| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250731165757.GZ26511@ziepe.ca> Date: Thu, 31 Jul 2025 13:57:57 -0300 From: Jason Gunthorpe <jgg@...pe.ca> To: Mostafa Saleh <smostafa@...gle.com> Cc: linux-kernel@...r.kernel.org, kvmarm@...ts.linux.dev, linux-arm-kernel@...ts.infradead.org, iommu@...ts.linux.dev, maz@...nel.org, oliver.upton@...ux.dev, joey.gouly@....com, suzuki.poulose@....com, yuzenghui@...wei.com, catalin.marinas@....com, will@...nel.org, robin.murphy@....com, jean-philippe@...aro.org, qperret@...gle.com, tabba@...gle.com, mark.rutland@....com, praan@...gle.com Subject: Re: [PATCH v3 29/29] iommu/arm-smmu-v3-kvm: Add IOMMU ops On Thu, Jul 31, 2025 at 02:17:17PM +0000, Mostafa Saleh wrote: > On Wed, Jul 30, 2025 at 01:47:52PM -0300, Jason Gunthorpe wrote: > > On Wed, Jul 30, 2025 at 03:07:14PM +0000, Mostafa Saleh wrote: > > > On Wed, Jul 30, 2025 at 11:42:53AM -0300, Jason Gunthorpe wrote: > > > > On Mon, Jul 28, 2025 at 05:53:16PM +0000, Mostafa Saleh wrote: > > > > > Register the SMMUv3 through IOMMU ops, that only support identity > > > > > domains. This allows the driver to know which device are currently used > > > > > to properly enable/disable then. > > > > > > > > > > Signed-off-by: Mostafa Saleh <smostafa@...gle.com> > > > > > --- > > > > > .../iommu/arm/arm-smmu-v3/arm-smmu-v3-kvm.c | 92 ++++++++++++++++++- > > > > > 1 file changed, 91 insertions(+), 1 deletion(-) > > > > > > > > Can you split the new iommu subysstem driver out please? I think I > > > > asked this before. > > > > > > Sorry, maybe I misunderstood, do you mean split this patch into multiple > > > patches or split all KVM SMMUv3 driver out of this series? > > > > Yes the latter, the iommu driver introduction is best as its own > > series > > I thought about that but I was worried the maintainers wouldn't like > introducing the infrastructure first in the hypervisor without a user. > I am open to split this, but let’s see what they think. You can merge both series at the same time > Makes sense, from the kernel point of view it will be attached to > identity/blocking domains, but the hypervisor api is just enable/disable HVC > as it doesn’t know what is a domain. If terminology is really a problem, > I can make it one hypercall as “set_state” with on/off or identity/blocking I would call it set_state with states IDENTITY/BLOCKING. That is clear. enable/disable is ambiguous. > TBH, I am not sure what hardware does that. So, another option is to fail > gracefully if RMR exists (which falls back to the current driver) and then > pKVM would run with DMA isolation, which is the status quo. iGPUs either access the DRAM through the iommu or they use some OS invisible side band channel. The ones that use the iommu have this quirk. > They are not random, as part of this series the SMMUv3 driver is split > where some of the code goes to “arm-smmu-v3-common.c” which is used by > both drivers, this reduces a lot of duplication. I find it very confusing. It made sense to factor some of the code out so that pKVM can have it's own smmv3 HW driver, sure. But I don't understand why a paravirtualized iommu driver for pKVM has any relation to smmuv3. Shouldn't it just be calling some hypercalls to set IDENTITY/BLOCKING? > I am not sure if we need get_resv_regions, maybe it's useful for sysfs > "/sys/kernel/iommu_groups/reserved_regions"? I will double check. It is important to get this info from the FW.. Jason
Powered by blists - more mailing lists