From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Jason Gunthorpe <jgg@nvidia.com>
Cc: Shameerali Kolothum Thodi <shameerali.kolothum.thodi@huawei.com>,
"qemu-arm@nongnu.org" <qemu-arm@nongnu.org>,
"qemu-devel@nongnu.org" <qemu-devel@nongnu.org>,
"eric.auger@redhat.com" <eric.auger@redhat.com>,
"peter.maydell@linaro.org" <peter.maydell@linaro.org>,
"nicolinc@nvidia.com" <nicolinc@nvidia.com>,
"ddutile@redhat.com" <ddutile@redhat.com>,
Linuxarm <linuxarm@huawei.com>,
"Wangzhou (B)" <wangzhou1@hisilicon.com>,
jiangkunkun <jiangkunkun@huawei.com>,
Jonathan Cameron <jonathan.cameron@huawei.com>,
"zhangfei.gao@linaro.org" <zhangfei.gao@linaro.org>,
"nathanc@nvidia.com" <nathanc@nvidia.com>
Subject: Re: [RFC PATCH 0/5] hw/arm/virt: Add support for user-creatable nested SMMUv3
Date: Thu, 6 Feb 2025 18:18:09 +0000 [thread overview]
Message-ID: <Z6T84XByaY0RD8TR@redhat.com> (raw)
In-Reply-To: <20250206175843.GI2960738@nvidia.com>
On Thu, Feb 06, 2025 at 01:58:43PM -0400, Jason Gunthorpe wrote:
> On Thu, Feb 06, 2025 at 05:54:57PM +0000, Daniel P. Berrangé wrote:
> > > > We shouldn't assume any VFIO device exists in the QEMU cnofig at the time
> > > > we realize the virtual ssmu. I expect the SMMU may be cold plugged, while
> > > > the VFIO devices may be hot plugged arbitrarly later, and we should have
> > > > the association initialized the SMMU is realized.
> > >
> > > This is not supported kernel side, you can't instantiate a vIOMMU
> > > without a VFIO device that uses it. For security.
> >
> > What are the security concerns here ?
>
> You should not be able to open iommufd and manipulate iommu HW that
> you don't have a VFIO descriptor for, including creating physical
> vIOMMU resources, allocating command queues and whatever else.
>
> Some kind of hot plug smmu would have to create a vSMMU without any
> kernel backing and then later bind it to a kernel implementation.
Ok, so if we give the info about the vSMMU <-> pSMMU binding to
QEMU upfront, it can delay using it until the point where the kernel
accepts it. This at least gives a clear design to applications outside
QEMU, and hides the low level impl details to inside QEMU.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2025-02-06 18:18 UTC|newest]
Thread overview: 189+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-08 12:52 [RFC PATCH 0/5] hw/arm/virt: Add support for user-creatable nested SMMUv3 Shameer Kolothum via
2024-11-08 12:52 ` Shameer Kolothum via
2024-11-08 12:52 ` [RFC PATCH 1/5] hw/arm/virt: Add an SMMU_IO_LEN macro Shameer Kolothum via
2024-11-08 12:52 ` Shameer Kolothum via
2024-11-13 16:48 ` Eric Auger
2024-11-08 12:52 ` [RFC PATCH 2/5] hw/arm/smmuv3: Add initial support for SMMUv3 Nested device Shameer Kolothum via
