From mboxrd@z Thu Jan 1 00:00:00 1970 From: Weidong Han Subject: Re: [PATCH] VT-d: fix PCI device detach from virtual machine Date: Thu, 17 Jun 2010 11:35:46 +0800 Message-ID: <4C199812.4080703@intel.com> References: <715D42877B251141A38726ABF5CABF2C0195A7B959@pdsmsx503.ccr.corp.intel.com> <1276557557.2063.43.camel@macbook.infradead.org> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: 'Avi Kivity' , "'iommu@lists.linux-foundation.org'" , 'kvm' , "Kay, Allen M" To: David Woodhouse Return-path: Received: from mga02.intel.com ([134.134.136.20]:20661 "EHLO mga02.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755951Ab0FQDfs (ORCPT ); Wed, 16 Jun 2010 23:35:48 -0400 In-Reply-To: <1276557557.2063.43.camel@macbook.infradead.org> Sender: kvm-owner@vger.kernel.org List-ID: David Woodhouse wrote: > On Thu, 2009-02-26 at 17:31 +0800, Han, Weidong wrote: > >> When assign a device behind conventional PCI bridge or PCIe to >> PCI/PCI-x bridge to a domain, it must assign its bridge and may >> also need to assign secondary interface to the same domain. >> >> Dependent assignment is already there, but dependent >> deassignment is missed when detach device from virtual machine. >> This results in conventional PCI device assignment failure after >> it has been assigned once. This patch addes dependent >> deassignment, and fixes the issue. >> > > Um, this code makes my head hurt. > > Why are we doing this in the first place? Because the IOMMU works on the > source-id in PCIe transactions, the pci_find_upstream_pcie_bridge() > function effectively tells us which PCI device our own device will be > masquerading as, for the purposes of DMA. > > So why do we bother setting up a context in the IOMMU for the device > itself, when no DMA will ever appear to come from this device? And > if the device is behind PCI Express-to-PCI/PCI-X bridge, the source-id may be the device bdf or the source-id provided by the bridge. so it needs to map the device itself. > likewise why do we bother setting up a context for intermediate PCI > bridges? > I'm not sure if the intermediate PCI bridges are necessary. need to check PCI spec. > Why not just jump straight to the 'DMA proxy' device, and use that > _only_? > What's the 'DMA proxy' device? is it the upstream pcie-to-pci bridge? > We'll have to cope with multiple devices behind the same 'proxy', but it > looks like our handling of that is totally screwed already... what > happens right now if you have two PCI devices behind the same PCIe-PCI > bridge, and try to attach both of them to different domains... or both > to the _same_ domain, in fact, and then detach just one of them. I think > the answer to the latter question is that your newly-added > iommu_detach_dependent_devices() routine will tear down the mapping on > the 'proxy' device and faults will start happening for the device which > is supposed to still be mapped? > all the device behind a pcie-to-pci bridge must be co-assigned to a single domain. So it also require users to detach them together. Regards, Weidong > Confused... and tempted to rip it all out and start over. > >