From: Volodymyr Babchuk <Volodymyr_Babchuk@epam.com>
To: Milan Djokic <milan_djokic@epam.com>
Cc: "Julien Grall" <julien@xen.org>,
"Julien Grall" <julien.grall.oss@gmail.com>,
"xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>,
"Bertrand Marquis" <bertrand.marquis@arm.com>,
"Rahul Singh" <rahul.singh@arm.com>,
"Stefano Stabellini" <sstabellini@kernel.org>,
"Michal Orzel" <michal.orzel@amd.com>,
"Jan Beulich" <jbeulich@suse.com>,
"Roger Pau Monné" <roger.pau@citrix.com>,
"Anthony PERARD" <anthony.perard@vates.tech>,
"Nick Rosbrook" <enr0n@ubuntu.com>,
"George Dunlap" <gwd@xenproject.org>,
"Juergen Gross" <jgross@suse.com>,
"Andrew Cooper" <andrew.cooper3@citrix.com>
Subject: Re: [PATCH 00/20] Add SMMUv3 Stage 1 Support for XEN guests
Date: Tue, 26 Aug 2025 23:28:48 +0000 [thread overview]
Message-ID: <87v7m93bo0.fsf@epam.com> (raw)
In-Reply-To: <a5943713-85fa-48ad-86fe-5698604ed8c9@epam.com> (Milan Djokic's message of "Thu, 14 Aug 2025 18:26:00 +0200")
Hi Milan,
Milan Djokic <milan_djokic@epam.com> writes:
> Hello Julien,
>
> On 8/13/25 14:11, Julien Grall wrote:
>> On 13/08/2025 11:04, Milan Djokic wrote:
>>> Hello Julien,
>> Hi Milan,
>>
>>>
>>> We have prepared a design document and it will be part of the updated
>>> patch series (added in docs/design). I'll also extend cover letter with
>>> details on implementation structure to make review easier.
>> I would suggest to just iterate on the design document for now.
>>
>>> Following is the design document content which will be provided in
>>> updated patch series:
>>>
>>> Design Proposal: Add SMMUv3 Stage-1 Support for XEN Guests
>>> ==========================================================
>>>
>>> Author: Milan Djokic <milan_djokic@epam.com>
>>> Date: 2025-08-07
>>> Status: Draft
>>>
>>> Introduction
>>> ------------
>>>
>>> The SMMUv3 supports two stages of translation. Each stage of translation
>>> can be independently enabled. An incoming address is logically
>>> translated from VA to IPA in stage 1, then the IPA is input to stage 2
>>> which translates the IPA to the output PA. Stage 1 translation support
>>> is required to provide isolation between different devices within the OS.
>>>
>>> Xen already supports Stage 2 translation but there is no support for
>>> Stage 1 translation. This design proposal outlines the introduction of
>>> Stage-1 SMMUv3 support in Xen for ARM guests.
>>>
>>> Motivation
>>> ----------
>>>
>>> ARM systems utilizing SMMUv3 require Stage-1 address translation to
>>> ensure correct and secure DMA behavior inside guests.
>> Can you clarify what you mean by "correct"? DMA would still work
>> without
>> stage-1.
>
> Correct in terms of working with guest managed I/O space. I'll
> rephrase this statement, it seems ambiguous.
>
>>>
>>> This feature enables:
>>> - Stage-1 translation in guest domain
>>> - Safe device passthrough under secure memory translation
>>>
>>> Design Overview
>>> ---------------
>>>
>>> These changes provide emulated SMMUv3 support:
>>>
>>> - SMMUv3 Stage-1 Translation: stage-1 and nested translation support in
>>> SMMUv3 driver
>>> - vIOMMU Abstraction: virtual IOMMU framework for guest Stage-1 handling
>> So what are you planning to expose to a guest? Is it one vIOMMU per
>> pIOMMU? Or a single one?
>
> Single vIOMMU model is used in this design.
>
>> Have you considered the pros/cons for both?
>>> - Register/Command Emulation: SMMUv3 register emulation and command
>>> queue handling
>>
>
> That's a point for consideration.
> single vIOMMU prevails in terms of less complex implementation and a
> simple guest iommmu model - single vIOMMU node, one interrupt path,
> event queue, single set of trap handlers for emulation, etc.
> Cons for a single vIOMMU model could be less accurate hw
> representation and a potential bottleneck with one emulated queue and
> interrupt path.
> On the other hand, vIOMMU per pIOMMU provides more accurate hw
> modeling and offers better scalability in case of many IOMMUs in the
> system, but this comes with more complex emulation logic and device
> tree, also handling multiple vIOMMUs on guest side.
> IMO, single vIOMMU model seems like a better option mostly because
> it's less complex, easier to maintain and debug. Of course, this
> decision can and should be discussed.
>
Well, I am not sure that this is possible, because of StreamID
allocation. The biggest offender is of course PCI, as each Root PCI
bridge will require own SMMU instance with own StreamID space. But even
without PCI you'll need some mechanism to map vStremID to
<pSMMU, pStreamID>, because there will be overlaps in SID space.
Actually, PCI/vPCI with vSMMU is its own can of worms...
>> For each pSMMU, we have a single command queue that will receive command
>> from all the guests. How do you plan to prevent a guest hogging the
>> command queue?
>> In addition to that, AFAIU, the size of the virtual command queue is
>> fixed by the guest rather than Xen. If a guest is filling up the queue
>> with commands before notifying Xen, how do you plan to ensure we don't
>> spend too much time in Xen (which is not preemptible)?
