From: Christoffer Dall <christoffer.dall-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
To: Will Deacon <will.deacon-5wv7dgnIgG8@public.gmane.org>
Cc: eric.auger-qxv4g6HH51o@public.gmane.org,
kvm-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Eric Auger <eric.auger-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>,
marc.zyngier-5wv7dgnIgG8@public.gmane.org,
patches-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org,
p.fedin-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org,
pranav.sawargaonkar-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org,
kvmarm-FPEHb7Xf0XXUo1n7N8X6UoWGPAHP3yOg@public.gmane.org,
linux-arm-kernel-IAPFreCvJWM7uuMidbF8XUB+6BGkLq7r@public.gmane.org
Subject: Re: [PATCH 00/10] KVM PCIe/MSI passthrough on ARM/ARM64
Date: Wed, 3 Feb 2016 16:36:06 +0100 [thread overview]
Message-ID: <20160203153606.GC13974@cbox> (raw)
In-Reply-To: <20160203131057.GA20217-5wv7dgnIgG8@public.gmane.org>
On Wed, Feb 03, 2016 at 01:10:58PM +0000, Will Deacon wrote:
> On Wed, Feb 03, 2016 at 01:50:47PM +0100, Christoffer Dall wrote:
> > On Mon, Feb 01, 2016 at 02:03:51PM +0000, Will Deacon wrote:
> > > On Fri, Jan 29, 2016 at 10:25:52PM +0100, Eric Auger wrote:
> > > > On 01/29/2016 08:33 PM, Alex Williamson wrote:
> > > > >>> We know that x86 handles MSI vectors specially, so there is some
> > > > >>> hardware that helps the situation. It's not just that x86 has a fixed
> > > > >>> range for MSI, it's how it manages that range when interrupt remapping
> > > > >>> hardware is enabled. A device table indexed by source-ID references a
> > > > >>> per device table indexed by data from the MSI write itself. So we get
> > > > >>> much, much finer granularity,
> > > > >> About the granularity, I think ARM GICv3 now provides a similar
> > > > >> capability with GICv3 ITS (interrupt translation service). Along with
> > > > >> the MSI MSG write transaction, the device outputs a DeviceID conveyed on
> > > > >> the bus. This DeviceID (~ your source-ID) enables to index a device
> > > > >> table. The entry in the device table points to a DeviceId interrupt
> > > > >> translation table indexed by the EventID found in the msi msg. So the
> > > > >> entry in the interrupt translation table eventually gives you the
> > > > >> eventual interrupt ID targeted by the MSI MSG.
> > > > >> This translation capability if not available in GICv2M though, ie. the
> > > > >> one I am currently using.
> > > > >>
> > > > >> Those tables currently are built by the ITS irqchip (irq-gic-v3-its.c)
> > >
> > > That's right. GICv3/ITS disambiguates the interrupt source using the
> > > DeviceID, which for PCI is derived from the Requester ID of the endpoint.
> > > GICv2m is less flexible and requires a separate physical frame per guest
> > > to achieve isolation.
> > >
> > We should still support MSI passthrough with a single MSI frame host
> > system though, right?
>
> I think we should treat the frame as an exclusive resource and assign it
> to a single VM.
so on a single frame GICv2m system, either your host or a single VM gets
to do MSIs...
>
> > (Users should just be aware that guests are not fully protected against
> > misbehaving hardware in that case).
>
> Is it confined to misbehaving hardware? What if a malicious/buggy guest
> configures its device to DMA all over the doorbell?
>
I guess not, I suppose we can't trap any configuration access and
mediate that for any device. Bummer.