2024-11-08 12:52 ` Shameer Kolothum via
2024-11-13 17:12 ` Eric Auger
2024-11-13 18:05 ` Nicolin Chen
2024-11-26 18:28 ` Donald Dutile
2024-11-27 10:21 ` Shameerali Kolothum Thodi via
2024-11-27 10:21 ` Shameerali Kolothum Thodi via
2024-11-27 16:00 ` Jason Gunthorpe
2024-11-27 16:05 ` Eric Auger
2024-11-28 3:25 ` Zhangfei Gao
2024-11-28 8:06 ` Eric Auger
2024-11-28 8:28 ` Shameerali Kolothum Thodi via
2024-11-28 8:28 ` Shameerali Kolothum Thodi via
2024-11-28 8:41 ` Eric Auger
2024-11-28 12:52 ` Jason Gunthorpe
2024-11-27 23:03 ` Donald Dutile
2024-11-28 12:51 ` Jason Gunthorpe
2024-11-28 4:29 ` Donald Dutile
2024-11-28 4:44 ` Nicolin Chen
2024-11-28 12:54 ` Jason Gunthorpe
2024-11-28 18:22 ` Nicolin Chen
2024-12-02 18:53 ` Donald Dutile
2024-11-28 8:17 ` Shameerali Kolothum Thodi via
2024-11-28 8:17 ` Shameerali Kolothum Thodi via
2024-11-14 8:20 ` Shameerali Kolothum Thodi via
2024-11-14 8:20 ` Shameerali Kolothum Thodi via
2024-11-14 8:41 ` Eric Auger
2024-11-14 13:27 ` Shameerali Kolothum Thodi via
2024-11-15 22:32 ` Nicolin Chen
2024-11-13 18:00 ` Eric Auger
2024-11-08 12:52 ` [RFC PATCH 3/5] hw/arm/smmuv3: Associate a pci bus with a " Shameer Kolothum via
2024-11-13 17:58 ` Eric Auger
2024-11-14 8:30 ` Shameerali Kolothum Thodi via
2024-11-14 8:30 ` Shameerali Kolothum Thodi via
2025-01-30 16:29 ` Daniel P. Berrangé
2025-01-30 18:19 ` Shameerali Kolothum Thodi via
2025-01-30 18:19 ` Shameerali Kolothum Thodi via
2024-11-08 12:52 ` [RFC PATCH 4/5] hw/arm/virt-acpi-build: Build IORT with multiple SMMU nodes Shameer Kolothum via
2024-11-18 10:01 ` Eric Auger
2024-11-18 11:44 ` Shameerali Kolothum Thodi via
2024-11-18 11:44 ` Shameerali Kolothum Thodi via
2024-11-18 13:45 ` Eric Auger
2024-11-18 15:00 ` Shameerali Kolothum Thodi via
2024-11-18 15:00 ` Shameerali Kolothum Thodi via
2024-11-18 18:09 ` Eric Auger
2024-11-20 14:16 ` Shameerali Kolothum Thodi via
2024-11-20 14:16 ` Shameerali Kolothum Thodi via
2024-11-20 16:10 ` Eric Auger
2024-11-20 16:26 ` Shameerali Kolothum Thodi via
2024-11-20 16:26 ` Shameerali Kolothum Thodi via
2024-11-21 9:46 ` Shameerali Kolothum Thodi via
2024-11-21 9:46 ` Shameerali Kolothum Thodi via
2024-12-10 20:48 ` Nicolin Chen
2024-12-11 15:21 ` Shameerali Kolothum Thodi via
2024-12-11 15:21 ` Shameerali Kolothum Thodi via
2024-12-13 0:28 ` Nicolin Chen
2024-11-08 12:52 ` [RFC PATCH 5/5] hw/arm/virt-acpi-build: Add IORT RMR regions to handle MSI nested binding Shameer Kolothum via
2024-11-13 18:31 ` Nicolin Chen
2024-11-14 8:48 ` Shameerali Kolothum Thodi via
2024-11-14 8:48 ` Shameerali Kolothum Thodi via
2024-11-14 10:41 ` Eric Auger
2024-11-15 22:12 ` Nicolin Chen
2024-12-10 23:01 ` Nicolin Chen
