Received: by 10.223.185.116 with SMTP id b49csp4284810wrg;
        Mon, 26 Feb 2018 14:46:32 -0800 (PST)
X-Google-Smtp-Source: AH8x2268d8hVvQ4JSoNVjia2a2XWf9xe0Ro/cipnKtnz+oElateMRV05yvIGXzg40ZRx/uq0PEFy
X-Received: by 10.99.183.5 with SMTP id t5mr9869764pgf.416.1519685192182;
        Mon, 26 Feb 2018 14:46:32 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1519685192; cv=none;
        d=google.com; s=arc-20160816;
        b=p1hY6fzM9LpyRi/7KRlyZNy0kAK9RkyWOc5tpmWeP2wSPQ7ZZUI+eydXJnvwYbRJgy
         gRZD1BX3w6tU0ogVJkTCB3ch9NawC2I1A3oo15cNAivBnj27AtOlmL2V0chslOP4X53L
         CP1yHVQKvMKUynEBIS9XxCd2tUllZoC0NMVdf1l2MaMEwhxmXc1EvQvYFsR2v2C55zRO
         czGWu5bVrg6Q1NhmWZEhCMeoYJR53f1slMpc5iGv6crYhNStwaVo9eitPjDcyTEFJ3ew
         Y47t1tpFTzdFivJzWGK/fxyD9CHZo/wR9kJQLCSfP8TlcILDFpr1o6mJPmO/PcPOE0JG
         KrVA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject
         :message-id:date:from:references:in-reply-to:mime-version
         :dkim-signature:arc-authentication-results;
        bh=Ui2EbtBbHSip6r/SScqeF196q1tZQR0fwwtdWd4Lae4=;
        b=PARXBj/xxGco7ExeiplRaGBt6jq7ZrciarVisl9zqAmxxVVkr3or+hWECSUucM/mem
         ULBuArjrk1spmWl6ai1Gng1olUg2EspY3fkxPIEd/YaLmY4nbk5NGCyHXEGiOK1L81u9
         Hr4M8eimzPskmL86OzOSuNfW8UbpHH2H6lRQldf8sphYSxIrt4XU3OHgKcbF3dfhwhWe
         irCD0/YAl7HlO5/N5TyZjuZJIZXI1XZuVBkMJ+iC3VpQzhfFi2C8+YdR95oXY5hobRus
         +m0KKDLKoPlhmWySyraCAHWDRHTZk3o4CgXva+p4LchoqEzxcJKN0Lt0xYVXQeEDmo7k
         UEmA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=gC8tsrfu;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id b62si7420369pfl.409.2018.02.26.14.46.14;
        Mon, 26 Feb 2018 14:46:32 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=gC8tsrfu;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751742AbeBZWpA (ORCPT <rfc822;sujaykul91@gmail.com>
        + 99 others); Mon, 26 Feb 2018 17:45:00 -0500
Received: from mail-qt0-f193.google.com ([209.85.216.193]:45511 "EHLO
        mail-qt0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751429AbeBZWo6 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 26 Feb 2018 17:44:58 -0500
Received: by mail-qt0-f193.google.com with SMTP id v90so20856643qte.12;
        Mon, 26 Feb 2018 14:44:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc:content-transfer-encoding;
        bh=Ui2EbtBbHSip6r/SScqeF196q1tZQR0fwwtdWd4Lae4=;
        b=gC8tsrfuispDBns1d67CwOI1Kj1JVnkEPZaVKmQYKorfK72roEas7pk3w3kz7xeWPh
         Zv89/tfHesF8B7wKbOHmcmWIqovM8FP2aZS8wRNLzn5yZre5QcsPxgnxYkIxh7i3pLby
         XmD1E4mKX+RHA8wPDhjKRkVkU6gR1nqkdvV1THEBzYu83bRNKF2E6bP0T99mp3L+6Se2
         gYkxQ/SrrGlIZTpcW0f1qFkPLYWxGddqtDsu5RnJApkgVtrM36Fdm656MPuI+E16X8bK
         5aemEvPyHYO4NhwNd8TgZvDnKtW4+S5hD77ZfVkTTVz6602xmmdmKrvYYC5KfgF4ZRDm
         mkjg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc:content-transfer-encoding;
        bh=Ui2EbtBbHSip6r/SScqeF196q1tZQR0fwwtdWd4Lae4=;
        b=DbdMdBhA4V4Hm4Nllhf1AL1gAjfLbY8cStlr/exJHU5JB9vHhI9/JR2zSZba8NbwkZ
         /gRxLCkrlnnvuIRNSfTV+SqbSKncuV74xU+gQhoc6UdXHot8lndj/eq5we5O33p9LqZx
         XLInktYf3dakmC2nodlbJTjZoLAgLNbpAo2HrlkC80MEZ0icOJhxC1w2l9QQ9adcUXHH
         H1ziFe/btoXmhgrq6jKoT3T+vsomfilwoC04pzTdFBtIUefksCCWDuI6LvncSAtSI6GU
         w8USMtodSdKvjkmn+ippG1bVdNyVY+0EU3QUp8IHD/uy8SoXyFgmMsE40tPrIaTfb8l2
         PdjQ==
X-Gm-Message-State: APf1xPArRvQN5rXduMFhinuB3Jnt/VuaC+qoNVoz8oau1d5RlZxe70nq
        j0bIo3yZ0DDNM7B2dFlw1wHbQk5t9lnLj0T11LNRJA==
X-Received: by 10.200.27.172 with SMTP id z41mr21088949qtj.58.1519685097059;
 Mon, 26 Feb 2018 14:44:57 -0800 (PST)
MIME-Version: 1.0
Received: by 10.140.89.138 with HTTP; Mon, 26 Feb 2018 14:44:56 -0800 (PST)
In-Reply-To: <20180227003257-mutt-send-email-mst@kernel.org>
References: <20180226044837.19543.12267.stgit@mdrustad-mac04.local>
 <CAKgT0UcMth9Jxovoj7xo0q2t+MuY0K1Upf+Mqs3zgXdriui-tA@mail.gmail.com>
 <E8D91EBA-F75D-4FF9-BDE8-FCE3A4B4B007@intel.com> <CAKgT0UcG91o3H8jmSJFfyt2p_CoqxgCYrEX2Xchoira6nu6mNg@mail.gmail.com>
 <20180227003257-mutt-send-email-mst@kernel.org>
