From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-qk1-f172.google.com (mail-qk1-f172.google.com [209.85.222.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 46FA022B8A9 for ; Thu, 16 Jan 2025 19:19:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.222.172 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737055195; cv=none; b=HtpA6nMrn+pAtoiGGKwAG7etxVgmw3HDDHm+9RXAU7GTnlssD5S9jJ4lyteXWc9mdQd83MbaJfY/w4q6wyR4VQRvRwaSCpq5mUavwdYBdDwhKZaF49gm1opTM7wK/F5h2+q2EX3b4QASY+9gzkuLNe+rCAQtGPqwT7k8X0AiJ6Y= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737055195; c=relaxed/simple; bh=bChrpxoXYLOi2YUup3iemrrMhFmpTodAygOPpJhId9Y=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=j87EFziwiiZzO8qc4VE8lQdjcqXqVTADmRzolJJJLHVqjjYEfMHOY74whWuArDGvTP9ivCObirGJfw9DxHaBFzh35zINH/9bWAz4O4EMHZoSbv3gKdYoDCAaBsslPWV+/WgLAkJsQbOGD43OqBuUCT3bnxP8LNO+JPGyX6B2ehs= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=ziepe.ca; spf=pass smtp.mailfrom=ziepe.ca; dkim=pass (2048-bit key) header.d=ziepe.ca header.i=@ziepe.ca header.b=SkJjqpud; arc=none smtp.client-ip=209.85.222.172 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=ziepe.ca Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=ziepe.ca Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=ziepe.ca header.i=@ziepe.ca header.b="SkJjqpud" Received: by mail-qk1-f172.google.com with SMTP id af79cd13be357-7b6f1be1daeso120047585a.0 for ; Thu, 16 Jan 2025 11:19:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ziepe.ca; s=google; t=1737055193; x=1737659993; darn=vger.kernel.org; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date:from:to :cc:subject:date:message-id:reply-to; bh=bChrpxoXYLOi2YUup3iemrrMhFmpTodAygOPpJhId9Y=; b=SkJjqpudUWp0/zTmbC0cPucAZI0ovPFgLYTjH4meAYWV6MqaYtM5b/x4qHmkxrW0eu UX2XuRTo7JXcc/xjw9S/2Bw09kwEDbCkC7bW0VddvHQHA1qvb3G4o3d5UyK8d2E2Ts0u VjjSh+jNjO/Aw1SepIUs6Yd0aeH2t7OfzFrisxzloVqPGWMHcx8ySu/GU2pb+lMeKZJE G6genotEzwAm5rHMssKD3Cmp+Z7xl/DMQStYKq03h/bKcRPfAo6J3wb2GMOv78l+sOx5 3rcjLxF4FXWJlPJAZTu0AnYQkIn2qpBAYeCdPvljoYtnOXvTorJg1jsyfa8H1ytmJfzz FEbw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737055193; x=1737659993; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=bChrpxoXYLOi2YUup3iemrrMhFmpTodAygOPpJhId9Y=; b=HxAVlJuptmynys3urw+ccNinTdpQ3Jdj9GLBW1JmC1HZbZhHigu8TZK2Xkz6Tunxs0 OFLU7RoQIzu4MQ7vJH+XGoOoA0cD8pAjNQqxfjy21/LfijLZE8pr4DGwLBbCad3lh161 wn6MdBnEg4vwlYiYWGBC6vUV7mza0znjraHjh8yVyUdJ03xDLz3wJ/gHNmTawzPCZ2bd oCuO5pSeKui1WOCTj09EcRDU69jH9pmzlYLlvMrN3qYiJBxuceO47gYHVa+9nncyG6Dr NZDzl9jc+trRcdKD8vOFI8NahWS2fYvtZJw/0ezC+y+kNHnyl27eb7KcLQ9dLCnOPSaJ n2xQ== X-Forwarded-Encrypted: i=1; AJvYcCX4Sh7B9nJD43B4ZKC3Mqe33LJeDFN+GGQk+jiuZxOhUYlOPPFzwmGuUDy79BKd/KDDZtFaqR0um52pj0Y=@vger.kernel.org X-Gm-Message-State: AOJu0YwledbE98rYLLwLZUntzb8KV0N5Re8Vqt3sCWAXdJNedIFsbaN7 