From: Julien Grall <julien.grall@linaro.org>
To: Ian Campbell <Ian.Campbell@citrix.com>
Cc: xen-devel@lists.xenproject.org, tim@xen.org,
stefano.stabellini@citrix.com
Subject: Re: [PATCH v3 12/13] xen/arm: Add the property "protected-devices" in the hypervisor node
Date: Fri, 04 Apr 2014 12:01:29 +0100 [thread overview]
Message-ID: <533E9109.5030509@linaro.org> (raw)
In-Reply-To: <1396608481.4211.196.camel@kazak.uk.xensource.com>
On 04/04/2014 11:48 AM, Ian Campbell wrote:
> On Fri, 2014-04-04 at 11:39 +0100, Julien Grall wrote:
>> On 04/04/2014 11:28 AM, Ian Campbell wrote:
>>> On Fri, 2014-04-04 at 11:25 +0100, Julien Grall wrote:
>>>> On 04/04/2014 10:40 AM, Ian Campbell wrote:
>>>>
>>>>> We really need to be able to manage this transition in a compatible way,
>>>>> that means new kernels working on old hypervisors as well as old kernels
>>>>> working on new hypervisors (it's obviously fine for this case to bounce
>>>>> when it doesn't need to).
>>>>
>>>> It's not possible because a same platform can have both protected and
>>>> non-protected devices. The Linux has to know in some way if the DMA has
>>>> to be program with IPA or PA.
>>>
>>> Then there must be a negotiation between Xen and the Linux kernel so Xen
>>> can know which case to apply.
>>>
>>> e.g. if the kernel does not advertise support for protected devices then
>>> Xen must act as if no IOMMU was present.
>>
>> How the kernel can say "I'm supporting IOMMU"? New hypercall?
>
> On x86 we use the ELF notes to communicate it at build time. We don't
> currently have a similar mechanism under ARM but perhaps we need to
> invent one now.
>
> There is also __HYPERVISOR_vm_assist which is/was used on PV x86 to
> signal these sorts of things, if its not too late.
>
>> Xen has to program the IOMMU quite early (e.g before Linux is booting
>> and use the protected device).
>
> In that case an ELF note type solution might be the only option.
>
> However, since this stuff only comes to matter when the guest comes to
> do grant mapping it might be that we can defer until runtime and require
> that a modern kernel calls vm_assist before making any grant calls. If
> it doesn't then it is assumed to be unable to cope with the iommu.
Using vm_assist means we can't anymore denied access to invalid
transaction by default. It sounds like we want to completely disable the
IOMMU, because in this case passthrough should not be enabled.
Futhermore, I can't predict what would happen if the device is used and
the kernel decides to call vm_assist (e.g protect devices). I suppose we
can break the device at this time.
It's not possible in Xen to know if the decide is used or not.
>> Backporting my patch series to support protected devices is not a big
>> deal. What about disabling IOMMU by default on ARM until a good support
>> is made in Linux?
>
> I'd rather avoid this if at all possible, upgrading Xen is not supposed
> to require new dom0 kernel features and it is hard to describe "support
> for protected devices" as a bug fix.
But we can chose to disable IOMMU by default on ARM. And the user will
have to decide if it's safe or not to use IOMMU.