>>
>
> We'll have to do a detailed analysis on these scenarios, they are not
> covered by the design (as well as some others which is clear after
> your comments). I'll come back with an updated design.
I think that can be handled akin to hypercall continuation, which is
used in similar places, like P2M code
[...]
--
WBR, Volodymyr
next prev parent reply other threads:[~2025-08-26 23:29 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-07 16:55 [PATCH 00/20] Add SMMUv3 Stage 1 Support for XEN guests Milan Djokic
2025-08-07 16:57 ` [PATCH 01/20] xen/arm: smmuv3: Maintain a SID->device structure Milan Djokic
2025-08-07 16:59 ` [PATCH 02/20] xen/arm: smmuv3: Add support for stage-1 and nested stage translation Milan Djokic
2025-08-07 16:59 ` [PATCH 03/20] xen/arm: smmuv3: Alloc io_domain for each device Milan Djokic
2025-08-07 16:59 ` [PATCH 04/20] xen/arm: vIOMMU: add generic vIOMMU framework Milan Djokic
2025-08-08 6:16 ` Jan Beulich
2025-08-07 16:59 ` [PATCH 05/20] xen/arm: vsmmuv3: Add dummy support for virtual SMMUv3 for guests Milan Djokic
2025-08-07 16:59 ` [PATCH 06/20] xen/domctl: Add XEN_DOMCTL_CONFIG_VIOMMU_* and viommu config param Milan Djokic
2025-08-07 16:59 ` [PATCH 07/20] xen/arm: vIOMMU: Add cmdline boot option "viommu = <boolean>" Milan Djokic
2025-08-08 6:20 ` Jan Beulich
2025-08-13 10:30 ` Milan Djokic
2025-08-07 16:59 ` [PATCH 08/20] xen/arm: vsmmuv3: Add support for registers emulation Milan Djokic
2025-08-07 16:59 ` [PATCH 09/20] xen/arm: vsmmuv3: Add support for cmdqueue handling Milan Djokic
2025-08-07 16:59 ` [PATCH 10/20] xen/arm: vsmmuv3: Add support for command CMD_CFGI_STE Milan Djokic
2025-08-07 16:59 ` [PATCH 11/20] xen/arm: vsmmuv3: Attach Stage-1 configuration to SMMUv3 hardware Milan Djokic
2025-08-08 6:22 ` Jan Beulich
2025-08-07 16:59 ` [PATCH 12/20] xen/arm: vsmmuv3: Add support for event queue and global error Milan Djokic
2025-08-07 16:59 ` [PATCH 13/20] xen/arm: vsmmuv3: Add "iommus" property node for dom0 devices Milan Djokic
2025-08-07 16:59 ` [PATCH 14/20] xen/arm: vIOMMU: IOMMU device tree node for dom0 Milan Djokic
2025-08-07 16:59 ` [PATCH 15/20] xen/arm: vsmmuv3: Emulated SMMUv3 device tree node for dom0less Milan Djokic
2025-08-07 16:59 ` [PATCH 16/20] arm/libxl: vsmmuv3: Emulated SMMUv3 device tree node in libxl Milan Djokic
2025-08-07 16:59 ` [PATCH 17/20] xen/arm: vsmmuv3: Alloc virq for virtual SMMUv3 Milan Djokic
2025-08-07 16:59 ` [PATCH 18/20] xen/arm: vsmmuv3: Add support to send stage-1 event to guest Milan Djokic
2025-08-07 16:59 ` [PATCH 19/20] libxl/arm: vIOMMU: Modify the partial device tree for iommus Milan Djokic
2025-08-07 16:59 ` [PATCH 20/20] xen/arm: vIOMMU: Modify the partial device tree for dom0less Milan Djokic
2025-08-07 17:58 ` [PATCH 00/20] Add SMMUv3 Stage 1 Support for XEN guests Julien Grall
2025-08-13 10:04 ` Milan Djokic
2025-08-13 12:11 ` Julien Grall
2025-08-14 16:26 ` Milan Djokic
2025-08-26 23:28 ` Volodymyr Babchuk [this message]
2025-08-28 11:59 ` Milan Djokic
2025-08-29 16:27 ` Volodymyr Babchuk
2025-09-01 11:06 ` Milan Djokic
2025-11-03 13:16 ` Milan Djokic
2025-11-27 2:31 ` Volodymyr Babchuk
2025-11-27 10:22 ` Julien Grall
2025-12-02 22:08 ` Milan Djokic
2025-12-03 10:32 ` Julien Grall
2025-12-03 15:47 ` Milan Djokic
2026-02-13 3:18 ` Milan Djokic
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87v7m93bo0.fsf@epam.com \
--to=volodymyr_babchuk@epam.com \
--cc=andrew.cooper3@citrix.com \
--cc=anthony.perard@vates.tech \
--cc=bertrand.marquis@arm.com \
--cc=enr0n@ubuntu.com \
--cc=gwd@xenproject.org \
--cc=jbeulich@suse.com \
--cc=jgross@suse.com \
--cc=julien.grall.oss@gmail.com \
--cc=julien@xen.org \
--cc=michal.orzel@amd.com \
--cc=milan_djokic@epam.com \
--cc=rahul.singh@arm.com \
--cc=roger.pau@citrix.com \
--cc=sstabellini@kernel.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.