Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
IronPort-SDR: 0HgRcXXQBRSCRLQacXHLqbK0aCxjjEq16lFIWOzLBhJBN7Oe3vH/fNjEDMawN2FNrc8zOhAh/C
 LnwmqsMzzsPw==
IronPort-SDR: gRyOhPTSYh3q8zWeBbY+U921fRQR9fqVt4htZy6NbsKmJMCeRQ7Nhoy5UNQYLHmF/0gtiKjSLR
 dJXNQjnUJ1Yg==
From:   "Liu, Yi L" <yi.l.liu@intel.com>
To:     Stefan Hajnoczi <stefanha@gmail.com>
CC:     "alex.williamson@redhat.com" <alex.williamson@redhat.com>,
        "eric.auger@redhat.com" <eric.auger@redhat.com>,
        "baolu.lu@linux.intel.com" <baolu.lu@linux.intel.com>,
        "joro@8bytes.org" <joro@8bytes.org>,
        "Tian, Kevin" <kevin.tian@intel.com>,
        "jacob.jun.pan@linux.intel.com" <jacob.jun.pan@linux.intel.com>,
        "Raj, Ashok" <ashok.raj@intel.com>,
        "Tian, Jun J" <jun.j.tian@intel.com>,
        "Sun, Yi Y" <yi.y.sun@intel.com>,
        "jean-philippe@linaro.org" <jean-philippe@linaro.org>,
        "peterx@redhat.com" <peterx@redhat.com>,
        "Wu, Hao" <hao.wu@intel.com>,
        "iommu@lists.linux-foundation.org" <iommu@lists.linux-foundation.org>,
        "kvm@vger.kernel.org" <kvm@vger.kernel.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: RE: [PATCH v2 14/15] vfio: Document dual stage control
Thread-Topic: [PATCH v2 14/15] vfio: Document dual stage control
Thread-Index: AQHWP+klJ2WDrhzcJUGl5z7dUgTydqjZcnYAgALkw9CACFCUAIABK3hA
Date:   Tue, 23 Jun 2020 06:43:54 +0000
Message-ID: <DM5PR11MB1435B5A1D25A245AD5E3B6D3C3940@DM5PR11MB1435.namprd11.prod.outlook.com>
References: <1591877734-66527-1-git-send-email-yi.l.liu@intel.com>
 <1591877734-66527-15-git-send-email-yi.l.liu@intel.com>
 <20200615094128.GB1491454@stefanha-x1.localdomain>
 <DM5PR11MB1435C484283BDCD75F19EDB5C39A0@DM5PR11MB1435.namprd11.prod.outlook.com>
 <20200622125114.GC15683@stefanha-x1.localdomain>
In-Reply-To: <20200622125114.GC15683@stefanha-x1.localdomain>
Accept-Language: en-US
Content-Language: en-US
dlp-reaction: no-action
dlp-version: 11.2.0.6
dlp-product: dlpe-windows
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 7eb49aa1-328b-4a79-10a3-08d81740cca7
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Jun 2020 06:43:55.0412
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Gn1TSR9n1QJ8Qh/eXK1wZOryIg5NuBqgjS3SJXj7QKRwv0D37Y7RL9utydwHDtf39xo01oF3/tju2ivvkI9M8A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR1101MB2265
X-OriginatorOrg: intel.com
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

