From: Will Deacon <will.deacon-5wv7dgnIgG8@public.gmane.org>
To: Alex Williamson
<alex.williamson-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Cc: "kvm-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<kvm-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
Marc Zyngier <Marc.Zyngier-5wv7dgnIgG8@public.gmane.org>,
open list <linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
"a.rigo-lrHrjnjw1UfHK3s98zE1ajGjJy/sRE9J@public.gmane.org"
<a.rigo-lrHrjnjw1UfHK3s98zE1ajGjJy/sRE9J@public.gmane.org>,
"stuart.yoder-KZfg59tc24xl57MIdRCFDg@public.gmane.org"
<stuart.yoder-KZfg59tc24xl57MIdRCFDg@public.gmane.org>,
"iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org"
<iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org>,
Antonios Motakis
<a.motakis-lrHrjnjw1UfHK3s98zE1ajGjJy/sRE9J@public.gmane.org>,
"tech-lrHrjnjw1UfHK3s98zE1ajGjJy/sRE9J@public.gmane.org"
<tech-lrHrjnjw1UfHK3s98zE1ajGjJy/sRE9J@public.gmane.org>,
"kvmarm-FPEHb7Xf0XXUo1n7N8X6UoWGPAHP3yOg@public.gmane.org"
<kvmarm-FPEHb7Xf0XXUo1n7N8X6UoWGPAHP3yOg@public.gmane.org>,
"christoffer.dall-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org"
<christoffer.dall-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
Subject: Re: [RFC PATCH v5 03/11] VFIO_IOMMU_TYPE1 for platform bus devices on ARM
Date: Wed, 30 Apr 2014 14:08:14 +0100 [thread overview]
Message-ID: <20140430130814.GB15719@arm.com> (raw)
In-Reply-To: <1398715690.24318.321.camel-85EaTFmN5p//9pzu0YdTqQ@public.gmane.org>
On Mon, Apr 28, 2014 at 09:08:10PM +0100, Alex Williamson wrote:
> On Mon, 2014-04-28 at 20:19 +0100, Will Deacon wrote:
> > Please excuse any ignorance on part here (I'm not at all familiar with the
> > Intel IOMMU), but shouldn't this really be a property of the interrupt
> > controller itself? On ARM with GICv3, there is a separate block called the
> > ITS (interrupt translation service) which is part of the interrupt
> > controller. The ITS provides a doorbell page which the SMMU can map into a
> > guest operating system to provide MSI for passthrough devices, but this
> > isn't something the SMMU is aware of -- it will just see the iommu_map
> > request for a non-cacheable mapping.
>
> I don't know the history of why this is an IOMMU domain capability on
> x86, it's sort of a paradox. An MSI from a device is conceptually just
> a DMA write and is therefore logically co-located in the IOMMU hardware,
> but x86 doesn't allow it to be mapped via the IOMMU API interfaces. For
> compatibility, interrupt remapping support is buried deep in the
> request_irq interface and effectively invisible other than having this
> path to query it. Therefore this flag is effectively just saying "MSI
> isolation support is present and enabled". IOW, the host is protected
> from interrupt injection attacks from malicious devices. If there is
> some property of your platform that makes this always the case, then the
> IOMMU driver can always export this capability as true.
Thanks for the explanation. On ARM, the SMMU does indeed see the MSI write
just like a normal write, so it can be mapped via iommu_map() to point at
the interrupt controller doorbell page. I guess that means we can enable
this capability for all MSI-capable devices upstream of the SMMU, providing
that the IRQ controller doesn't have any horrible quirks.
> With PCI, MSI is configured via spec defined configuration space
> registers, so we emulate these registers and prevent user access to them
> so that we don't need to allow the user a way to setup an interrupt
> remapping entry. It's done for them via request_irq.
>
> IIRC, the Freescale devices have a limited number of MSI pages and can
> therefore create some instances with isolation while others may require
> sharing. In that case I would expect this flag to indicate whether the
> domain has an exclusive or shared page.
>
> In any case, I suspect keying on the bus_type here is not the correct
> way to go. Thanks,
Agreed, I was more intrigued by the meaning of the flag.
