lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20241107184655.GB539304@nvidia.com>
Date: Thu, 7 Nov 2024 14:46:55 -0400
From: Jason Gunthorpe <jgg@...dia.com>
To: Alexey Kardashevskiy <aik@....com>
Cc: Nicolin Chen <nicolinc@...dia.com>, kevin.tian@...el.com,
	corbet@....net, joro@...tes.org, suravee.suthikulpanit@....com,
	will@...nel.org, robin.murphy@....com, dwmw2@...radead.org,
	shuah@...nel.org, iommu@...ts.linux.dev, linux-doc@...r.kernel.org,
	linux-kernel@...r.kernel.org, linux-kselftest@...r.kernel.org,
	baolu.lu@...ux.intel.com, eric.auger@...hat.com,
	jean-philippe@...aro.org, mdf@...nel.org, mshavit@...gle.com,
	shameerali.kolothum.thodi@...wei.com, smostafa@...gle.com,
	yi.l.liu@...el.com, zhangfei.gao@...aro.org,
	patches@...ts.linux.dev
Subject: Re: [PATCH v6 05/13] iommufd/viommu: Add IOMMU_VIOMMU_ALLOC ioctl

On Thu, Nov 07, 2024 at 12:37:59PM +1100, Alexey Kardashevskiy wrote:
> > +	hwpt_paging = iommufd_get_hwpt_paging(ucmd, cmd->hwpt_id);
> > +	if (IS_ERR(hwpt_paging)) {
> > +		rc = PTR_ERR(hwpt_paging);
> > +		goto out_put_idev;
> > +	}
> > +
> > +	if (!hwpt_paging->nest_parent) {
> 
> 
> I am trying to use this for my so-called viommu which does not have this so
> this fails. My viommu is only visible to the VM via paravirt interface to
> populate sDTE (secure device table) so no viommu device in the guest or
> nested paging, nothing like this just yet.

The purpose of this is to define the translation underlying the
viommu and the VM.

If I understand AMD CC HW correctly, you still need to have a
translation to make the device work - so you should have a
nest_parent.

For AMD the nest_parent is simply a v1 domain and, with what is in
Joerg's tree the AMD driver can quickly be improved to support that
allocation option.

> Is there a writeup somewhere about possible uses of this
> IOMMU_HWPT_ALLOC_NEST_PARENT? I'd think one pass through device equals 1
> IOAS, 1 HWPT, 1 domain, 1 viommu, even with guest visible vIOMMU but it is
> not the case, is it?

It is intended for HW like AMD that requires selecting a special page
table format to be used on the hypervisor side. Ie select the v1 page
table format.

> btw is there a way to get a snapshot of all current objects in iommufd? They
> all use "dev_id" and not file descriptors so cannot look at /proc/><pid>/fd,
> and there is nothing in debugfs either.

Nothing has been done, a debugfs could be interesting

> For my current hack, I can pass IOMMU_HWPT_ALLOC_NEST_PARENT to QEMU's
> iommufd_backend_alloc_hwpt() but it is... meh. Thanks,

This is what I'd expect, yes. Qemu should be allocating domains that
are going to be used as part of advanced virtualization (viommu,
nesting, etc) using NEST_PARENT, AMD driver should accept this and
enforce the v1 format.

Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