2024-12-11 0:48 ` Jason Gunthorpe
2024-12-11 1:28 ` Nicolin Chen
2024-12-11 13:11 ` Jason Gunthorpe
2024-12-11 17:20 ` Nicolin Chen
2024-12-11 18:01 ` Jason Gunthorpe
2024-11-12 22:59 ` [RFC PATCH 0/5] hw/arm/virt: Add support for user-creatable nested SMMUv3 Nicolin Chen
2024-11-14 7:56 ` Shameerali Kolothum Thodi via
2024-11-14 7:56 ` Shameerali Kolothum Thodi via
2024-11-20 23:59 ` Nathan Chen
2024-11-21 10:12 ` Shameerali Kolothum Thodi via
2024-11-22 1:41 ` Nathan Chen
2024-11-22 17:38 ` Shameerali Kolothum Thodi via
2024-11-22 18:53 ` Nathan Chen
2025-02-04 14:00 ` Eric Auger
2024-12-13 11:58 ` Daniel P. Berrangé
2024-12-13 12:43 ` Jason Gunthorpe
2024-12-12 23:54 ` Nathan Chen
2024-12-13 1:01 ` Nathan Chen
2024-12-16 9:31 ` Shameerali Kolothum Thodi via
2024-12-16 9:31 ` Shameerali Kolothum Thodi via
2025-01-25 2:43 ` Nathan Chen
2025-01-27 15:26 ` Shameerali Kolothum Thodi via
2025-01-27 15:26 ` Shameerali Kolothum Thodi via
2025-01-27 23:35 ` Nathan Chen
2024-11-13 16:16 ` Mostafa Saleh
2024-11-14 8:01 ` Shameerali Kolothum Thodi via
2024-11-14 8:01 ` Shameerali Kolothum Thodi via
2024-11-14 11:49 ` Mostafa Saleh
2024-11-13 21:42 ` Nicolin Chen
2024-11-14 9:11 ` Shameerali Kolothum Thodi via
2024-11-14 9:11 ` Shameerali Kolothum Thodi via
2024-11-18 10:50 ` Eric Auger
2025-01-30 16:41 ` Daniel P. Berrangé
2024-12-13 12:00 ` Daniel P. Berrangé
2024-12-13 12:46 ` Jason Gunthorpe
2024-12-13 13:19 ` Daniel P. Berrangé
2024-12-16 9:38 ` Shameerali Kolothum Thodi via
2024-12-17 18:36 ` Donald Dutile
2024-12-13 13:33 ` Peter Maydell
2024-12-16 10:01 ` Shameerali Kolothum Thodi via
2024-12-16 10:01 ` Shameerali Kolothum Thodi via
2025-01-09 4:45 ` Nicolin Chen
2025-01-11 4:05 ` Donald Dutile
2025-01-23 4:10 ` Nicolin Chen
2025-01-23 8:28 ` Shameerali Kolothum Thodi via
2025-01-23 8:28 ` Shameerali Kolothum Thodi via
2025-01-23 8:40 ` Nicolin Chen
2025-01-23 11:07 ` Duan, Zhenzhong
2025-02-17 9:17 ` Duan, Zhenzhong
2025-02-18 6:52 ` Shameerali Kolothum Thodi via
2025-03-06 17:59 ` Eric Auger
2025-03-06 18:27 ` Shameerali Kolothum Thodi via
2025-03-06 18:27 ` Shameerali Kolothum Thodi via
2025-03-06 18:40 ` Eric Auger
2025-01-31 16:54 ` Eric Auger
2025-02-03 18:50 ` Nicolin Chen
2025-02-04 17:49 ` Eric Auger
2025-02-05 0:08 ` Nicolin Chen
2025-02-05 10:43 ` Shameerali Kolothum Thodi via
2025-02-05 10:43 ` Shameerali Kolothum Thodi via
2025-02-05 12:35 ` Eric Auger
2025-02-06 10:34 ` Shameerali Kolothum Thodi via
2025-02-06 10:34 ` Shameerali Kolothum Thodi via
2025-02-06 18:58 ` Nicolin Chen
2025-03-03 15:21 ` Shameerali Kolothum Thodi via
2025-03-03 15:21 ` Shameerali Kolothum Thodi via
2025-03-03 17:04 ` Nicolin Chen
2025-03-04 9:30 ` Shameerali Kolothum Thodi via