Thanks,
Will
WARNING: multiple messages have this Message-ID (diff)
From: Will Deacon <will.deacon@arm.com>
To: Alex Williamson <alex.williamson@redhat.com>
Cc: Antonios Motakis <a.motakis@virtualopensystems.com>,
"kvmarm@lists.cs.columbia.edu" <kvmarm@lists.cs.columbia.edu>,
"iommu@lists.linux-foundation.org"
<iommu@lists.linux-foundation.org>,
"tech@virtualopensystems.com" <tech@virtualopensystems.com>,
"a.rigo@virtualopensystems.com" <a.rigo@virtualopensystems.com>,
"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
"christoffer.dall@linaro.org" <christoffer.dall@linaro.org>,
"kim.phillips@freescale.com" <kim.phillips@freescale.com>,
"stuart.yoder@freescale.com" <stuart.yoder@freescale.com>,
open list <linux-kernel@vger.kernel.org>,
Marc Zyngier <Marc.Zyngier@arm.com>
Subject: Re: [RFC PATCH v5 03/11] VFIO_IOMMU_TYPE1 for platform bus devices on ARM
Date: Wed, 30 Apr 2014 14:08:14 +0100 [thread overview]
Message-ID: <20140430130814.GB15719@arm.com> (raw)
In-Reply-To: <1398715690.24318.321.camel@ul30vt.home>
On Mon, Apr 28, 2014 at 09:08:10PM +0100, Alex Williamson wrote:
> On Mon, 2014-04-28 at 20:19 +0100, Will Deacon wrote:
> > Please excuse any ignorance on part here (I'm not at all familiar with the
> > Intel IOMMU), but shouldn't this really be a property of the interrupt
> > controller itself? On ARM with GICv3, there is a separate block called the
> > ITS (interrupt translation service) which is part of the interrupt
> > controller. The ITS provides a doorbell page which the SMMU can map into a
> > guest operating system to provide MSI for passthrough devices, but this
> > isn't something the SMMU is aware of -- it will just see the iommu_map
> > request for a non-cacheable mapping.
>
> I don't know the history of why this is an IOMMU domain capability on
> x86, it's sort of a paradox. An MSI from a device is conceptually just
> a DMA write and is therefore logically co-located in the IOMMU hardware,
> but x86 doesn't allow it to be mapped via the IOMMU API interfaces. For
> compatibility, interrupt remapping support is buried deep in the
> request_irq interface and effectively invisible other than having this
> path to query it. Therefore this flag is effectively just saying "MSI
> isolation support is present and enabled". IOW, the host is protected
> from interrupt injection attacks from malicious devices. If there is
> some property of your platform that makes this always the case, then the
> IOMMU driver can always export this capability as true.
Thanks for the explanation. On ARM, the SMMU does indeed see the MSI write
just like a normal write, so it can be mapped via iommu_map() to point at
the interrupt controller doorbell page. I guess that means we can enable
this capability for all MSI-capable devices upstream of the SMMU, providing
that the IRQ controller doesn't have any horrible quirks.
> With PCI, MSI is configured via spec defined configuration space
> registers, so we emulate these registers and prevent user access to them
> so that we don't need to allow the user a way to setup an interrupt
> remapping entry. It's done for them via request_irq.
>
> IIRC, the Freescale devices have a limited number of MSI pages and can
> therefore create some instances with isolation while others may require
> sharing. In that case I would expect this flag to indicate whether the
> domain has an exclusive or shared page.
>
> In any case, I suspect keying on the bus_type here is not the correct
> way to go. Thanks,
Agreed, I was more intrigued by the meaning of the flag.
