > > page table). (Kevin)
> > > - Add selftest coverage for the new IOMMU_RESV_IOVA_RANGES ioctl
> > > - Minor changes per Kevin's inputs
> > >
> > > v2: https://lore.kernel.org/linux-iommu/20230511143844.22693-1-yi.l.liu@intel.com/
> > > - Add union iommu_domain_user_data to include all user data structures to avoid
> > > passing void * in kernel APIs.
> > > - Add iommu op to return user data length for user domain allocation
> > > - Rename struct iommu_hwpt_alloc::data_type to be hwpt_type
> > > - Store the invalidation data length in iommu_domain_ops::cache_invalidate_user_data_len
> > > - Convert cache_invalidate_user op to be int instead of void
> > > - Remove @data_type in struct iommu_hwpt_invalidate
> > > - Remove out_hwpt_type_bitmap in struct iommu_hw_info hence drop patch 08 of v1
> > >
> > > v1: https://lore.kernel.org/linux-iommu/20230309080910.607396-1-yi.l.liu@intel.com/
> > >
> > > Thanks,
> > > Yi Liu
> > >
> > > Lu Baolu (1):
> > > iommu: Add cache_invalidate_user op
> > >
> > > Nicolin Chen (4):
> > > iommu: Add iommu_copy_struct_from_user_array helper
> > > iommufd/selftest: Add mock_domain_cache_invalidate_user support
> > > iommufd/selftest: Add IOMMU_TEST_OP_MD_CHECK_IOTLB test op
> > > iommufd/selftest: Add coverage for IOMMU_HWPT_INVALIDATE ioctl
> > >
> > > Yi Liu (1):
> > > iommufd: Add IOMMU_HWPT_INVALIDATE
> > >
> > > drivers/iommu/iommufd/hw_pagetable.c | 35 ++++++++
> > > drivers/iommu/iommufd/iommufd_private.h | 9 ++
> > > drivers/iommu/iommufd/iommufd_test.h | 22 +++++
> > > drivers/iommu/iommufd/main.c | 3 +
> > > drivers/iommu/iommufd/selftest.c | 69 +++++++++++++++
> > > include/linux/iommu.h | 84 +++++++++++++++++++
> > > include/uapi/linux/iommufd.h | 35 ++++++++
> > > tools/testing/selftests/iommu/iommufd.c | 75 +++++++++++++++++
> > > tools/testing/selftests/iommu/iommufd_utils.h | 63 ++++++++++++++
> > > 9 files changed, 395 insertions(+)
> > >
> > > --
> > > 2.34.1
> > >
> >
>
> --
> Regards,
> Yi Liu
--
Joel Granados
Download attachment "signature.asc" of type "application/pgp-signature" (660 bytes)
Powered by blists - more mailing lists