Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp1772438ybz; Thu, 16 Apr 2020 15:25:52 -0700 (PDT) X-Google-Smtp-Source: APiQypIIRmn8ps/dlz4zPzMi8ltVUcooRvFUf+CeXVE0VE4tXzfedR2YNz3UOhk64wfFyz36JFVM X-Received: by 2002:a50:e043:: with SMTP id g3mr395200edl.220.1587075952184; Thu, 16 Apr 2020 15:25:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1587075952; cv=none; d=google.com; s=arc-20160816; b=fYeFyngh5RsCOgq37PjXr1iM+Z4jYGK8Yr1MIL8fS+a9eWEyy+zMNaJiO6kC8EWJLg 6gaYhZrQtxXEuMq80qcBnv935Z5bbffVArnkj8jYWeAc6w1FRCyhXZijjX7wUON+i55+ 7ulJvl0yO9mUmIVUA0VS/+DJHYI7p7nC2+ou0zijlzcc5MgdPJ+cerlwyR79moVQJt1B ZCZMgS+BLEzH4fBAbgcyEYgYSIvri1RmbnfyCGdAIcQebQ77i6RXszyLXw85RQFWp86j 7u5S96r+rzExBs3MocsUUGCmzIyFhC/zn3Vx/5mLEgdf/Ev7mwB+sWgVIDEGkujeEa81 Ipuw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:reply-to:message-id :subject:cc:to:from:date:ironport-sdr:ironport-sdr; bh=S3g3Vjg8+vyBovjqHl3k+QUph3RcjTKrp9l3PvjkzR0=; b=a+BAGnCfinVbBb8/Ng5htTbazKThHFkkgFf+ieM0T6nBSwDNQqqekrOkzAWFHZjpdj u2Oc67lcB0La7jid73YhigiVSV6IGb6TXWt4nN8xosRImwb6gVOzNvffSzoOJ4qjr/4E AmGUf51jbuP7SPRVBt73u161+qPYSsCFSmB1MYLTxepW3WJKfhzFmctMaFcwoyjTDe4y 8e/StHpSQBXeieejrQk5s+PP8PCngMY0ZjvYgiBrIAYejsuDTevxbD5AOcBWwaM/dAvB A4o+NIDaM6RnYpD1qALxQm+ICx4VmRyG+MtWH643LBkGdSUftolLa6QiOdin6X/A0vK7 +OaQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id o8si13016451ejn.51.2020.04.16.15.25.29; Thu, 16 Apr 2020 15:25:52 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729058AbgDPWWN (ORCPT + 99 others); Thu, 16 Apr 2020 18:22:13 -0400 Received: from mga06.intel.com ([134.134.136.31]:33211 "EHLO mga06.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728842AbgDPWWM (ORCPT ); Thu, 16 Apr 2020 18:22:12 -0400 IronPort-SDR: MmFF4Tq8SNfxceDdd3Wz9RcZEg1lxnLP4m6MLeQsDGa1ekbKg97dvAkl8y9KrRBt0NgcEhdp5j KaWj5CGDomRQ== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 Apr 2020 15:22:08 -0700 IronPort-SDR: LUu+P/YXcM5WENDHKF6o+pp4tD+Jid2CSFsujp8cMYNQ9xFFZEwJVrsSdcbAt+tJX7QcL0weLo WU/iEZhc9aAg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.72,392,1580803200"; d="scan'208";a="454501925" Received: from joy-optiplex-7040.sh.intel.com (HELO joy-OptiPlex-7040) ([10.239.13.16]) by fmsmga005.fm.intel.com with ESMTP; 16 Apr 2020 15:22:03 -0700 Date: Thu, 16 Apr 2020 18:12:26 -0400 From: Yan Zhao To: "Lu, Baolu" Cc: "Tian, Kevin" , "Liu, Yi L" , "alex.williamson@redhat.com" , "eric.auger@redhat.com" , "jacob.jun.pan@linux.intel.com" , "joro@8bytes.org" , "Raj, Ashok" , "Tian, Jun J" , "Sun, Yi Y" , "jean-philippe@linaro.org" , "peterx@redhat.com" , "iommu@lists.linux-foundation.org" , "kvm@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "Wu, Hao" Subject: Re: [PATCH v1 0/2] vfio/pci: expose device's PASID capability to VMs Message-ID: <20200416221224.GA16688@joy-OptiPlex-7040> Reply-To: Yan Zhao References: <1584880394-11184-1-git-send-email-yi.l.liu@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.9.4 (2018-02-28) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Mar 31, 2020 at 03:08:25PM +0800, Lu, Baolu wrote: > On 2020/3/31 14:35, Tian, Kevin wrote: > >> From: Liu, Yi L > >> Sent: Sunday, March 22, 2020 8:33 PM > >> > >> From: Liu Yi L > >> > >> Shared Virtual Addressing (SVA), a.k.a, Shared Virtual Memory (SVM) on > >> Intel platforms allows address space sharing between device DMA and > >> applications. SVA can