Thanks,
Will
next prev parent reply other threads:[~2014-04-30 13:08 UTC|newest]
Thread overview: 81+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-28 15:52 [RFC PATCH v5 00/11] VFIO support for platform devices Antonios Motakis
[not found] ` <1398700371-20096-1-git-send-email-a.motakis-lrHrjnjw1UfHK3s98zE1ajGjJy/sRE9J@public.gmane.org>
2014-04-28 15:52 ` [RFC PATCH v5 01/11] driver core: platform: add device binding path 'driver_override' Antonios Motakis
2014-04-28 15:52 ` Antonios Motakis
2014-05-21 0:25 ` [RFC PATCH v5_v2 " Kim Phillips
[not found] ` <20140520192537.bab9fa2088c1cd5da3f92639-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
2014-05-29 19:43 ` Alex Williamson
2014-05-29 19:43 ` Alex Williamson
[not found] ` <1401392619.2412.102.camel-85EaTFmN5p//9pzu0YdTqQ@public.gmane.org>
2014-05-29 21:24 ` Alexander Graf
2014-05-29 21:24 ` Alexander Graf
2014-05-30 0:36 ` Stuart Yoder
2014-06-03 0:42 ` [PATCH] " Kim Phillips
2014-06-03 0:42 ` Kim Phillips
[not found] ` <20140602194258.5135925bf3c71b9c010fb409-KZfg59tc24xl57MIdRCFDg@public.gmane.org>
2014-06-03 4:28 ` Greg KH
2014-06-03 4:28 ` Greg KH
[not found] ` <20140603042842.GD14668-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2014-06-26 1:08 ` Kim Phillips
2014-06-26 1:08 ` Kim Phillips
2014-07-07 21:19 ` Kim Phillips
2014-07-07 21:19 ` Kim Phillips
2014-07-08 22:37 ` Greg KH
2014-07-08 22:37 ` Greg KH
2014-04-28 15:52 ` [RFC PATCH v5 02/11] ARM SMMU: Add capability IOMMU_CAP_DMA_EXEC Antonios Motakis
2014-04-28 15:52 ` Antonios Motakis
2014-04-28 15:52 ` Antonios Motakis
[not found] ` <1398700371-20096-3-git-send-email-a.motakis-lrHrjnjw1UfHK3s98zE1ajGjJy/sRE9J@public.gmane.org>
2014-04-28 19:37 ` Will Deacon
2014-04-28 19:37 ` Will Deacon
2014-04-28 19:37 ` Will Deacon
[not found] ` <20140428193709.GE22135-5wv7dgnIgG8@public.gmane.org>
2014-04-28 20:20 ` Alex Williamson
2014-04-28 20:20 ` Alex Williamson
2014-04-28 20:20 ` Alex Williamson
2014-04-29 9:49 ` Antonios Motakis
2014-04-29 9:52 ` Antonios Motakis
2014-04-29 9:52 ` Antonios Motakis
2014-04-29 9:52 ` Antonios Motakis
2014-04-28 15:52 ` [RFC PATCH v5 03/11] VFIO_IOMMU_TYPE1 for platform bus devices on ARM Antonios Motakis
2014-04-28 15:52 ` Antonios Motakis
[not found] ` <1398700371-20096-4-git-send-email-a.motakis-lrHrjnjw1UfHK3s98zE1ajGjJy/sRE9J@public.gmane.org>
2014-04-28 16:43 ` Alex Williamson
2014-04-28 16:43 ` Alex Williamson
[not found] ` <1398703421.24318.262.camel-85EaTFmN5p//9pzu0YdTqQ@public.gmane.org>
2014-04-28 19:19 ` Will Deacon
2014-04-28 19:19 ` Will Deacon
[not found] ` <20140428191920.GC22135-5wv7dgnIgG8@public.gmane.org>
2014-04-28 20:08 ` Alex Williamson
2014-04-28 20:08 ` Alex Williamson
[not found] ` <1398715690.24318.321.camel-85EaTFmN5p//9pzu0YdTqQ@public.gmane.org>
2014-04-30 13:08 ` Will Deacon [this message]
2014-04-30 13:08 ` Will Deacon
2014-04-28 15:52 ` [RFC PATCH v5 04/11] VFIO_IOMMU_TYPE1: Introduce the VFIO_DMA_MAP_FLAG_EXEC flag Antonios Motakis
2014-04-28 15:52 ` Antonios Motakis
[not found] ` <1398700371-20096-5-git-send-email-a.motakis-lrHrjnjw1UfHK3s98zE1ajGjJy/sRE9J@public.gmane.org>
2014-04-28 16:53 ` Alex Williamson
[not found] ` <1398704036.24318.269.camel-85EaTFmN5p//9pzu0YdTqQ@public.gmane.org>
2014-04-29 13:16 ` Antonios Motakis
2014-04-29 13:16 ` Antonios Motakis
2014-04-28 15:52 ` [RFC PATCH v5 05/11] VFIO_PLATFORM: Initial skeleton of VFIO support for platform devices Antonios Motakis
2014-04-28 15:52 ` Antonios Motakis
