Received: by 2002:a25:c205:0:0:0:0:0 with SMTP id s5csp5965909ybf; Thu, 5 Mar 2020 10:23:11 -0800 (PST) X-Google-Smtp-Source: ADFU+vvUFQiK4RxeRwk3a5g6LMC397+6LD+mu6jVLTa+bZoSk4gK2lbGgzDUCLbMUO6O4LBz9zbc X-Received: by 2002:a05:6808:6ca:: with SMTP id m10mr254937oih.63.1583432591458; Thu, 05 Mar 2020 10:23:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1583432591; cv=none; d=google.com; s=arc-20160816; b=CYMBY8qg0rtUQmpx3DqtD6ao/f2AbGZ3CHG943g44wxri1KJOtZcINYXVHVSh+UZ27 meVo1YoFHfPk59/OFCvwrmBjF8Yxa+k7jJoVfSQCsvz/jjDiAqt5fpo6p8uTbcr+pT/8 +75BQmPa5HEscstbgIsNtgJacvdAV0kin7nWqgnT08VIQrNFJxfxXj5OGdtmz3CXx6eX LzBlOdQ9dXN1MXnlyIweaK0daASzhWvpZ3nlmF3g/BqpIBaOgjk6aFihbAL6/rQb6DIC GMkbxmqSPnAISGDMksWmGaKOuF77QIKExnB66A0nXrz0+smEm5Oo+aBcYPs9/tk1HLCV ObcA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date :dkim-signature; bh=90RLHPqVNEZEMrWwkgjpPMMkSbZ9eZRo8m2gr4E/ffQ=; b=m1y9QTrGmW8D+AKrLfdjJ53qka32r9Zc1xE3MNVRiUvftuxtlp8X42H/yivZJXgtzF N+MAImIlH2044no+DEFOXKB3tUfeUFRfnMRvuW7HkU31KNmNmmAqQV0NULRkqR3LgeeD T0JdAuvKOk0hErVNXdCYbdRRJ9oZ0fyg/G1bnqRYpGnFpSJrKMhmzS/krfVOnTi20NeU cTiycV29KNfBW63LIl+MDQU6vbFGrBC4yh0zmKj/iVeYFH/xy9YszKhvGfkllOtFYeeO vm9ddeyuKp4WzhItZYyj8zrK9ZHcxd/ugEfW2Gxbgxesy7dh5D0NlQvChh8DMfD21EQI 5l5w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Ggxo3a7h; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id t24si4088411oth.319.2020.03.05.10.22.58; Thu, 05 Mar 2020 10:23:11 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=Ggxo3a7h; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726164AbgCESWl (ORCPT + 99 others); Thu, 5 Mar 2020 13:22:41 -0500 Received: from us-smtp-delivery-1.mimecast.com ([205.139.110.120]:31973 "EHLO us-smtp-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726080AbgCESWk (ORCPT ); Thu, 5 Mar 2020 13:22:40 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1583432559; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=90RLHPqVNEZEMrWwkgjpPMMkSbZ9eZRo8m2gr4E/ffQ=; b=Ggxo3a7hdHrwjG4k3gtHSePRaYS7JCUUlBq8TkcngeHnEYq9fUY4witBaMGMgM815n/wtV HeED+CbMbDPRDQ3q+P7oFnRDn3WQUy+T2a80xjIzQKSq2626SeZ/SXnf4ikjql/8OgQEm0 I61e3R0iTTjFamUNFl9Wq08zZj+295g= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-140-FZVPSvRgM1yuOakSm6mTpA-1; Thu, 05 Mar 2020 13:22:35 -0500 X-MC-Unique: FZVPSvRgM1yuOakSm6mTpA-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 23DBB13F6; Thu, 5 Mar 2020 18:22:34 +0000 (UTC) Received: from w520.home (ovpn-116-28.phx2.redhat.com [10.3.116.28]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6B5AB8F34E; Thu, 5 Mar 2020 18:22:31 +0000 (UTC) Date: Thu, 5 Mar 2020 11:22:30 -0700 From: Alex Williamson To: "Tian, Kevin" Cc: "kvm@vger.kernel.org" , "linux-pci@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "dev@dpdk.org" , "mtosatti@redhat.com" , "thomas@monjalon.net" , "bluca@debian.org" , "jerinjacobk@gmail.com" , "Richardson, Bruce" , "cohuck@redhat.com" Subject: Re: [PATCH v2 5/7] vfio/pci: Add sriov_configure support Message-ID: <20200305112230.0dd77712@w520.home> In-Reply-To: References: <158213716959.17090.8399427017403507114.stgit@gimli.home> <158213846731.17090.37693075723046377.stgit@gimli.home> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 25 Feb 2020 03:08:00 +0000 "Tian, Kevin" wrote: > > From: Alex Williamson > > Sent: Thursday, February 20, 2020 2:54 AM > > > > With the VF Token interface we can now expect that a vfio userspace > > driver must be in collaboration with the PF driver, an unwitting > > userspace driver will not be able to get past the GET_DEVICE_FD step > > in accessing the device. We can now move on to actually allowing > > SR-IOV to be enabled by vfio-pci on the PF. Support for this is not > > enabled by default in this commit, but it does provide a module option > > for this to be enabled (enable_sriov=1). Enabling VFs is rather > > straightforward, except we don't want to risk that a VF might get > > autoprobed and bound to other drivers, so a bus notifier is used to > > "capture" VFs to vfio-pci using the driver_override support. We > > assume any later action to bind the device to other drivers is > > condoned by the system admin and allow it with a log warning. > > > > vfio-pci will disable SR-IOV on a PF before releasing the device, > > allowing a VF driver to be assured other drivers cannot take over the > > PF and that any other userspace driver must know the shared VF token. > > This support also does not provide a mechanism for the PF userspace > > driver itself to manipulate SR-IOV through the vfio API. With this > > patch SR-IOV can only be enabled via the host sysfs interface and the > > PF driver user cannot create or remove VFs. > > I'm not sure how many devices can be properly configured simply > with pci_enable_sriov. It is not unusual to require PF driver prepare > something before turning PCI SR-IOV capability. If you look kernel > PF drivers, there are only two using generic pci_sriov_configure_ > simple (simple wrapper like pci_enable_sriov), while most others > implementing their own callback. However vfio itself has no idea > thus I'm not sure how an user knows whether using this option can > actually meet his purpose. I may miss something here, possibly > using DPDK as an example will make it clearer. There is still the entire vfio userspace driver interface. Imagine for example that QEMU emulates the SR-IOV capability and makes a call out to libvirt (or maybe runs with privs for the PF SR-IOV sysfs attribs) when the guest enables SR-IOV. Can't we assume that any PF specific support can still be performed in the userspace/guest driver, leaving us with a very simple and generic sriov_configure callback in vfio-pci? Thanks, Alex