reduce programming complexity and enhance security. > >> > >> To enable SVA, device needs to have PASID capability, which is a key > >> capability for SVA. This patchset exposes the device's PASID capability > >> to guest instead of hiding it from guest. > >> > >> The second patch emulates PASID capability for VFs (Virtual Function) since > >> VFs don't implement such capability per PCIe spec. This patch emulates such > >> capability and expose to VM if the capability is enabled in PF (Physical > >> Function). > >> > >> However, there is an open for PASID emulation. If PF driver disables PASID > >> capability at runtime, then it may be an issue. e.g. PF should not disable > >> PASID capability if there is guest using this capability on any VF related > >> to this PF. To solve it, may need to introduce a generic communication > >> framework between vfio-pci driver and PF drivers. Please feel free to give > >> your suggestions on it. > > I'm not sure how this is addressed on bate metal today, i.e. between normal > > kernel PF and VF drivers. I look at pasid enable/disable code in intel-iommu.c. > > There is no check on PF/VF dependency so far. The cap is toggled when > > attaching/detaching the PF to its domain. Let's see how IOMMU guys > > respond, and if there is a way for VF driver to block PF driver from disabling > > the pasid cap when it's being actively used by VF driver, then we may > > leverage the same trick in VFIO when emulation is provided to guest. > > IOMMU subsystem doesn't expose any APIs for pasid enabling/disabling. > The PCI subsystem does. It handles VF/PF like below. > > /** > * pci_enable_pasid - Enable the PASID capability > * @pdev: PCI device structure > * @features: Features to enable > * > * Returns 0 on success, negative value on error. This function checks > * whether the features are actually supported by the device and returns > * an error if not. > */ > int pci_enable_pasid(struct pci_dev *pdev, int features) > { > u16 control, supported; > int pasid = pdev->pasid_cap; > > /* > * VFs must not implement the PASID Capability, but if a PF > * supports PASID, its VFs share the PF PASID configuration. > */ > if (pdev->is_virtfn) { > if (pci_physfn(pdev)->pasid_enabled) > return 0; > return -EINVAL; > } > > /** > * pci_disable_pasid - Disable the PASID capability > * @pdev: PCI device structure > */ > void pci_disable_pasid(struct pci_dev *pdev) > { > u16 control = 0; > int pasid = pdev->pasid_cap; > > /* VFs share the PF PASID configuration */ > if (pdev->is_virtfn) > return; > > > It doesn't block disabling PASID on PF even VFs are possibly using it. > hi I'm not sure, but is it possible for pci_enable_pasid() and pci_disable_pasid() to do the same thing as pdev->driver->sriov_configure, e.g. pci_sriov_configure_simple() below. It checks whether there are VFs are assigned in pci_vfs_assigned(dev). and we can set the VF in assigned status if vfio_pci_open() is performed on the VF. int pci_sriov_configure_simple(struct pci_dev *dev, int nr_virtfn) { int rc; might_sleep(); if (!dev->is_physfn) return -ENODEV; if (pci_vfs_assigned(dev)) { pci_warn(dev, "Cannot modify SR-IOV while VFs are assigned\n"); return -EPERM; } if (nr_virtfn == 0) { sriov_disable(dev); return 0; } rc = sriov_enable(dev, nr_virtfn); if (rc < 0) return rc; return nr_virtfn; } Thanks Yan