From: Jason Wang <jasowang@redhat.com>
To: Jean-Philippe Brucker <jean-philippe.brucker@arm.com>,
iommu@lists.linux-foundation.org, kvm@vger.kernel.org,
virtualization@lists.linux-foundation.org,
virtio-dev@lists.oasis-open.org
Cc: cdall@linaro.org, will.deacon@arm.com, robin.murphy@arm.com,
lorenzo.pieralisi@arm.com, joro@8bytes.org, mst@redhat.com,
alex.williamson@redhat.com, marc.zyngier@arm.com
Subject: Re: [RFC 0/3] virtio-iommu: a paravirtualized IOMMU
Date: Wed, 12 Apr 2017 17:06:43 +0800 [thread overview]
Message-ID: <a0920e37-a11e-784c-7d90-be6617ea7686@redhat.com> (raw)
In-Reply-To: <20170407191747.26618-1-jean-philippe.brucker@arm.com>
On 2017年04月08日 03:17, Jean-Philippe Brucker wrote:
> This is the initial proposal for a paravirtualized IOMMU device using
> virtio transport. It contains a description of the device, a Linux driver,
> and a toy implementation in kvmtool. With this prototype, you can
> translate DMA to guest memory from emulated (virtio), or passed-through
> (VFIO) devices.
>
> In its simplest form, implemented here, the device handles map/unmap
> requests from the guest. Future extensions proposed in "RFC 3/3" should
> allow to bind page tables to devices.
>
> There are a number of advantages in a paravirtualized IOMMU over a full
> emulation. It is portable and could be reused on different architectures.
> It is easier to implement than a full emulation, with less state tracking.
> It might be more efficient in some cases, with less context switches to
> the host and the possibility of in-kernel emulation.
I like the idea. Consider the complexity of IOMMU hardware. I believe we
don't want to have and fight for bugs of three or more different IOMMU
implementations in either userspace or kernel.
Thanks
>
> When designing it and writing the kvmtool device, I considered two main
> scenarios, illustrated below.
>
> Scenario 1: a hardware device passed through twice via VFIO
>
> MEM____pIOMMU________PCI device________________________ HARDWARE
> | (2b) \
> ----------|-------------+-------------+------------------\-------------
> | : KVM : \
> | : : \
> pIOMMU drv : _______virtio-iommu drv \ KERNEL
> | : | : | \
> VFIO : | : VFIO \
> | : | : | \
> | : | : | /
> ----------|-------------+--------|----+----------|------------/--------
> | | : | /
> | (1c) (1b) | : (1a) | / (2a)
> | | : | /
> | | : | / USERSPACE
> |___virtio-iommu dev___| : net drv___/
> :
> --------------------------------------+--------------------------------
> HOST : GUEST
>
> (1) a. Guest userspace is running a net driver (e.g. DPDK). It allocates a
> buffer with mmap, obtaining virtual address VA. It then send a
> VFIO_IOMMU_MAP_DMA request to map VA to an IOVA (possibly VA=IOVA).
> b. The maping request is relayed to the host through virtio
> (VIRTIO_IOMMU_T_MAP).
> c. The mapping request is relayed to the physical IOMMU through VFIO.
>
> (2) a. The guest userspace driver can now instruct the device to directly
> access the buffer at IOVA
> b. IOVA accesses from the device are translated into physical
> addresses by the IOMMU.
>
> Scenario 2: a virtual net device behind a virtual IOMMU.
>
> MEM__pIOMMU___PCI device HARDWARE
> | |
> -------|---------|------+-------------+-------------------------------
> | | : KVM :
> | | : :
> pIOMMU drv | : :
> \ | : _____________virtio-net drv KERNEL
> \_net drv : | : / (1a)
> | : | : /
> tap : | ________virtio-iommu drv
> | : | | : (1b)
> -----------------|------+-----|---|---+-------------------------------
> | | | :
> |_virtio-net_| | :
> / (2) | :
> / | : USERSPACE
> virtio-iommu dev______| :
> :
> --------------------------------------+-------------------------------
> HOST : GUEST
>
> (1) a. Guest virtio-net driver maps the virtio ring and a buffer
> b. The mapping requests are relayed to the host through virtio.
> (2) The virtio-net device now needs to access any guest memory via the
> IOMMU.
>
> Physical and virtual IOMMUs are completely dissociated. The net driver is
> mapping its own buffers via DMA/IOMMU API, and buffers are copied between
> virtio-net and tap.
