| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZvcZFDqu6Xf5P0Xr@Asurada-Nvidia> Date: Fri, 27 Sep 2024 13:44:04 -0700 From: Nicolin Chen <nicolinc@...dia.com> To: Yi Liu <yi.l.liu@...el.com> CC: <jgg@...dia.com>, <kevin.tian@...el.com>, <will@...nel.org>, <joro@...tes.org>, <suravee.suthikulpanit@....com>, <robin.murphy@....com>, <dwmw2@...radead.org>, <baolu.lu@...ux.intel.com>, <shuah@...nel.org>, <linux-kernel@...r.kernel.org>, <iommu@...ts.linux.dev>, <linux-arm-kernel@...ts.infradead.org>, <linux-kselftest@...r.kernel.org>, <eric.auger@...hat.com>, <jean-philippe@...aro.org>, <mdf@...nel.org>, <mshavit@...gle.com>, <shameerali.kolothum.thodi@...wei.com>, <smostafa@...gle.com> Subject: Re: [PATCH v2 00/19] iommufd: Add VIOMMU infrastructure (Part-1) On Fri, Sep 27, 2024 at 08:12:20PM +0800, Yi Liu wrote: > On 2024/9/27 14:32, Nicolin Chen wrote: > > On Fri, Sep 27, 2024 at 01:54:45PM +0800, Yi Liu wrote: > > > > > > Baolu told me that Intel may have the same: different domain IDs > > > > > > on different IOMMUs; multiple IOMMU instances on one chip: > > > > > > https://lore.kernel.org/linux-iommu/cf4fe15c-8bcb-4132-a1fd-b2c8ddf2731b@linux.intel.com/ > > > > > > So, I think we are having the same situation here. > > > > > > > > > > yes, it's called iommu unit or dmar. A typical Intel server can have > > > > > multiple iommu units. But like Baolu mentioned in that thread, the intel > > > > > iommu driver maintains separate domain ID spaces for iommu units, which > > > > > means a given iommu domain has different DIDs when associated with > > > > > different iommu units. So intel side is not suffering from this so far. > > > > > > > > An ARM SMMU has its own VMID pool as well. The suffering comes > > > > from associating VMIDs to one shared parent S2 domain. > > > > > > Is this because of the VMID is tied with a S2 domain? > > > > On ARM, yes. VMID is a part of S2 domain stuff. > > > > > > Does a DID per S1 nested domain or parent S2? If it is per S2, > > > > I think the same suffering applies when we share the S2 across > > > > IOMMU instances? > > > > > > per S1 I think. The iotlb efficiency is low as S2 caches would be > > > tagged with different DIDs even the page table is the same. :) > > > > On ARM, the stage-1 is tagged with an ASID (Address Space ID) > > while the stage-2 is tagged with a VMID. Then an invalidation > > for a nested S1 domain must require the VMID from the S2. The > > ASID may be also required if the invalidation is specific to > > that address space (otherwise, broadcast per VMID.) > Looks like the nested s1 caches are tagged with both ASID and VMID. Yea, my understanding is similar. If both stages are enabled for a nested translation, VMID is tagged for S1 cache too. > > I feel these two might act somehow similarly to the two DIDs > > during nested translations? > > not quite the same. Is it possible that the ASID is the same for stage-1? > Intel VT-d side can have the pasid to be the same. Like the gIOVA, all > devices use the same ridpasid. Like the scenario I replied to Baolu[1], > do er choose to use different DIDs to differentiate the caches for the > two devices. On ARM, each S1 domain (either a normal stage-1 PASID=0 domain or an SVA PASID>0 domain) has a unique ASID. So it unlikely has the situation of two identical ASIDs if they are on the same vIOMMU, because the ASID pool is per IOMMU instance (whether p or v). With two vIOMMU instances, there might be the same ASIDs but they will be tagged with different VMIDs. > [1] > https://lore.kernel.org/linux-iommu/4bc9bd20-5aae-440d-84fd-f530d0747c23@intel.com/ Is "gIOVA" a type of invalidation that only uses "address" out of "PASID, DID and address"? I.e. PASID and DID are not provided via the invalidation request, so it's going to broadcast all viommus? Thanks Nicolin
Powered by blists - more mailing lists