Received: by 10.192.165.148 with SMTP id m20csp4864558imm; Tue, 8 May 2018 16:12:27 -0700 (PDT) X-Google-Smtp-Source: AB8JxZpdhNyMWsTe+Yp8pK+Dqs5SRUn1G14lDvArDl08T6tJDJNJP9ZQdUY3AbAx4TGlOxVUWEn8 X-Received: by 2002:a17:902:9685:: with SMTP id n5-v6mr2131975plp.32.1525821147354; Tue, 08 May 2018 16:12:27 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1525821147; cv=none; d=google.com; s=arc-20160816; b=Leq22pz5L7eP2b+9f5ydLzsEkzK/zhhGL3H1SRii9feKXtzlBCvQjnKhvJkFrOVzyR fuXmOWCOcH9NSPXpZtVb5U75GFM22Y4bQydQH5H5J7p1D40QB24KTUBoJUR0kkzA7ovM rsOq1hVsaCmjQICZISunBOxW+AU+e629i0juOdA3G91qugE+2tUZl3Vy3/WGPNGAWRt+ nXlqmVc3Pd3/Uv6q8G7HmYAiVrvIDt5anp5szYmcN+UhGeinzpGc1S6B0qQoQrmTKvao bu8/fEuntsCUe+dXt+UfCIlQM8fATYHjprpihmDw+DCx+UcfvfgYC1U/ZprC2Xmeu8EK 3YTQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date :arc-authentication-results; bh=o4e2Zne199ptidlPMlcTW6xODc60UjehY3h0JxUJCXw=; b=DVZlNQtpl+D23je0XGaXuJDWyNt/E8dTBzQgmz1ePIOtQe+6aOwqao2ym1G0S+4Fcp lkQtSgWeQGYmhOb94lCgXVmni6Vjo0o1YGqltiGiyPi16Vxvp1ZLULHU+/Rx1txUbNYQ X+HrtkSITgJZg8a145yX6xJ6XhdA6uINdHlQ0aMjf0IsC/6GXKYb+hY+7IDDn3eq0Hvm zK64j4eHoFbBS+z0ksfjGnHYpKqIYZAONkWdAwi5HwrqmTwWZB3i6o4+icfJ7GwMa/8u gQFEUzhkK44+yGSDl9aQoaeLGRRYDIFGYcPpCQk6MK9dfgWBxfWsuDSQXIfEODl2qXx5 HDNA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h127si12995961pfb.111.2018.05.08.16.12.12; Tue, 08 May 2018 16:12:27 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755913AbeEHXMB (ORCPT + 99 others); Tue, 8 May 2018 19:12:01 -0400 Received: from mx1.redhat.com ([209.132.183.28]:57532 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754148AbeEHXL7 (ORCPT ); Tue, 8 May 2018 19:11:59 -0400 Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id ABC17804F6; Tue, 8 May 2018 23:11:53 +0000 (UTC) Received: from w520.home (ovpn-116-103.phx2.redhat.com [10.3.116.103]) by smtp.corp.redhat.com (Postfix) with ESMTP id 40AF62010D13; Tue, 8 May 2018 23:11:51 +0000 (UTC) Date: Tue, 8 May 2018 17:11:50 -0600 From: Alex Williamson To: "Stephen Bates" Cc: Logan Gunthorpe , Christian =?UTF-8?B?S8O2bmln?= , "Bjorn Helgaas" , "linux-kernel@vger.kernel.org" , "linux-pci@vger.kernel.org" , "linux-nvme@lists.infradead.org" , "linux-rdma@vger.kernel.org" , "linux-nvdimm@lists.01.org" , "linux-block@vger.kernel.org" , Christoph Hellwig , Jens Axboe , Keith Busch , Sagi Grimberg , Bjorn Helgaas , Jason Gunthorpe , Max Gurtovoy , Dan Williams , =?UTF-8?B?SsOpcsO0bWU=?= Glisse , Benjamin Herrenschmidt Subject: Re: [PATCH v4 04/14] PCI/P2PDMA: Clear ACS P2P flags for all devices behind switches Message-ID: <20180508171150.0e8fd291@w520.home> In-Reply-To: References: <20180423233046.21476-1-logang@deltatee.com> <20180423233046.21476-5-logang@deltatee.com> <20180507231306.GG161390@bhelgaas-glaptop.roam.corp.google.com> <0b4183ef-e720-204b-9e85-b9eaf7a4136a@deltatee.com> <3584a6ac-95c7-5d23-1859-aee30605776e@deltatee.com> <20180508133407.57a46902@w520.home> <5fc9b1c1-9208-06cc-0ec5-1f54c2520494@deltatee.com> <20180508141331.7cd737cb@w520.home> <20180508144341.0441b676@w520.home> <20180508152631.50fd583c@w520.home> <354F7407-0DC7-470C-B9AA-74FDF9C46B08@raithlin.com> <20180508160336.0935ddde@w520.home> <20905682-9440-7d4b-0260-99d3dc794c3d@deltatee.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.84 on 10.5.11.25 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Tue, 08 May 2018 23:11:59 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 8 May 2018 22:25:06 +0000 "Stephen Bates" wrote: > > Yeah, so based on the discussion I'm leaning toward just having a > > command line option that takes a list of BDFs and disables ACS > > for them. (Essentially as Dan has suggested.) This avoids the > > shotgun. > > I concur that this seems to be where the conversation is taking us. > > @Alex - Before we go do this can you provide input on the approach? I > don't want to re-spin only to find we are still not converging on the > ACS issue.... I can envision numerous implementation details that makes this less trivial than it sounds, but it seems like the thing we need to decide first is if intentionally leaving windows between devices with the intention of exploiting them for direct P2P DMA in an otherwise IOMMU managed address space is something we want to do. From a security perspective, we already handle this with IOMMU groups because many devices do not support ACS, the new thing is embracing this rather than working around it. It makes me a little twitchy, but so long as the IOMMU groups match the expected worst case routing between devices, it's really no different than if we could wipe the ACS capability from the device. On to the implementation details... I already mentioned the BDF issue in my other reply. If we had a way to persistently identify a device, would we specify the downstream points at which we want to disable ACS or the endpoints that we want to connect? The latter has a problem that the grouping upstream of an endpoint is already set by the time we discover the endpoint, so we might need to unwind to get the grouping correct. The former might be more difficult for users to find the necessary nodes, but easier for the kernel to deal with during discovery. A runtime, sysfs approach has some benefits here, especially in identifying the device assuming we're ok with leaving the persistence problem to userspace tools. I'm still a little fond of the idea of exposing an acs_flags attribute for devices in sysfs where a write would do a soft unplug and re-add of all affected devices to automatically recreate the proper grouping. Any dynamic change in routing and grouping would require all DMA be re-established anyway and a soft hotplug seems like an elegant way of handling it. Thanks, Alex