>
>
> The description itself seemed too long for a single email, so I split it
> into three documents, and will attach Linux and kvmtool patches to this
> email.
>
> 1. Firmware note,
> 2. device operations (draft for the virtio specification),
> 3. future work/possible improvements.
>
> Just to be clear on the terms I'm using:
>
> pIOMMU physical IOMMU, controlling DMA accesses from physical devices
> vIOMMU virtual IOMMU (virtio-iommu), controlling DMA accesses from
> physical and virtual devices to guest memory.
> GVA, GPA, HVA, HPA
> Guest/Host Virtual/Physical Address
> IOVA I/O Virtual Address, the address accessed by a device doing DMA
> through an IOMMU. In the context of a guest OS, IOVA is GVA.
>
> Note: kvmtool is GPLv2. Linux patches are GPLv2, except for UAPI
> virtio-iommu.h header, which is BSD 3-clause. For the time being, the
> specification draft in RFC 2/3 is also BSD 3-clause.
>
>
> This proposal may be involuntarily centered around ARM architectures at
> times. Any feedback would be appreciated, especially regarding other IOMMU
> architectures.
>
> Thanks,
> Jean-Philippe
next prev parent reply other threads:[~2017-04-12 9:06 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-07 19:17 [RFC 0/3] virtio-iommu: a paravirtualized IOMMU Jean-Philippe Brucker
[not found] ` <20170407191747.26618-1-jean-philippe.brucker-5wv7dgnIgG8@public.gmane.org>
2017-04-07 19:17 ` [RFC 1/3] virtio-iommu: firmware description of the virtual topology Jean-Philippe Brucker
[not found] ` <20170407191747.26618-2-jean-philippe.brucker-5wv7dgnIgG8@public.gmane.org>
2017-04-18 9:51 ` Tian, Kevin
2017-04-18 18:41 ` Jean-Philippe Brucker
2017-04-21 8:43 ` Tian, Kevin
[not found] ` <AADFC41AFE54684AB9EE6CBC0274A5D190CB2570-0J0gbvR4kThpB2pF5aRoyrfspsVTdybXVpNB7YpNyf8@public.gmane.org>
2017-04-24 15:05 ` Jean-Philippe Brucker
2017-04-10 2:30 ` Need information on type 2 IOMMU valmiki
[not found] ` <1b48daab-c9e1-84d1-78a9-84d3e2001f32-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2017-04-10 4:19 ` Alex Williamson
2017-04-13 8:41 ` [RFC 0/3] virtio-iommu: a paravirtualized IOMMU Tian, Kevin
2017-04-13 13:12 ` Jean-Philippe Brucker
2017-04-07 19:17 ` [RFC 2/3] virtio-iommu: device probing and operations Jean-Philippe Brucker
2017-04-18 10:26 ` Tian, Kevin
2017-04-18 18:45 ` Jean-Philippe Brucker
2017-04-21 9:02 ` Tian, Kevin
[not found] ` <AADFC41AFE54684AB9EE6CBC0274A5D190CB262D-0J0gbvR4kThpB2pF5aRoyrfspsVTdybXVpNB7YpNyf8@public.gmane.org>
2017-04-24 15:05 ` Jean-Philippe Brucker
2017-08-21 7:59 ` Tian, Kevin
2017-08-21 12:00 ` Jean-Philippe Brucker
[not found] ` <454095c4-cae5-ad52-a459-5c9e2cce4047-5wv7dgnIgG8@public.gmane.org>
2017-08-22 6:24 ` Tian, Kevin
2017-08-22 14:19 ` Jean-Philippe Brucker
2017-08-23 2:23 ` Tian, Kevin
2017-04-07 19:17 ` [RFC 3/3] virtio-iommu: future work Jean-Philippe Brucker
[not found] ` <20170407191747.26618-4-jean-philippe.brucker-5wv7dgnIgG8@public.gmane.org>
2017-04-21 8:31 ` Tian, Kevin
2017-04-24 15:05 ` Jean-Philippe Brucker
2017-04-26 16:24 ` Michael S. Tsirkin
2017-04-07 19:23 ` [RFC PATCH linux] iommu: Add virtio-iommu driver Jean-Philippe Brucker
2017-06-16 8:48 ` [virtio-dev] " Bharat Bhushan