> From: Stefan Hajnoczi <stefanha@gmail.com>
> Sent: Monday, June 22, 2020 8:51 PM
>=20
> On Wed, Jun 17, 2020 at 06:27:27AM +0000, Liu, Yi L wrote:
> > > From: Stefan Hajnoczi <stefanha@gmail.com>
> > > Sent: Monday, June 15, 2020 5:41 PM
> > > On Thu, Jun 11, 2020 at 05:15:33AM -0700, Liu Yi L wrote:
> > >
> > > > From: Eric Auger <eric.auger@redhat.com>
> > > >
> > > > The VFIO API was enhanced to support nested stage control: a bunch =
of
> > > > new iotcls and usage guideline.
> > > >
> > > > Let's document the process to follow to set up nested mode.
> > > >
> > > > Cc: Kevin Tian <kevin.tian@intel.com>
> > > > CC: Jacob Pan <jacob.jun.pan@linux.intel.com>
> > > > Cc: Alex Williamson <alex.williamson@redhat.com>
> > > > Cc: Eric Auger <eric.auger@redhat.com>
> > > > Cc: Jean-Philippe Brucker <jean-philippe@linaro.org>
> > > > Cc: Joerg Roedel <joro@8bytes.org>
> > > > Cc: Lu Baolu <baolu.lu@linux.intel.com>
> > > > Signed-off-by: Eric Auger <eric.auger@redhat.com>
> > > > Signed-off-by: Liu Yi L <yi.l.liu@intel.com>
> > > > ---
> > > > v1 -> v2:
> > > > *) new in v2, compared with Eric's original version, pasid table bi=
nd
> > > >    and fault reporting is removed as this series doesn't cover them=
.
> > > >    Original version from Eric.
> > > >    https://lkml.org/lkml/2020/3/20/700
> > > >
> > > >  Documentation/driver-api/vfio.rst | 64
> > > > +++++++++++++++++++++++++++++++++++++++
> > > >  1 file changed, 64 insertions(+)
> > > >
> > > > diff --git a/Documentation/driver-api/vfio.rst
> > > > b/Documentation/driver-api/vfio.rst
> > > > index f1a4d3c..06224bd 100644
> > > > --- a/Documentation/driver-api/vfio.rst
> > > > +++ b/Documentation/driver-api/vfio.rst
> > > > @@ -239,6 +239,70 @@ group and can access them as follows::
> > > >  	/* Gratuitous device reset and go... */
> > > >  	ioctl(device, VFIO_DEVICE_RESET);
> > > >
> > > > +IOMMU Dual Stage Control
> > > > +------------------------
> > > > +
> > > > +Some IOMMUs support 2 stages/levels of translation. Stage correspo=
nds
> > > > +to the ARM terminology while level corresponds to Intel's VTD term=
inology.
> > > > +In the following text we use either without distinction.
> > > > +
> > > > +This is useful when the guest is exposed with a virtual IOMMU and
> > > > +some devices are assigned to the guest through VFIO. Then the gues=
t
> > > > +OS can use stage 1 (GIOVA -> GPA or GVA->GPA), while the hyperviso=
r
> > > > +uses stage 2 for VM isolation (GPA -> HPA).
> > > > +
> > > > +Under dual stage translation, the guest gets ownership of the stag=
e 1
> > > > +page tables and also owns stage 1 configuration structures. The
> > > > +hypervisor owns the root configuration structure (for security
> > > > +reason), including stage 2 configuration. This works as long
> > > > +configuration structures and page table
> > >
> > > s/as long configuration/as long as configuration/
> >
> > got it.
> >
> > >
> > > > +format are compatible between the virtual IOMMU and the physical I=
OMMU.
> > >
> > > s/format/formats/
> >
> > I see.
> >
> > > > +
> > > > +Assuming the HW supports it, this nested mode is selected by choos=
ing
> > > > +the VFIO_TYPE1_NESTING_IOMMU type through:
> > > > +
> > > > +    ioctl(container, VFIO_SET_IOMMU, VFIO_TYPE1_NESTING_IOMMU);
> > > > +
> > > > +This forces the hypervisor to use the stage 2, leaving stage 1
> > > > +available for guest usage. The guest stage 1 format depends on IOM=
MU
> > > > +vendor, and it is the same with the nesting configuration method.
> > > > +User space should check the format and configuration method after
> > > > +setting nesting type by
> > > > +using:
> > > > +
> > > > +    ioctl(container->fd, VFIO_IOMMU_GET_INFO, &nesting_info);
> > > > +
> > > > +Details can be found in Documentation/userspace-api/iommu.rst. For
> > > > +Intel VT-d, each stage 1 page table is bound to host by:
> > > > +
> > > > +    nesting_op->flags =3D VFIO_IOMMU_NESTING_OP_BIND_PGTBL;
> > > > +    memcpy(&nesting_op->data, &bind_data, sizeof(bind_data));
> > > > +    ioctl(container->fd, VFIO_IOMMU_NESTING_OP, nesting_op);
> > > > +
> > > > +As mentioned above, guest OS may use stage 1 for GIOVA->GPA or GVA=
->GPA.
> > > > +GVA->GPA page tables are available when PASID (Process Address Spa=
ce
> > > > +GVA->ID)
> > > > +is exposed to guest. e.g. guest with PASID-capable devices assigne=
d.
> > > > +For such page table binding, the bind_data should include PASID in=
fo,
> > > > +which is allocated by guest itself or by host. This depends on
> > > > +hardware vendor e.g. Intel VT-d requires to allocate PASID from ho=
st.
> > > > +This requirement is available by VFIO_IOMMU_GET_INFO. User space
> > > > +could allocate PASID from host by:
> > > > +
> > > > +    req.flags =3D VFIO_IOMMU_ALLOC_PASID;
> > > > +    ioctl(container, VFIO_IOMMU_PASID_REQUEST, &req);
> > >
> > > It is not clear how the userspace application determines whether PASI=
Ds must be
> > > allocated from the host via VFIO_IOMMU_PASID_REQUEST or if the guest =
itself
> can
> > > allocate PASIDs. The text mentions VFIO_IOMMU_GET_INFO but what exact=
ly
> > > should the userspace application check?
> >
> > For VT-d, spec 3.0 introduced Virtual Cmd interface for PASID allocatio=
n,
> > guest request PASID from host if it detects the interface. Application
> > should check the IOMMU_NESTING_FEAT_SYSWIDE_PASID setting in the below
> > info reported by VFIO_IOMMU_GET_INFO. And virtual VT-d should not repor=
t
> > SVA related capabilities to guest if  SYSWIDE_PASID is not supported by
> > kernel.
> >
> > +struct iommu_nesting_info {
> > +	__u32	size;
> > +	__u32	format;
> > +	__u32	features;
> > +#define IOMMU_NESTING_FEAT_SYSWIDE_PASID	(1 << 0)
> > +#define IOMMU_NESTING_FEAT_BIND_PGTBL		(1 << 1)
> > +#define IOMMU_NESTING_FEAT_CACHE_INVLD		(1 << 2)
> > +	__u32	flags;
> > +	__u8	data[];
> > +};
> > https://lore.kernel.org/linux-iommu/1591877734-66527-3-git-send-email-
> yi.l.liu@intel.com/
>=20
> I see. Is it possible to add this information into this patch or at
> least a reference so readers know where to find out exactly how to do
> this?

oh, yes. this would help a lot. will add it.

Regards,
Yi Liu
> Stefan