-Christoffer
next prev parent reply other threads:[~2016-02-03 15:36 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-26 13:12 [PATCH 00/10] KVM PCIe/MSI passthrough on ARM/ARM64 Eric Auger
2016-01-26 13:12 ` [PATCH 01/10] iommu: Add DOMAIN_ATTR_MSI_MAPPING attribute Eric Auger
2016-01-26 13:12 ` [PATCH 02/10] vfio: expose MSI mapping requirement through VFIO_IOMMU_GET_INFO Eric Auger
2016-01-26 13:12 ` [PATCH 04/10] vfio: introduce VFIO_IOVA_RESERVED vfio_dma type Eric Auger
2016-01-26 13:12 ` [PATCH 05/10] vfio/type1: attach a reserved iova domain to vfio_domain Eric Auger
2016-01-26 13:12 ` [PATCH 06/10] vfio: introduce vfio_group_alloc_map_/unmap_free_reserved_iova Eric Auger
[not found] ` <1453813968-2024-7-git-send-email-eric.auger-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
2016-01-26 16:17 ` kbuild test robot
2016-01-26 16:37 ` Eric Auger
2016-01-26 13:12 ` [PATCH 07/10] vfio: pci: cache the vfio_group in vfio_pci_device Eric Auger
2016-01-26 13:12 ` [PATCH 08/10] vfio: introduce vfio_group_require_msi_mapping Eric Auger
2016-01-26 13:12 ` [PATCH 09/10] vfio-pci: create an iommu mapping for msi address Eric Auger
[not found] ` <1453813968-2024-10-git-send-email-eric.auger-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
2016-01-26 14:43 ` kbuild test robot
[not found] ` <201601262259.1kktHLzi%fengguang.wu-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-26 15:14 ` Eric Auger
2016-01-26 13:12 ` [PATCH 10/10] vfio: allow the user to register reserved iova range for MSI mapping Eric Auger
2016-01-26 16:42 ` kbuild test robot
[not found] ` <1453813968-2024-11-git-send-email-eric.auger-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
2016-01-26 18:32 ` kbuild test robot
2016-01-26 17:25 ` [PATCH 00/10] KVM PCIe/MSI passthrough on ARM/ARM64 Pavel Fedin
2016-01-27 8:52 ` Eric Auger
2016-01-28 7:13 ` Pavel Fedin
2016-01-28 9:50 ` Eric Auger
[not found] ` <1453813968-2024-1-git-send-email-eric.auger-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
2016-01-26 13:12 ` [PATCH 03/10] vfio_iommu_type1: add reserved binding RB tree management Eric Auger
2016-01-28 21:51 ` [PATCH 00/10] KVM PCIe/MSI passthrough on ARM/ARM64 Alex Williamson
[not found] ` <1454017899.23148.0.camel-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2016-01-29 14:35 ` Eric Auger
2016-01-29 19:33 ` Alex Williamson
[not found] ` <1454096004.9301.1.camel-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2016-01-29 21:25 ` Eric Auger
[not found] ` <56ABD8E0.6080409-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
2016-02-01 14:03 ` Will Deacon
2016-02-03 12:50 ` Christoffer Dall
2016-02-03 13:10 ` Will Deacon
[not found] ` <20160203131057.GA20217-5wv7dgnIgG8@public.gmane.org>
2016-02-03 15:36 ` Christoffer Dall [this message]
2016-02-05 17:32 ` ARM PCI/MSI KVM passthrough with GICv2M Eric Auger
[not found] ` <56B4DC97.60904-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
2016-02-05 18:17 ` Alex Williamson
[not found] ` <20160205111700.726ac061-1yVPhWWZRC1BDLzU/O5InQ@public.gmane.org>
2016-02-08 9:48 ` Christoffer Dall
2016-02-08 13:27 ` Eric Auger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160203153606.GC13974@cbox \
--to=christoffer.dall-qsej5fyqhm4dnm+yrofe0a@public.gmane.org \
--cc=eric.auger-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org \
--cc=eric.auger-qxv4g6HH51o@public.gmane.org \
--cc=iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
--cc=kvm-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=kvmarm-FPEHb7Xf0XXUo1n7N8X6UoWGPAHP3yOg@public.gmane.org \
--cc=linux-arm-kernel-IAPFreCvJWM7uuMidbF8XUB+6BGkLq7r@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=marc.zyngier-5wv7dgnIgG8@public.gmane.org \
--cc=p.fedin-Sze3O3UU22JBDgjK7y7TUQ@public.gmane.org \
--cc=patches-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org \
--cc=pranav.sawargaonkar-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=will.deacon-5wv7dgnIgG8@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).