| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aJs1dMiomjtxVwl4@google.com> Date: Tue, 12 Aug 2025 12:37:08 +0000 From: Mostafa Saleh <smostafa@...gle.com> To: Jason Gunthorpe <jgg@...pe.ca> Cc: linux-kernel@...r.kernel.org, kvmarm@...ts.linux.dev, linux-arm-kernel@...ts.infradead.org, iommu@...ts.linux.dev, maz@...nel.org, oliver.upton@...ux.dev, joey.gouly@....com, suzuki.poulose@....com, yuzenghui@...wei.com, catalin.marinas@....com, will@...nel.org, robin.murphy@....com, jean-philippe@...aro.org, qperret@...gle.com, tabba@...gle.com, mark.rutland@....com, praan@...gle.com Subject: Re: [PATCH v3 29/29] iommu/arm-smmu-v3-kvm: Add IOMMU ops On Tue, Aug 12, 2025 at 09:10:56AM -0300, Jason Gunthorpe wrote: > On Tue, Aug 12, 2025 at 10:29:38AM +0000, Mostafa Saleh wrote: > > On Mon, Aug 11, 2025 at 03:55:23PM -0300, Jason Gunthorpe wrote: > > > On Wed, Aug 06, 2025 at 02:10:35PM +0000, Mostafa Saleh wrote: > > > > I am not sure I understand, the SMMU driver will register its IOMMU > > > > ops to probe the devices > > > > > > You couldn't do this. But why do you need the iommu subsystem to help > > > you do probing for the pKVM driver? Today SMMU starts all devices in > > > ABORT mode except for some it scans manually from the fw tables. > > > > > > They switch to identity when the iommu subsystem attaches devices, you > > > can continue to do that by having the paravirt driver tell pkvm when > > > it attaches. > > > > > > What is wrong with this approach? > > > > > > > My confusion is that in this proposal we have 2 drivers: > > - arm-smmu-v3-kvm: Register arm_smmu_ops? binds to the SMMUs > > No, I don't mean two iommu subsystem drivers. You have only the > pkvm-iommu driver. Whatever you bind to the arm-smmu does not register > with the iommu subsystem. I see. > > > I am almost done with v4, which relies on a single driver, I don’t think > > it’s that complicated, it adds a few impl_ops + some few re-works. > > > > I think that is much simpler than having 3 drivers. > > Also better for the current SMMUv3 driver maintainability to have the KVM driver > > as mode, where all the KVM logic is implemented in a new file which relies on few > > ops, similar to “tegra241-cmdqv.c” > > I don't understand how you can do this, it is fundamentally not an > iommu subsystem driver if pkvm is in control of the HW. > > And I still strongly do not want to see a para virt iommu driver hidden > inside the smmu driver. It should be its own thing. > > The tegra ops were for customizing the iommu subsystem behavior of the > arm iommu driver, not to turn it into a wrapper for a different > paravirt driver!! I see, but most of the code in KVM mode is exactly the same as in the current driver, as the driver is not HW agnostic (unlike virtio-iommu). In fact it does almost everything, and just delegates attach_identity/blocked to the hypervisor. IMO, having a full fledged KVM IOMMU driver + faux devices + moving all shared SMMUv3 code, just for this driver to implement a handful lines of code, is an over-kill, especially since most of this logic won’t be needed in the future. In addition, with no standard iommu-binding, this driver has to be enlightened somehow about how to deal with device operations. As mentioned before, when nesting is added, many of the hooks will be removed anyway as KVM would rely on trap and emulate instead of HVCs. Otherwise, we can skip this series and I can post nesting directly (which would be a relatively bigger one), that probably would rely on the same concept of the driver bootstrapping the hypervisor driver. I am generally open to any path to move this forward, as Robin and Will originally suggested the KVM mode in the upstream driver approach, what do you think? Thank, Mostafa > > Jason
Powered by blists - more mailing lists