From: Benjamin Herrenschmidt <benh@kernel.crashing.org>
To: Robin Murphy <robin.murphy@arm.com>,
Alexey Kardashevskiy <aik@ozlabs.ru>,
linuxppc-dev@lists.ozlabs.org
Cc: David Gibson <david@gibson.dropbear.id.au>,
kvm-ppc@vger.kernel.org, kvm@vger.kernel.org,
Yongji Xie <elohimes@gmail.com>,
Eric Auger <eric.auger@redhat.com>,
Kyle Mahlkuch <Kyle.Mahlkuch@ibm.com>,
Alex Williamson <alex.williamson@redhat.com>,
Jike Song <jike.song@intel.com>,
Bjorn Helgaas <bhelgaas@google.com>,
Joerg Roedel <joro@8bytes.org>,
Arvind Yadav <arvind.yadav.cs@gmail.com>,
David Woodhouse <dwmw2@infradead.org>,
Kirti Wankhede <kwankhede@nvidia.com>,
Mauricio Faria de Oliveira <mauricfo@linux.vnet.ibm.com>,
Neo Jia <cjia@nvidia.com>, Paul Mackerras <paulus@samba.org>,
Vlad Tsyrklevich <vlad@tsyrklevich.net>,
iommu@lists.linux-foundation.org, linux-kernel@vger.kernel.org
Subject: Re: [RFC PATCH v5 0/5] vfio-pci: Add support for mmapping MSI-X table
Date: Tue, 15 Aug 2017 15:42:31 +1000 [thread overview]
Message-ID: <1502775751.4493.47.camel@kernel.crashing.org> (raw)
In-Reply-To: <ca2a4550-fb26-28db-0eea-a5940dfa612f@arm.com>
On Mon, 2017-08-14 at 14:12 +0100, Robin Murphy wrote:
> On the other hand, if the check is not so much to mitigate malicious
> guests attacking the system as to prevent dumb guests breaking
> themselves (e.g. if some or all of the MSI-X capability is actually
> emulated), then allowing things to sometimes go wrong on the grounds of
> an irrelevant hardware feature doesn't seem correct :/
There is 0 value in trying to prevent the guest kernel from shooting
itself in the foot. There are so many other ways it can do it that I
fail the point of even attempting it here.
In addition, this actually harms performance on some devices. There
are cases where the MSI-X table shares a page with other registrers
that are used during normal device operation. This is especially
problematic on architectures such as powerpc that use 64K pages.
Those devices thus suffer a massive performance loss, for the sake of
something that never happens in practice (especially on pseries where
the MSI configuration is done by paravirt calls, thus by qemu itself).
Cheers,
Ben.
next prev parent reply other threads:[~2017-08-15 5:43 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-07 7:25 [RFC PATCH v5 0/5] vfio-pci: Add support for mmapping MSI-X table Alexey Kardashevskiy
2017-08-07 7:25 ` [RFC PATCH v5 1/5] iommu: Add capabilities to a group Alexey Kardashevskiy
2017-08-09 5:55 ` David Gibson
2017-08-07 7:25 ` [RFC PATCH v5 2/5] iommu: Set IOMMU_GROUP_CAP_ISOLATE_MSIX if MSI controller enables IRQ remapping Alexey Kardashevskiy
2017-08-07 7:25 ` [RFC PATCH v5 3/5] iommu/intel/amd: Set IOMMU_GROUP_CAP_ISOLATE_MSIX if IRQ remapping is enabled Alexey Kardashevskiy
2017-08-07 7:25 ` [RFC PATCH v5 4/5] powerpc/iommu: Set IOMMU_GROUP_CAP_ISOLATE_MSIX Alexey Kardashevskiy
2017-08-07 7:25 ` [RFC PATCH v5 5/5] vfio-pci: Allow to expose MSI-X table to userspace when safe Alexey Kardashevskiy
2017-08-09 6:59 ` David Gibson
2017-08-14 9:45 ` [RFC PATCH v5 0/5] vfio-pci: Add support for mmapping MSI-X table Alexey Kardashevskiy
2017-08-14 13:12 ` Robin Murphy
2017-08-15 1:16 ` Jike Song
2017-08-15 1:33 ` Benjamin Herrenschmidt
2017-08-15 1:47 ` Jike Song
2017-08-15 5:38 ` Benjamin Herrenschmidt
2017-08-15 14:48 ` David Laight
2017-08-15 5:42 ` Benjamin Herrenschmidt [this message]
2017-08-15 16:37 ` Alex Williamson
2017-08-16 0:35 ` Benjamin Herrenschmidt
2017-08-16 16:56 ` Alex Williamson
2017-08-17 4:43 ` Benjamin Herrenschmidt
2017-08-17 10:56 ` David Laight
2017-08-17 19:25 ` Alex Williamson
2017-08-21 2:47 ` Alexey Kardashevskiy
2017-08-29 2:58 ` Alexey Kardashevskiy
2017-09-11 3:27 ` Alexey Kardashevskiy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1502775751.4493.47.camel@kernel.crashing.org \
--to=benh@kernel.crashing.org \
--cc=Kyle.Mahlkuch@ibm.com \
--cc=aik@ozlabs.ru \
--cc=alex.williamson@redhat.com \
--cc=arvind.yadav.cs@gmail.com \
--cc=bhelgaas@google.com \
--cc=cjia@nvidia.com \
--cc=david@gibson.dropbear.id.au \
--cc=dwmw2@infradead.org \
--cc=elohimes@gmail.com \
--cc=eric.auger@redhat.com \
--cc=iommu@lists.linux-foundation.org \
--cc=jike.song@intel.com \
--cc=joro@8bytes.org \
--cc=kvm-ppc@vger.kernel.org \
--cc=kvm@vger.kernel.org \
--cc=kwankhede@nvidia.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=mauricfo@linux.vnet.ibm.com \
--cc=paulus@samba.org \
--cc=robin.murphy@arm.com \
--cc=vlad@tsyrklevich.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).