Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp4325846ybb; Mon, 23 Mar 2020 18:44:05 -0700 (PDT) X-Google-Smtp-Source: ADFU+vu2CiIcLG6LKwPP7j/jeGMgGY4YyIbc5GqpGQcaKMLTxY+1yN7QXs9ZkFKuMf58CgCQkQ3V X-Received: by 2002:a05:6830:2428:: with SMTP id k8mr380177ots.345.1585014245455; Mon, 23 Mar 2020 18:44:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1585014245; cv=none; d=google.com; s=arc-20160816; b=T5+mLCYs1kXUE6rFTSIA1b3CYgKSwOXWT9Ru+yEPk0/FKz/OXnJrI/AhwBrP1vT6eL UEpmHjlkVZlA7/wZdSI9AXeQGAnXE8seh6tXizSCud+aBrZg6RqBHrfxd1ADKb3nR1WL yK8ZsGFmrksPr4+FfU6s/yp/CvmVwMY4IH8Zmd4OaJVEseCUoHIl3wC/1/ucuo8eWYXH aKD2rlxhesqBQDITvEhhmkbj6EyPuRRsWW5Q9RsBZgUDL1qKaAuFv+Sn5fQryA5vk+Eb tQme3IXJDbpJjE6Y0/Fh3jz6Mnw1WD6qvFDn+0b+psxL4HiNXvuFB5hIDfmVWEy9WvEZ Y7fg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:to:subject:cc:ironport-sdr:ironport-sdr; bh=K/QC5r8GFbpHBAdjoFY75x6ZfVo8HRQDkxfYCDcvxr8=; b=CVRF+JI4Y/tC0HKgPoKuDaqGM+WyJMPXMvk4nOa6VOqoEKJqEBkXIQ7u4hLc3kGt/S vLtSMDqY7vvn9H54dn9T9scYAlZ/0eWHOVAOew8hKvEXTxN19sDENGnL/V6Z1D8EnEKv P6rUjRH/HXtSvZMeZzjwI+udQ+jOZ7nZ4t6DWq3GbnTKqTgVesWjDuqm2Nz6Y0tqSy7C QkKBak31fnT6/MPvfex2KsptMbOGMS5qwnX4wplKJugcO3KOaNNQupCsfvUX3h2+uoeQ CvEqw/m9+R9UywFprlEyDJ1EvH91ybV+4Y+7M7M1MB9U1+rIac0QoMmD4dgzUw0x8maY 9hNw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z5si3060136oiz.209.2020.03.23.18.43.51; Mon, 23 Mar 2020 18:44:05 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727122AbgCXBm3 (ORCPT + 99 others); Mon, 23 Mar 2020 21:42:29 -0400 Received: from mga06.intel.com ([134.134.136.31]:34433 "EHLO mga06.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727053AbgCXBm3 (ORCPT ); Mon, 23 Mar 2020 21:42:29 -0400 IronPort-SDR: JBgzrgoK7kffK/l+cwFL+d7SaUOn82L3nfteoI5LxGg2pl+/bHN9EyQ4Z+mGy2iOCAnnhPJVE9 XTl5HhWqlFmw== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 Mar 2020 18:42:28 -0700 IronPort-SDR: LefSmsp92s2IYF/PXnr6Ipuk/XOB1mRv7a3IU3qijkzj/XlZb1QGzvYjNjxIF9jCqaFVGqPRmz mqkp44TBM4QA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.72,298,1580803200"; d="scan'208";a="264976626" Received: from blu2-mobl3.ccr.corp.intel.com (HELO [10.254.208.83]) ([10.254.208.83]) by orsmga002.jf.intel.com with ESMTP; 23 Mar 2020 18:42:22 -0700 Cc: baolu.lu@linux.intel.com, Jacob Pan , iommu@lists.linux-foundation.org, LKML , Joerg Roedel , David Woodhouse , Yi Liu , "Tian, Kevin" , Jean-Philippe Brucker , Eric Auger , Dave Jiang , "Lu, Baolu" Subject: Re: [PATCH 2/2] iommu/vt-d: Replace intel SVM APIs with generic SVA APIs To: "Raj, Ashok" , Jean-Philippe Brucker References: <1582586797-61697-1-git-send-email-jacob.jun.pan@linux.intel.com> <1582586797-61697-4-git-send-email-jacob.jun.pan@linux.intel.com> <20200320092955.GA1702630@myrica> <20200323230113.GA84386@otc-nc-03> From: Lu Baolu Message-ID: <6cc2f1ea-5a7d-eeab-b50c-5b464098de6b@linux.intel.com> Date: Tue, 24 Mar 2020 09:42:20 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.6.0 MIME-Version: 1.0 In-Reply-To: <20200323230113.GA84386@otc-nc-03> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2020/3/24 7:01, Raj, Ashok wrote: > Hi Jean > > On Fri, Mar 20, 2020 at 10:29:55AM +0100, Jean-Philippe Brucker wrote: >>> +#define to_intel_svm_dev(handle) container_of(handle, struct intel_svm_dev, sva) >>> +struct iommu_sva * >>> +intel_svm_bind(struct device *dev, struct mm_struct *mm, void *drvdata) >>> +{ >>> + struct iommu_sva *sva = ERR_PTR(-EINVAL); >>> + struct intel_svm_dev *sdev = NULL; >>> + int flags = 0; >>> + int ret; >>> + >>> + /* >>> + * TODO: Consolidate with generic iommu-sva bind after it is merged. >>> + * It will require shared SVM data structures, i.e. combine io_mm >>> + * and intel_svm etc. >>> + */ >>> + if (drvdata) >>> + flags = *(int *)drvdata; >> >> drvdata is more for storing device driver contexts that can be passed to >> iommu_sva_ops, but I get that this is temporary. >> >> As usual I'm dreading supervisor mode making it into the common API. What >> are your plans regarding SUPERVISOR_MODE and PRIVATE_PASID flags? The >> previous discussion on the subject [1] had me hoping that you could >> replace supervisor mode with normal mappings (auxiliary domains?) >> I'm less worried about PRIVATE_PASID, it would just add complexity into > > We don't seem to have an immediate need for PRIVATE_PASID. There are some talks > about potential usages, but nothing concrete. I think it might be good to > get rid of it now and add when we really need. > > For SUPERVISOR_MODE, the idea is to have aux domain. Baolu is working on > something to replace. Certainly the entire kernel address is opening up > the whole kimono.. so we are looking at dynamically creating mappings on demand. > It might take some of the benefits of SVA in general with no need to create > mappings, but for security somebody has to pay the price :-) My thought is to reuse below aux-domain API. int iommu_aux_attach_device(struct iommu_domain *domain, struct device *dev) Currently, it asks the vendor iommu driver to allocate a PASID and bind the domain with it. We can change it to allow the caller to pass in an existing supervisor PASID. int iommu_aux_attach_device(struct iommu_domain *domain, struct device *dev, int *pasid) In the vendor iommu driver, if (*pasid == INVALID_IOASID), it will allocate a pasid (the same as current behavior); otherwise, attach the domain with the pass-in pasid. Best regards, baolu