WcOBu+0Uicrw1IwRBGAXxu0UZzG8fsB4zawgkhlgGnje1kk9ZAmNtc51BCMNWJQYHhAQ5f8YYe5 M X-Gm-Gg: ASbGnctW1CSeeAQKxUvgTnGjSgugpEbzwAUelWXLkn3pQSNYuYP2oB//h2RrEyNrI2A nnXqPnCF5OUAO/32Tf4CQnychu6/j6tJokK9O/otRFTOW+9ei6wN6GBAHZ9eK6j9JMN4GWFTvto LfHdtu3leKvAPOTibH1UsYUMTt+2dbWAvG8RmQNSyTqmfHDKkWRaCKT/Gb4gICXPur1QKLIUxnl JfFd1CvcjnKnxcc0oWGHS4mwGiyfSAWfnyQJeV7brw2tg/wqaM8QrIoGQvbBwOAPsvNiB0f+tKG MljNv5N05+7W8xgyH0DT6fHRU8/1fQ== X-Google-Smtp-Source: AGHT+IGTm4bFEwhL8GqLcY8z3nt0mSjwsh1Z+7KfLW6eIDlz0sFoLhtw28pz+YDUvgq5sFx2TdqJnA== X-Received: by 2002:a05:620a:2a13:b0:7b6:d8aa:7ef9 with SMTP id af79cd13be357-7be6320c0f9mr4896085a.32.1737055193220; Thu, 16 Jan 2025 11:19:53 -0800 (PST) Received: from ziepe.ca (hlfxns017vw-142-68-128-5.dhcp-dynamic.fibreop.ns.bellaliant.net. [142.68.128.5]) by smtp.gmail.com with ESMTPSA id af79cd13be357-7be6147f2e7sm33743585a.32.2025.01.16.11.19.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 16 Jan 2025 11:19:52 -0800 (PST) Received: from jgg by wakko with local (Exim 4.97) (envelope-from ) id 1tYVPE-00000002xf3-0us0; Thu, 16 Jan 2025 15:19:52 -0400 Date: Thu, 16 Jan 2025 15:19:52 -0400 From: Jason Gunthorpe To: Mostafa Saleh Cc: iommu@lists.linux.dev, kvmarm@lists.linux.dev, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, catalin.marinas@arm.com, will@kernel.org, maz@kernel.org, oliver.upton@linux.dev, joey.gouly@arm.com, suzuki.poulose@arm.com, yuzenghui@huawei.com, robdclark@gmail.com, joro@8bytes.org, robin.murphy@arm.com, jean-philippe@linaro.org, nicolinc@nvidia.com, vdonnefort@google.com, qperret@google.com, tabba@google.com, danielmentz@google.com, tzukui@google.com Subject: Re: [RFC PATCH v2 00/58] KVM: Arm SMMUv3 driver for pKVM Message-ID: <20250116191952.GD674319@ziepe.ca> References: <20241212180423.1578358-1-smostafa@google.com> <20241212194119.GA4679@ziepe.ca> <20250102201614.GA26854@ziepe.ca> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: On Wed, Jan 08, 2025 at 12:09:53PM +0000, Mostafa Saleh wrote: > I am open to gradually upstream this as you mentioned where as a first > step pKVM would establish DMA isolation without translation for host, > that should be enough to have functional pKVM and run protected workloads. Personally I hate these giant patch series, you should strip it down to small meaningful steps and try to stay below 20 per series. I think getting pkvm to own the SMMU HW is a great first step that everything else can build on > But although that might be usable on some systems, I don’t think that’s > practical in the long term as it limits the amount of HW that can run pKVM. I suspect you will end up doing everything. Old HW needs paravirt, new HW will want nesting and its performance. Users other than mobile will come. If we were to use pKVM on server workloads we need nesting for performance. Jason