[not found] ` <1398700371-20096-6-git-send-email-a.motakis-lrHrjnjw1UfHK3s98zE1ajGjJy/sRE9J@public.gmane.org>
2014-04-28 17:04 ` Alex Williamson
[not found] ` <1398704642.24318.273.camel-85EaTFmN5p//9pzu0YdTqQ@public.gmane.org>
2014-04-29 13:23 ` Antonios Motakis
2014-04-29 13:23 ` Antonios Motakis
2014-04-28 15:52 ` [RFC PATCH v5 06/11] VFIO_PLATFORM: Return info for device and its memory mapped IO regions Antonios Motakis
2014-04-28 15:52 ` Antonios Motakis
[not found] ` <1398700371-20096-7-git-send-email-a.motakis-lrHrjnjw1UfHK3s98zE1ajGjJy/sRE9J@public.gmane.org>
2014-04-28 17:16 ` Alex Williamson
2014-04-28 17:16 ` Alex Williamson
[not found] ` <1398705389.24318.279.camel-85EaTFmN5p//9pzu0YdTqQ@public.gmane.org>
2014-05-02 16:55 ` Antonios Motakis
2014-04-28 15:52 ` [RFC PATCH v5 07/11] VFIO_PLATFORM: Read and write support for the device fd Antonios Motakis
2014-04-28 15:52 ` Antonios Motakis
[not found] ` <1398700371-20096-8-git-send-email-a.motakis-lrHrjnjw1UfHK3s98zE1ajGjJy/sRE9J@public.gmane.org>
2014-04-28 17:24 ` Alex Williamson
2014-04-28 17:24 ` Alex Williamson
[not found] ` <1398705857.24318.284.camel-85EaTFmN5p//9pzu0YdTqQ@public.gmane.org>
2014-04-29 13:27 ` Antonios Motakis
2014-04-29 13:27 ` Antonios Motakis
2014-04-28 15:52 ` [RFC PATCH v5 08/11] VFIO_PLATFORM: Support MMAP of MMIO regions Antonios Motakis
2014-04-28 15:52 ` Antonios Motakis
[not found] ` <1398700371-20096-9-git-send-email-a.motakis-lrHrjnjw1UfHK3s98zE1ajGjJy/sRE9J@public.gmane.org>
2014-04-28 17:27 ` Alex Williamson
2014-04-28 17:27 ` Alex Williamson
[not found] ` <1398706042.24318.287.camel-85EaTFmN5p//9pzu0YdTqQ@public.gmane.org>
2014-04-29 13:28 ` Antonios Motakis
2014-04-29 13:28 ` Antonios Motakis
2014-04-28 15:52 ` [RFC PATCH v5 09/11] VFIO_PLATFORM: Return IRQ info Antonios Motakis
2014-04-28 15:52 ` Antonios Motakis
[not found] ` <1398700371-20096-10-git-send-email-a.motakis-lrHrjnjw1UfHK3s98zE1ajGjJy/sRE9J@public.gmane.org>
2014-04-28 17:33 ` Alex Williamson
2014-04-28 17:33 ` Alex Williamson
2014-04-28 15:52 ` [RFC PATCH v5 10/11] VFIO_PLATFORM: Initial interrupts support Antonios Motakis
2014-04-28 15:52 ` Antonios Motakis
2014-04-28 15:52 ` [RFC PATCH v5 11/11] VFIO_PLATFORM: Support for maskable and automasked interrupts Antonios Motakis
2014-04-28 15:52 ` Antonios Motakis
[not found] ` <1398700371-20096-12-git-send-email-a.motakis-lrHrjnjw1UfHK3s98zE1ajGjJy/sRE9J@public.gmane.org>
2014-04-28 17:46 ` Alex Williamson
2014-04-28 17:46 ` Alex Williamson
[not found] ` <1398707198.24318.293.camel-85EaTFmN5p//9pzu0YdTqQ@public.gmane.org>
2014-05-02 17:25 ` Antonios Motakis
2014-05-02 17:25 ` Antonios Motakis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140430130814.GB15719@arm.com \
--to=will.deacon-5wv7dgnigg8@public.gmane.org \
--cc=Marc.Zyngier-5wv7dgnIgG8@public.gmane.org \
--cc=a.motakis-lrHrjnjw1UfHK3s98zE1ajGjJy/sRE9J@public.gmane.org \
--cc=a.rigo-lrHrjnjw1UfHK3s98zE1ajGjJy/sRE9J@public.gmane.org \
--cc=alex.williamson-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=christoffer.dall-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org \
--cc=iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
--cc=kvm-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=kvmarm-FPEHb7Xf0XXUo1n7N8X6UoWGPAHP3yOg@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=stuart.yoder-KZfg59tc24xl57MIdRCFDg@public.gmane.org \
--cc=tech-lrHrjnjw1UfHK3s98zE1ajGjJy/sRE9J@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.