lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Tue, 16 Jan 2024 03:03:42 +0000
From: "Duan, Zhenzhong" <zhenzhong.duan@...el.com>
To: "Liu, Yi L" <yi.l.liu@...el.com>, "joro@...tes.org" <joro@...tes.org>,
	"alex.williamson@...hat.com" <alex.williamson@...hat.com>, "jgg@...dia.com"
	<jgg@...dia.com>, "Tian, Kevin" <kevin.tian@...el.com>,
	"robin.murphy@....com" <robin.murphy@....com>, "baolu.lu@...ux.intel.com"
	<baolu.lu@...ux.intel.com>
CC: "cohuck@...hat.com" <cohuck@...hat.com>, "eric.auger@...hat.com"
	<eric.auger@...hat.com>, "nicolinc@...dia.com" <nicolinc@...dia.com>,
	"kvm@...r.kernel.org" <kvm@...r.kernel.org>, "mjrosato@...ux.ibm.com"
	<mjrosato@...ux.ibm.com>, "chao.p.peng@...ux.intel.com"
	<chao.p.peng@...ux.intel.com>, "yi.y.sun@...ux.intel.com"
	<yi.y.sun@...ux.intel.com>, "peterx@...hat.com" <peterx@...hat.com>,
	"jasowang@...hat.com" <jasowang@...hat.com>,
	"shameerali.kolothum.thodi@...wei.com"
	<shameerali.kolothum.thodi@...wei.com>, "lulu@...hat.com" <lulu@...hat.com>,
	"suravee.suthikulpanit@....com" <suravee.suthikulpanit@....com>,
	"iommu@...ts.linux.dev" <iommu@...ts.linux.dev>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"linux-kselftest@...r.kernel.org" <linux-kselftest@...r.kernel.org>,
	"joao.m.martins@...cle.com" <joao.m.martins@...cle.com>, "Zeng, Xin"
	<xin.zeng@...el.com>, "Zhao, Yan Y" <yan.y.zhao@...el.com>,
	"j.granados@...sung.com" <j.granados@...sung.com>,
	"binbin.wu@...ux.intel.com" <binbin.wu@...ux.intel.com>
Subject: RE: [PATCH v11 0/8] Add iommufd nesting (part 2/2)



>-----Original Message-----
>From: Liu, Yi L <yi.l.liu@...el.com>
>Subject: [PATCH v11 0/8] Add iommufd nesting (part 2/2)
>
>Nested translation is a hardware feature that is supported by many modern
>IOMMU hardwares. It has two stages (stage-1, stage-2) address translation
>to get access to the physical address. stage-1 translation table is owned
>by userspace (e.g. by a guest OS), while stage-2 is owned by kernel. Changes
>to stage-1 translation table should be followed by an IOTLB invalidation.
>
>Take Intel VT-d as an example, the stage-1 translation table is I/O page
>table. As the below diagram shows, guest I/O page table pointer in GPA
>(guest physical address) is passed to host and be used to perform the stage-
>1
>address translation. Along with it, modifications to present mappings in the
>guest I/O page table should be followed with an IOTLB invalidation.
>
>    .-------------.  .---------------------------.
>    |   vIOMMU    |  | Guest I/O page table      |
>    |             |  '---------------------------'
>    .----------------/
>    | PASID Entry |--- PASID cache flush --+
>    '-------------'                        |
>    |             |                        V
>    |             |           I/O page table pointer in GPA
>    '-------------'
>Guest
>------| Shadow |---------------------------|--------
>      v        v                           v
>Host
>    .-------------.  .------------------------.
>    |   pIOMMU    |  |  FS for GIOVA->GPA     |
>    |             |  '------------------------'
>    .----------------/  |
>    | PASID Entry |     V (Nested xlate)
>    '----------------\.----------------------------------.
>    |             |   | SS for GPA->HPA, unmanaged domain|
>    |             |   '----------------------------------'
>    '-------------'
>Where:
> - FS = First stage page tables
> - SS = Second stage page tables
><Intel VT-d Nested translation>
>
>This series is based on the first part which was merged [1], this series is to
>add the cache invalidation interface or the userspace to invalidate cache
>after
>modifying the stage-1 page table. This includes both the iommufd changes
>and the
>VT-d driver changes.
>
>Complete code can be found in [2], QEMU could can be found in [3].
>
>At last, this is a team work together with Nicolin Chen, Lu Baolu. Thanks
>them for the help. ^_^. Look forward to your feedbacks.
>
>[1] https://lore.kernel.org/linux-iommu/20231026044216.64964-1-
>yi.l.liu@...el.com/ - merged
>[2] https://github.com/yiliu1765/iommufd/tree/iommufd_nesting
>[3]
>https://github.com/yiliu1765/qemu/tree/zhenzhong/wip/iommufd_nesting
>_rfcv1

This series is tested with a real implementation of QEMU at
https://lists.gnu.org/archive/html/qemu-devel/2024-01/msg02740.html

May be late, but still

Tested-by: Zhenzhong Duan <zhenzhong.duan@...el.com>

Thanks
Zhenzhong

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