Regards,
--
Julien Grall
next prev parent reply other threads:[~2014-04-04 11:01 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-11 15:49 [PATCH v3 00/13] IOMMU support for ARM Julien Grall
2014-03-11 15:49 ` [PATCH v3 01/13] xen/common: grant-table: only call IOMMU if paging mode translate is disabled Julien Grall
2014-03-11 15:49 ` [PATCH v3 02/13] xen/passthrough: amd: Remove domain_id from hvm_iommu Julien Grall
2014-03-18 16:19 ` Ian Campbell
2014-03-18 16:32 ` Jan Beulich
2014-03-11 15:49 ` [PATCH v3 03/13] xen/dts: Add dt_property_read_bool Julien Grall
2014-03-11 15:49 ` [PATCH v3 04/13] xen/dts: Add dt_parse_phandle_with_args and dt_parse_phandle Julien Grall
2014-03-18 16:20 ` Ian Campbell
2014-03-11 15:49 ` [PATCH v3 05/13] xen/passthrough: rework dom0_pvh_reqs to use it also on ARM Julien Grall
2014-03-18 16:22 ` Ian Campbell
2014-03-18 17:28 ` Julien Grall
2014-03-18 17:50 ` Ian Campbell
2014-03-18 18:19 ` Julien Grall
2014-03-19 10:01 ` Ian Campbell
2014-03-11 15:49 ` [PATCH v3 06/13] xen/passthrough: iommu: Split generic IOMMU code Julien Grall
2014-03-11 16:50 ` Jan Beulich
2014-03-11 17:09 ` Julien Grall
2014-03-12 7:15 ` Jan Beulich
2014-03-18 16:24 ` Ian Campbell
2014-03-18 17:36 ` Julien Grall
2014-03-18 17:50 ` Ian Campbell
2014-03-18 18:21 ` Julien Grall
2014-03-19 10:02 ` Ian Campbell
2014-03-11 15:49 ` [PATCH v3 07/13] xen/passthrough: iommu: Introduce arch specific code Julien Grall
2014-03-11 16:15 ` Julien Grall
2014-03-11 16:53 ` Jan Beulich
2014-03-18 16:27 ` Ian Campbell
2014-03-18 19:40 ` Julien Grall
2014-03-11 15:49 ` [PATCH v3 08/13] xen/passthrough: iommu: Basic support of device tree assignment Julien Grall
2014-03-11 16:55 ` Jan Beulich
2014-03-18 16:33 ` Ian Campbell
2014-03-18 19:46 ` Julien Grall
2014-03-19 10:12 ` Ian Campbell
2014-03-19 10:42 ` Julien Grall
2014-03-19 10:54 ` Ian Campbell
2014-03-11 15:49 ` [PATCH v3 09/13] xen/passthrough: Introduce IOMMU ARM architecture Julien Grall
2014-03-18 16:40 ` Ian Campbell
2014-03-18 19:58 ` Julien Grall
2014-03-19 10:29 ` Ian Campbell
2014-03-11 15:49 ` [PATCH v3 10/13] MAINTAINERS: Add drivers/passthrough/arm Julien Grall
2014-03-11 15:49 ` [PATCH v3 11/13] xen/arm: Don't give IOMMU devices to dom0 when iommu is disabled Julien Grall
2014-03-18 16:41 ` Ian Campbell
2014-03-11 15:49 ` [PATCH v3 12/13] xen/arm: Add the property "protected-devices" in the hypervisor node Julien Grall
2014-03-18 16:48 ` Ian Campbell
2014-03-18 20:09 ` Julien Grall
2014-03-19 10:33 ` Ian Campbell
2014-04-03 21:51 ` Julien Grall
2014-04-04 9:40 ` Ian Campbell
2014-04-04 10:25 ` Julien Grall
2014-04-04 10:28 ` Ian Campbell
2014-04-04 10:39 ` Julien Grall
2014-04-04 10:48 ` Ian Campbell
2014-04-04 11:01 ` Julien Grall [this message]
2014-04-04 11:13 ` Ian Campbell
2014-04-04 11:23 ` Julien Grall
2014-04-04 12:45 ` Ian Campbell
2014-04-04 13:10 ` Julien Grall
2014-04-04 13:18 ` Ian Campbell
2014-03-11 15:49 ` [PATCH v3 13/13] drivers/passthrough: arm: Add support for SMMU drivers Julien Grall
2014-03-18 16:54 ` Ian Campbell
2014-03-18 20:25 ` Julien Grall
2014-03-19 10:35 ` Ian Campbell
2014-03-19 10:44 ` Julien Grall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=533E9109.5030509@linaro.org \
--to=julien.grall@linaro.org \
--cc=Ian.Campbell@citrix.com \
--cc=stefano.stabellini@citrix.com \
--cc=tim@xen.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).