2017-06-16 11:36 ` Jean-Philippe Brucker
2017-04-07 19:24 ` [RFC PATCH kvmtool 00/15] Add virtio-iommu Jean-Philippe Brucker
2017-04-07 19:24 ` [RFC PATCH kvmtool 01/15] virtio: synchronize virtio-iommu headers with Linux Jean-Philippe Brucker
2017-04-07 19:24 ` [RFC PATCH kvmtool 02/15] FDT: (re)introduce a dynamic phandle allocator Jean-Philippe Brucker
2017-04-07 19:24 ` [RFC PATCH kvmtool 03/15] virtio: add virtio-iommu Jean-Philippe Brucker
2017-04-07 19:24 ` [RFC PATCH kvmtool 04/15] Add a simple IOMMU Jean-Philippe Brucker
2017-04-07 19:24 ` [RFC PATCH kvmtool 05/15] iommu: describe IOMMU topology in device-trees Jean-Philippe Brucker
2017-04-07 19:24 ` [RFC PATCH kvmtool 06/15] irq: register MSI doorbell addresses Jean-Philippe Brucker
2017-04-07 19:24 ` [RFC PATCH kvmtool 07/15] virtio: factor virtqueue initialization Jean-Philippe Brucker
2017-04-07 19:24 ` [RFC PATCH kvmtool 08/15] virtio: add vIOMMU instance for virtio devices Jean-Philippe Brucker
2017-04-07 19:24 ` [RFC PATCH kvmtool 09/15] virtio: access vring and buffers through IOMMU mappings Jean-Philippe Brucker
2017-04-07 19:24 ` [RFC PATCH kvmtool 10/15] virtio-pci: translate MSIs with the virtual IOMMU Jean-Philippe Brucker
2017-04-07 19:24 ` [RFC PATCH kvmtool 11/15] virtio: set VIRTIO_F_IOMMU_PLATFORM when necessary Jean-Philippe Brucker
2017-04-07 19:24 ` [RFC PATCH kvmtool 12/15] vfio: add support for virtual IOMMU Jean-Philippe Brucker
2017-04-07 19:24 ` [RFC PATCH kvmtool 13/15] virtio-iommu: debug via IPC Jean-Philippe Brucker
2017-04-07 19:24 ` [RFC PATCH kvmtool 14/15] virtio-iommu: implement basic debug commands Jean-Philippe Brucker
2017-04-07 19:24 ` [RFC PATCH kvmtool 15/15] virtio: use virtio-iommu when available Jean-Philippe Brucker
[not found] ` <20170407192455.26814-1-jean-philippe.brucker-5wv7dgnIgG8@public.gmane.org>
2017-05-22 8:26 ` [RFC PATCH kvmtool 00/15] Add virtio-iommu Bharat Bhushan
[not found] ` <AM5PR0401MB2545FADDF2A7649DF0DB68309AF80-oQ3wXcTHOqrg6d/1FbYcvI3W/0Ik+aLCnBOFsp37pqbUKgpGm//BTAC/G2K4zDHf@public.gmane.org>
2017-05-22 14:01 ` Jean-Philippe Brucker
2017-04-07 21:19 ` [RFC 0/3] virtio-iommu: a paravirtualized IOMMU Michael S. Tsirkin
2017-04-10 18:39 ` Jean-Philippe Brucker
2017-04-10 20:04 ` [virtio-dev] " Michael S. Tsirkin
2017-04-12 9:06 ` Jason Wang [this message]
[not found] ` <a0920e37-a11e-784c-7d90-be6617ea7686-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2017-04-13 8:16 ` Tian, Kevin
[not found] ` <AADFC41AFE54684AB9EE6CBC0274A5D190CA990E-0J0gbvR4kThpB2pF5aRoyrfspsVTdybXVpNB7YpNyf8@public.gmane.org>
2017-04-13 13:12 ` Jean-Philippe Brucker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a0920e37-a11e-784c-7d90-be6617ea7686@redhat.com \
--to=jasowang@redhat.com \
--cc=alex.williamson@redhat.com \
--cc=cdall@linaro.org \
--cc=iommu@lists.linux-foundation.org \
--cc=jean-philippe.brucker@arm.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=lorenzo.pieralisi@arm.com \
--cc=marc.zyngier@arm.com \
--cc=mst@redhat.com \
--cc=robin.murphy@arm.com \
--cc=virtio-dev@lists.oasis-open.org \
--cc=virtualization@lists.linux-foundation.org \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).