2025-03-04 9:30 ` Shameerali Kolothum Thodi via
2025-01-30 16:00 ` Daniel P. Berrangé
2025-01-30 18:09 ` Shameerali Kolothum Thodi via
2025-01-30 18:09 ` Shameerali Kolothum Thodi via
2025-01-31 9:33 ` Shameerali Kolothum Thodi via
2025-01-31 9:33 ` Shameerali Kolothum Thodi via
2025-01-31 10:07 ` Eric Auger
2025-01-31 14:24 ` Jason Gunthorpe
2025-01-31 14:39 ` Shameerali Kolothum Thodi via
2025-01-31 14:39 ` Shameerali Kolothum Thodi via
2025-01-31 14:54 ` Jason Gunthorpe
2025-01-31 15:23 ` Shameerali Kolothum Thodi via
2025-01-31 15:23 ` Shameerali Kolothum Thodi via
2025-01-31 16:08 ` Eric Auger
2025-02-05 20:53 ` Nathan Chen
2025-02-06 8:54 ` Daniel P. Berrangé
2025-02-06 8:53 ` Daniel P. Berrangé
2025-02-06 16:44 ` Eric Auger
2025-01-31 21:41 ` Daniel P. Berrangé
2025-02-06 10:02 ` Shameerali Kolothum Thodi via
2025-02-06 10:02 ` Shameerali Kolothum Thodi via
2025-02-06 10:37 ` Daniel P. Berrangé
2025-02-06 13:51 ` Shameerali Kolothum Thodi via
2025-02-06 13:51 ` Shameerali Kolothum Thodi via
2025-02-06 14:46 ` Daniel P. Berrangé
2025-02-06 15:07 ` Shameerali Kolothum Thodi via
2025-02-06 15:07 ` Shameerali Kolothum Thodi via
2025-02-06 17:02 ` Jason Gunthorpe
2025-02-06 17:10 ` Daniel P. Berrangé
2025-02-06 17:46 ` Jason Gunthorpe
2025-02-06 17:54 ` Daniel P. Berrangé
2025-02-06 17:58 ` Jason Gunthorpe
2025-02-06 18:04 ` Shameerali Kolothum Thodi via
2025-02-06 18:04 ` Shameerali Kolothum Thodi via
2025-02-06 18:13 ` Jason Gunthorpe
2025-02-06 18:18 ` Shameerali Kolothum Thodi via
2025-02-06 18:18 ` Shameerali Kolothum Thodi via
2025-02-06 18:22 ` Jason Gunthorpe
2025-02-06 20:33 ` Nicolin Chen
2025-02-06 20:38 ` Jason Gunthorpe
2025-02-06 20:48 ` Nicolin Chen
2025-02-06 21:11 ` Jason Gunthorpe
2025-02-06 22:46 ` Nicolin Chen
2025-02-07 0:08 ` Jason Gunthorpe
2025-02-07 10:21 ` Shameerali Kolothum Thodi via
2025-02-07 10:21 ` Shameerali Kolothum Thodi via
2025-02-07 10:31 ` Daniel P. Berrangé
2025-02-07 12:21 ` Shameerali Kolothum Thodi via
2025-02-07 12:21 ` Shameerali Kolothum Thodi via
2025-02-07 12:53 ` Jason Gunthorpe
2025-02-06 18:18 ` Daniel P. Berrangé [this message]
2025-02-06 17:57 ` Shameerali Kolothum Thodi via
2025-02-06 17:59 ` Jason Gunthorpe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z6T84XByaY0RD8TR@redhat.com \
--to=berrange@redhat.com \
--cc=ddutile@redhat.com \
--cc=eric.auger@redhat.com \
--cc=jgg@nvidia.com \
--cc=jiangkunkun@huawei.com \
--cc=jonathan.cameron@huawei.com \
--cc=linuxarm@huawei.com \
--cc=nathanc@nvidia.com \
--cc=nicolinc@nvidia.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=shameerali.kolothum.thodi@huawei.com \
--cc=wangzhou1@hisilicon.com \
--cc=zhangfei.gao@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.