Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp3392372imm; Mon, 4 Jun 2018 02:51:06 -0700 (PDT) X-Google-Smtp-Source: ADUXVKL6s+jQ0ZYqVwgnu2ezaAQTJU+lrS1kDdmjdpxseBf5kpH5COoRnZaOK0bgEH5J1/F3CCTn X-Received: by 2002:a17:902:b60b:: with SMTP id b11-v6mr21603375pls.330.1528105866798; Mon, 04 Jun 2018 02:51:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1528105866; cv=none; d=google.com; s=arc-20160816; b=tktkvEIZepk/MXZPBxk/pipRZQlvmYLEL2U6kOQ+P5X1weonOLVT23GE/2sQaNmVtZ 3ROZ2HMuaffkPxtmHiXtspBxqlGXljWDD9PaPklfZf3s1JY8UzhYNhtz62pr2PL04doQ qyJoSVdEXN0s0E4MbKkCXURQENLbV4lB0A9iYCi54HjoYYd2VCLCw4Jucov5fhAFqL3A uJG96RbgAHwuMG7eAZsC1/USFvqujCrEnSOB6J38lFDp6bWNBU61ljPYQqrSHhRzx4sr 02c/Kacs14Lu9NxEEANQLnWRCa8/auYCbs8A4n5daPWzjyWZ4OJxyOlg27SEsMlJ4U5B Ctkg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:date:cc:to:from:subject:message-id :arc-authentication-results; bh=YJimrubqEaSkDkmaVM/7eQFhWNp2onRBAs6HOs9QB+c=; b=HG/T1rgdYCBm05q6y+n6oY7wM7IeXvayMld5G1kkP/s2fU5Cuya1Wkn7OaS2w5gbRO EcDl0/RbSClawd685u1WndnuhyqG2fDWx2TnA9EmOPDsQixJ657Qcw2SA9bYZsuE7Y8Q JipGtbnwYaKAUo6YuY3/+Hn+av5xtAjJqeAjiWE+4VqWrZci2caTGYI0AgkEBiLdjnws 0VBgsSoVnat5NyJcPglgQ7vhkf7avln29sTf4IgO7XOndki6RLz661kJJCruNtAn+bhW NMx7Rl03q56M/Niup0/7Iz8qUGbWcXUfk7xroIW2IWyvs0zrU1Q6GHkZrd4gLn5wg18p 453A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s26-v6si10213605pgo.298.2018.06.04.02.50.52; Mon, 04 Jun 2018 02:51:06 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751933AbeFDJuY (ORCPT + 99 others); Mon, 4 Jun 2018 05:50:24 -0400 Received: from gate.crashing.org ([63.228.1.57]:47776 "EHLO gate.crashing.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751097AbeFDJuX (ORCPT ); Mon, 4 Jun 2018 05:50:23 -0400 Received: from localhost (localhost.localdomain [127.0.0.1]) by gate.crashing.org (8.14.1/8.14.1) with ESMTP id w549mtVj013676; Mon, 4 Jun 2018 04:48:57 -0500 Message-ID: Subject: Re: [RFC V2] virtio: Add platform specific DMA API translation for virito devices From: Benjamin Herrenschmidt To: David Gibson Cc: "Michael S. Tsirkin" , Anshuman Khandual , virtualization@lists.linux-foundation.org, linux-kernel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, aik@ozlabs.ru, robh@kernel.org, joe@perches.com, elfring@users.sourceforge.net, jasowang@redhat.com, mpe@ellerman.id.au, hch@infradead.org Date: Mon, 04 Jun 2018 19:48:54 +1000 In-Reply-To: <20180604085742.GQ4251@umbus> References: <20180522063317.20956-1-khandual@linux.vnet.ibm.com> <20180523213703-mutt-send-email-mst@kernel.org> <20180604085742.GQ4251@umbus> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.28.1 (3.28.1-2.fc28) Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 2018-06-04 at 18:57 +1000, David Gibson wrote: > > > - First qemu doesn't know that the guest will switch to "secure mode" > > in advance. There is no difference between a normal and a secure > > partition until the partition does the magic UV call to "enter secure > > mode" and qemu doesn't see any of it. So who can set the flag here ? > > This seems weird to me. As a rule HV calls should go through qemu - > or be allowed to go directly to KVM *by* qemu. It's not an HV call, it's a UV call, qemu won't see it, qemu isn't trusted. Now the UV *will* reflect that to the HV via some synthetized HV calls, and we *could* have those do a pass by qemu, however, so far, our entire design doesn't rely on *any* qemu knowledge whatsoever and it would be sad to add it just for that purpose. Additionally, this is rather orthogonal, see my other email, the problem we are trying to solve is *not* a qemu problem and it doesn't make sense to leak that into qemu. > We generally reserve > the latter for hot path things. Since this isn't a hot path, having > the call handled directly by the kernel seems wrong. > > Unless a "UV call" is something different I don't know about. Yes, a UV call goes to the Ultravisor, not the Hypervisor. The Hypervisor isn't trusted. > > - Second, when using VIRTIO_F_IOMMU_PLATFORM, we also make qemu (or > > vhost) go through the emulated MMIO for every access to the guest, > > which adds additional overhead. > Ben.