From:   Alexander Duyck <alexander.duyck@gmail.com>
Date:   Mon, 26 Feb 2018 14:44:56 -0800
Message-ID: <CAKgT0UdicSYCJ_=oCUrxKg+zx5X3B9ubt1X+BdfP42n4NR9B3g@mail.gmail.com>
Subject: Re: [RFC PATCH V4] pci: virtio_pci: Add SR-IOV support for virtio_pci devices
To:     "Michael S. Tsirkin" <mst@redhat.com>
Cc:     "Rustad, Mark D" <mark.d.rustad@intel.com>,
        "virtio-dev@lists.oasis-open.org" <virtio-dev@lists.oasis-open.org>,
        Netdev <netdev@vger.kernel.org>,
        LKML <linux-kernel@vger.kernel.org>,
        "linux-pci@vger.kernel.org" <linux-pci@vger.kernel.org>,
        "Daly, Dan" <dan.daly@intel.com>,
        Alex Williamson <alex.williamson@redhat.com>,
        "MRustad@gmail.com" <MRustad@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Feb 26, 2018 at 2:38 PM, Michael S. Tsirkin <mst@redhat.com> wrote:
> On Mon, Feb 26, 2018 at 10:05:31AM -0800, Alexander Duyck wrote:
>> On Mon, Feb 26, 2018 at 9:48 AM, Rustad, Mark D <mark.d.rustad@intel.com=
> wrote:
>> > Alex,
>> >
>> >> On Feb 26, 2018, at 7:26 AM, Alexander Duyck <alexander.duyck@gmail.c=
om> wrote:
>> >>
>> >> Mark,
>> >>
>> >> In the future please don't put my "Reviewed-by" on a patch that I
>> >> haven't reviewed. I believe I reviewed one of the earlier patches, bu=
t
>> >> I hadn't reviewed this version.
>> >
>> > I'm very sorry. I completely spaced doing something about that. I thin=
k yours was the first Reviewed-by I ever had in this way. In the future I w=
ill remove such things from my changelog right after sending. Thanks for al=
erting me to what I had failed to do.
>> >
>> >> Also, after thinking about it over the weekend we may want to look at
>> >> just coming up with a truly "generic" solution that is applied to
>> >> SR-IOV capable devices that don't have a SR-IOV capable driver loaded
>> >> on them. That would allow us to handle the uio, vfio, pci-stub, and
>> >> virtio cases all in one fell swoop. I think us going though and
>> >> modifying one patch at a time to do this kind of thing isn't going to
>> >> scale.
>> >
>> > The notion of that kind of troubles me - at least pci-stub does. Havin=
g worked on ixgbe a bit, I have to wonder what kind of havoc would ensue if=
 an ixgbe device were assigned to a guest, and an attempt was made to alloc=
ate VFs by the pci-stub. The guest could be running any version of the ixgb=
e driver, possibly even an old one that didn't support SR-IOV. Even if it d=
id support SR-IOV, I don't know how it would respond to mailbox messages wh=
en it doesn't think it has VFs.
>>
>> The assumption here is that the root user knows what they are doing.
>
> There are tools that let non-root users load the stub.
>
> People use that to e.g.  prevent a native driver from loading while also
> assuming it won't break the kernel.
>
>
>> We have already had some discussion on this in regards to VFIO. My
>> thought is we look at adding a new PCI sysfs option called
>> "sriov_unmanaged_autoprobe" that would be similar to
>> "sriov_drivers_autoprobe" and is used to determine if we allow for
>> auto probing of the VFs into the host kernel when SR-IOV is enabled.
>
> I'm not sure how a global option can work for use-cases
> such as containers though.

It isn't global. It is per PF. There is a sysfs value per PF called
"sriov_drivers_autoprobe" that currently controls if VFs are
automatically bound by drivers from the kernel. What I am suggesting
is we split that value, and then add a new one called
"sriov_unmanaged_autoprobe" to handle the case where either there is
no driver on the PF or the driver loaded doesn't support SR-IOV. The
default behavior for it would be to be disabled by default so if VFs
are spawned by an unmanaged PF the drivers don't load on them by
default. The root user can toggle the sysfs entry if they want that
behavior to change.

The idea based on a request by Alex Williamson that we prevent VF
drivers from loading in the host if a PF is managed by user-space or a
firmware entity and we don't have a clear way of configuring VFs from
the kernel.

- Alex