From: Jason Gunthorpe <jgg@nvidia.com>
To: Catalin Marinas <catalin.marinas@arm.com>
Cc: Marc Zyngier <maz@kernel.org>,
ankita@nvidia.com,
Shameerali Kolothum Thodi <shameerali.kolothum.thodi@huawei.com>,
oliver.upton@linux.dev, suzuki.poulose@arm.com,
yuzenghui@huawei.com, will@kernel.org, ardb@kernel.org,
akpm@linux-foundation.org, gshan@redhat.com, aniketa@nvidia.com,
cjia@nvidia.com, kwankhede@nvidia.com, targupta@nvidia.com,
vsethi@nvidia.com, acurrid@nvidia.com, apopple@nvidia.com,
jhubbard@nvidia.com, danw@nvidia.com, mochs@nvidia.com,
kvmarm@lists.linux.dev, kvm@vger.kernel.org,
lpieralisi@kernel.org, linux-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH v2 1/1] KVM: arm64: allow the VM to select DEVICE_* and NORMAL_NC for IO memory
Date: Tue, 5 Dec 2023 09:05:17 -0400 [thread overview]
Message-ID: <20231205130517.GD2692119@nvidia.com> (raw)
In-Reply-To: <ZW8MP2tDt4_9ROBz@arm.com>
On Tue, Dec 05, 2023 at 11:40:47AM +0000, Catalin Marinas wrote:
> > - Will had unanswered questions in another part of the thread:
> >
> > https://lore.kernel.org/all/20231013092954.GB13524@willie-the-truck/
> >
> > Can someone please help concluding it?
>
> Is this about reclaiming the device? I think we concluded that we can't
> generalise this beyond PCIe, though not sure there was any formal
> statement to that thread. The other point Will had was around stating
> in the commit message why we only relax this to Normal NC. I haven't
> checked the commit message yet, it needs careful reading ;).
Not quite, we said reclaiming is VFIO's problem and if VFIO can't
reliably reclaim a device it shouldn't create it in the first place.
Again, I think alot of this is trying to take VFIO problems into KVM.
VFIO devices should not exist if they pose a harm to the system. If
VFIO decided to create the devices anyhow (eg admin override or
something) then it is not KVM's job to do any further enforcement.
Remember, the feedback we got from the CPU architects was that even
DEVICE_* will experience an uncontained failure if the device tiggers
an error response in shipping ARM IP.
The reason PCIe is safe is because the PCI bridge does not generate
errors in the first place!
Thus, the way a platform device can actually be safe is if it too
never generates errors in the first place! Obviously this approach
works just as well with NORMAL_NC.
If a platform device does generate errors then we shouldn't expect
containment at all, and the memory type has no bearing on the
safety. The correct answer is to block these platform devices from
VFIO/KVM/etc because they can trigger uncontained failures.
If you have learned something different then please share it..
IOW, what is the practical scenario where DEVICE_* has contained
errors but NORMAL_NC does not?
Jason
next prev parent reply other threads:[~2023-12-05 13:05 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-05 3:30 [PATCH v2 1/1] KVM: arm64: allow the VM to select DEVICE_* and NORMAL_NC for IO memory ankita
2023-12-05 9:21 ` Marc Zyngier
2023-12-05 11:40 ` Catalin Marinas
2023-12-05 13:05 ` Jason Gunthorpe [this message]
2023-12-05 14:37 ` Lorenzo Pieralisi
2023-12-05 14:44 ` Jason Gunthorpe
2023-12-05 16:24 ` Catalin Marinas
2023-12-05 17:10 ` Jason Gunthorpe
2023-12-05 16:22 ` Catalin Marinas
2023-12-05 16:43 ` Jason Gunthorpe
2023-12-05 17:01 ` Marc Zyngier
2023-12-05 17:33 ` Catalin Marinas
2023-12-05 17:50 ` Marc Zyngier
2023-12-05 18:40 ` Catalin Marinas
2023-12-06 11:39 ` Marc Zyngier
2023-12-06 12:14 ` Catalin Marinas
2023-12-06 15:16 ` Jason Gunthorpe
2023-12-06 16:31 ` Catalin Marinas
2023-12-06 17:20 ` Jason Gunthorpe
2023-12-06 18:58 ` Catalin Marinas
2023-12-06 19:03 ` Jason Gunthorpe
2023-12-06 19:06 ` Catalin Marinas
2023-12-07 2:53 ` Ankit Agrawal
2023-12-06 11:52 ` Lorenzo Pieralisi
2023-12-05 19:24 ` Catalin Marinas
2023-12-05 19:48 ` Jason Gunthorpe
2023-12-06 14:49 ` Catalin Marinas
2023-12-06 15:05 ` Jason Gunthorpe
2023-12-06 15:18 ` Lorenzo Pieralisi
2023-12-06 15:38 ` Jason Gunthorpe
2023-12-06 16:23 ` Catalin Marinas
2023-12-06 16:48 ` Jason Gunthorpe
2023-12-07 10:13 ` Lorenzo Pieralisi
2023-12-07 13:38 ` Jason Gunthorpe
2023-12-07 14:50 ` Lorenzo Pieralisi
2023-12-05 13:28 ` Lorenzo Pieralisi
2023-12-05 14:16 ` Shameerali Kolothum Thodi
2023-12-06 8:17 ` Shameerali Kolothum Thodi
2023-12-05 11:48 ` Catalin Marinas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231205130517.GD2692119@nvidia.com \
--to=jgg@nvidia.com \
--cc=acurrid@nvidia.com \
--cc=akpm@linux-foundation.org \
--cc=aniketa@nvidia.com \
--cc=ankita@nvidia.com \
--cc=apopple@nvidia.com \
--cc=ardb@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=cjia@nvidia.com \
--cc=danw@nvidia.com \
--cc=gshan@redhat.com \
--cc=jhubbard@nvidia.com \
--cc=kvm@vger.kernel.org \
--cc=kvmarm@lists.linux.dev \
--cc=kwankhede@nvidia.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lpieralisi@kernel.org \
--cc=maz@kernel.org \
--cc=mochs@nvidia.com \
--cc=oliver.upton@linux.dev \
--cc=shameerali.kolothum.thodi@huawei.com \
--cc=suzuki.poulose@arm.com \
--cc=targupta@nvidia.com \
--cc=vsethi@nvidia.com \
--cc=will@kernel.org \
--cc=yuzenghui@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox