Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp2871840imm; Sun, 5 Aug 2018 14:28:23 -0700 (PDT) X-Google-Smtp-Source: AAOMgpdhWXgctJWMvCpMWp2jpdOJtk82CkF/ch4HXsWyf/iwsMRcbCz7nHmHPeQL97YRJproMA+S X-Received: by 2002:a63:375b:: with SMTP id g27-v6mr12178923pgn.59.1533504502953; Sun, 05 Aug 2018 14:28:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1533504502; cv=none; d=google.com; s=arc-20160816; b=ZhJRwsJ/FMG2RLI7DKvQERMqzqTIqJSCct91hQ4/QmdNOTmBGEDAh40Qau3GKsbPN7 XdFaDSPlSTCVAYjZH4rEB9vxhQljE2iA9v/qrlsb3JxHuk3dI6/mZfidnvCYV5DmZ+ff 9kPrjDgiW8yt7MkMxE3AC1CXbtENAA6jijW8ViGsh08/edocJdDF2uNg/Dm/0CnxgBKv Csow8Ck/N23wRVJUwAKyscwfdnyvjslQ8Go/+qk5f9ubZbhbNdLDcTq7vLeRikeSCzur uNFSsvH2zoyNSXTVVcWn94SbGXpm19Q59KrkR7DX42hd8u5Cej3q/n3KT+08Xz6Q5dGS XNkw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:date:cc:to:from:subject:message-id :arc-authentication-results; bh=kHRP71BJeRn1uo9BW5DY4hGv3cj7TMKyi46HFb+gfQY=; b=xswWvOpdkQ0GYzsok8c1e4Fnaf7koJphIuumfG0ejLln5k/0zlzFG5qGqD67iqcwiI weFvPzJLAcRHRXsrRgEh1b1ujlei5lsX3IG+lwUE/4QZf7OCG+F71SgWlPnKEfcQbEfm 6K9W3OGfhb/luqEzLUiBrkxYb8RZHzH5EpKncjl7etF4751gbtoSRJ31T2a+Xwjdlr/v qXxkfuS9234cOUDI8DzXC44YIIOkPq+xcJM62vVVM/6XTnAqxqAD7ydQyZQcvjAshXk+ 8dIk3q1+0QEDigVE745Ol5qq8nU4U7/G3gn9XWNCq1cHZJGcnLwHZbPuqY76PuNfC1xG Fk3Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x68-v6si11673114pfc.239.2018.08.05.14.28.07; Sun, 05 Aug 2018 14:28:22 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727531AbeHEXdU (ORCPT + 99 others); Sun, 5 Aug 2018 19:33:20 -0400 Received: from gate.crashing.org ([63.228.1.57]:33811 "EHLO gate.crashing.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726865AbeHEXdU (ORCPT ); Sun, 5 Aug 2018 19:33:20 -0400 Received: from localhost (localhost.localdomain [127.0.0.1]) by gate.crashing.org (8.14.1/8.14.1) with ESMTP id w75LGmvM030309; Sun, 5 Aug 2018 16:16:49 -0500 Message-ID: Subject: Re: [RFC 0/4] Virtio uses DMA API for all devices From: Benjamin Herrenschmidt To: Christoph Hellwig Cc: "Michael S. Tsirkin" , Will Deacon , Anshuman Khandual , virtualization@lists.linux-foundation.org, linux-kernel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, aik@ozlabs.ru, robh@kernel.org, joe@perches.com, elfring@users.sourceforge.net, david@gibson.dropbear.id.au, jasowang@redhat.com, mpe@ellerman.id.au, linuxram@us.ibm.com, haren@linux.vnet.ibm.com, paulus@samba.org, srikar@linux.vnet.ibm.com, robin.murphy@arm.com, jean-philippe.brucker@arm.com, marc.zyngier@arm.com Date: Mon, 06 Aug 2018 07:16:47 +1000 In-Reply-To: <20180805072930.GB23288@infradead.org> References: <20180802200646-mutt-send-email-mst@kernel.org> <20180802225738-mutt-send-email-mst@kernel.org> <20180803070507.GA1344@infradead.org> <20180803160246.GA13794@infradead.org> <22310f58605169fe9de83abf78b59f593ff7fbb7.camel@kernel.crashing.org> <20180804082120.GB4421@infradead.org> <20180805072930.GB23288@infradead.org> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.28.4 (3.28.4-1.fc28) Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, 2018-08-05 at 00:29 -0700, Christoph Hellwig wrote: > On Sun, Aug 05, 2018 at 11:10:15AM +1000, Benjamin Herrenschmidt wrote: > > - One you have rejected, which is to have a way for "no-iommu" virtio > > (which still doesn't use an iommu on the qemu side and doesn't need > > to), to be forced to use some custom DMA ops on the VM side. > > > > - One, which sadly has more overhead and will require modifying more > > pieces of the puzzle, which is to make qemu uses an emulated iommu. > > Once we make qemu do that, we can then layer swiotlb on top of the > > emulated iommu on the guest side, and pass that as dma_ops to virtio. > > Or number three: have a a virtio feature bit that tells the VM > to use whatever dma ops the platform thinks are appropinquate for > the bus it pretends to be on. Then set a dma-range that is limited > to your secure memory range (if you really need it to be runtime > enabled only after a device reset that rescans) and use the normal > dma mapping code to bounce buffer. Who would set this bit ? qemu ? Under what circumstances ? What would be the effect of this bit while VIRTIO_F_IOMMU is NOT set, ie, what would qemu do and what would Linux do ? I'm not sure I fully understand your idea. I'm trying to understand because the limitation is not a device side limitation, it's not a qemu limitation, it's actually more of a VM limitation. It has most of its memory pages made inaccessible for security reasons. The platform from a qemu/KVM perspective is almost entirely normal. So I don't understand when would qemu set this bit, or should it be set by the VM at runtime ? Cheers, Ben.