Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp271980pxj; Wed, 23 Jun 2021 21:56:14 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyu56rMNrgHa0Izm6Yint1zsNttZeMqzhFgDTDxNgm6+BWLOJSZHV22tqfn+cep5xrjJkMc X-Received: by 2002:a17:907:7b88:: with SMTP id ne8mr3301602ejc.293.1624510574423; Wed, 23 Jun 2021 21:56:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1624510574; cv=none; d=google.com; s=arc-20160816; b=oYEPyXnLxg4cU4cyAloxisYi3IO2sa/S+ZFKLrLgdyUgAySAY3H07u1zwE1naCj57n 4Zt2o5f5Zo2wYK9OIqnumNrbLfEF/ChRsC+nuYCSukSgyn+jbC0CwPa2sH3jmk6shNdB q4iz3k4MtWJCT++oz6PopSby2Q605oqr0K91eGhVL9SRvllHi9l/MvAvQxRvkiFczx2a wBDNinxv0k5y2eNeRk6e4MOWRg2F6LUoOGlhFy4+1PnlDp2iW6iI2lHKbT9cTN59VU4m wNfpEW+9e/OeHhRb5C37mtiRqW+98GPrVIZhRIaWyRVhFQulgN3UO3DP9CpzgOjtAOMV q/ug== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=qBNlv0DPxnJ4dFg2D5va4uCTzVJMNhq+qQAJljWyMiA=; b=eN3uYyDaQe9n3iOXKXmh++mvFBs8mnNU8kwv3WWyv9HXuqMIcLsMvVTJ8sTf73Cwxt JYc3ZHC+YEVM/MAsbhVn4PrGGQBmYdzs+Le8VxMdCw9M/BmhNWfRd5XTFpHzGQactkqY e4HlPqg1UjzHSCoTkNmIwyBtbgSH6mWcdyiQdpw8YU4herj3aWpaFZM5Lte6DQgMsehM JFnwdjMmsICn4xLcGFlHXtU5og3j/8qDWu/GURKm8GFqWw2clNHe6pVDeTq2ax/9VLT9 DMpNZJYLIwHDXIoIw/iQi6tB5FuvxmjjVtvTMmSZUkvE0bkFYzFVv7aeUTHNXTuGw+8H UT/w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gibson.dropbear.id.au header.s=201602 header.b=Ihu3DMzk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id x19si1697038ejb.628.2021.06.23.21.55.51; Wed, 23 Jun 2021 21:56:14 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gibson.dropbear.id.au header.s=201602 header.b=Ihu3DMzk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231247AbhFXE4B (ORCPT + 99 others); Thu, 24 Jun 2021 00:56:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54738 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230132AbhFXEyv (ORCPT ); Thu, 24 Jun 2021 00:54:51 -0400 Received: from ozlabs.org (bilbo.ozlabs.org [IPv6:2401:3900:2:1::2]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 43708C061574; Wed, 23 Jun 2021 21:52:33 -0700 (PDT) Received: by ozlabs.org (Postfix, from userid 1007) id 4G9SRT4pGKz9t0T; Thu, 24 Jun 2021 14:52:21 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gibson.dropbear.id.au; s=201602; t=1624510341; bh=Y1ZXO4GOKwiZGQOUSkU62M3QSVIF13l7lSRYG/A5sd4=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Ihu3DMzkLAV+wjtqkkh/A0N7zBO2qjXvqPIoL5l26qdg3N4Fpa6+Mg5QnLEYJ36C+ E8IfzU/O8tDq34n9NEkU4Ui+voj839ng2PR0r2T7a4WXMpZu1iaIyq/8aMRgwfYmkI F42I0a7ZNBzG+9PEbFmvHo8VbdxCQQktyxyZcIDM= Date: Thu, 24 Jun 2021 14:29:29 +1000 From: David Gibson To: Jason Gunthorpe Cc: Joerg Roedel , "Tian, Kevin" , Alex Williamson , Jean-Philippe Brucker , Jason Wang , "parav@mellanox.com" , "Enrico Weigelt, metux IT consult" , Paolo Bonzini , Shenming Lu , Eric Auger , Jonathan Corbet , "Raj, Ashok" , "Liu, Yi L" , "Wu, Hao" , "Jiang, Dave" , Jacob Pan , Kirti Wankhede , Robin Murphy , "kvm@vger.kernel.org" , "iommu@lists.linux-foundation.org" , David Woodhouse , LKML , Lu Baolu Subject: Re: Plan for /dev/ioasid RFC v2 Message-ID: References: <20210612105711.7ac68c83.alex.williamson@redhat.com> <20210614140711.GI1002214@nvidia.com> <20210614102814.43ada8df.alex.williamson@redhat.com> <20210615101215.4ba67c86.alex.williamson@redhat.com> <20210616133937.59050e1a.alex.williamson@redhat.com> <20210618151506.GG1002214@nvidia.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="yLEcQ6F0C4xJHQpz" Content-Disposition: inline In-Reply-To: <20210618151506.GG1002214@nvidia.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --yLEcQ6F0C4xJHQpz Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jun 18, 2021 at 12:15:06PM -0300, Jason Gunthorpe wrote: > On Fri, Jun 18, 2021 at 03:47:51PM +0200, Joerg Roedel wrote: > > Hi Kevin, > >=20 > > On Thu, Jun 17, 2021 at 07:31:03AM +0000, Tian, Kevin wrote: > > > Now let's talk about the new IOMMU behavior: > > >=20 > > > - A device is blocked from doing DMA to any resource outside of > > > its group when it's probed by the IOMMU driver. This could be a > > > special state w/o attaching to any domain, or a new special domain > > > type which differentiates it from existing domain types (identity= ,=20 > > > dma, or unmanged). Actually existing code already includes a > > > IOMMU_DOMAIN_BLOCKED type but nobody uses it. > >=20 > > There is a reason for the default domain to exist: Devices which require > > RMRR mappings to be present. You can't just block all DMA from devices > > until a driver takes over, we put much effort into making sure there is > > not even a small window in time where RMRR regions (unity mapped regions > > on AMD) are not mapped. >=20 > Yes, I think the DMA blocking can only start around/after a VFIO type > driver has probed() and bound to a device in the group, not much > different from today. But as I keep saying, some forms of grouping (and DMA aliasing as Alex mentioned) mean that changing the domain of one device can change the domain of another device, unavoidably. It may be rare with modern hardware, but we still can't ignore the case. Which means you can't DMA block until everything in the group is managed by a vfio-like driver. --=20 David Gibson | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibson --yLEcQ6F0C4xJHQpz Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEdfRlhq5hpmzETofcbDjKyiDZs5IFAmDUCikACgkQbDjKyiDZ s5LTyA//bJpWtaDHUtdmpyHIrjTXkhO/p0T3/Me6MMC2aA3PiMYgq5mOYQ8rJEfX 7kRqkNMRDLOjachD429QvNosQGm8ImsLOK7SRLQeE9BMBYB6IU7G8ig+jpTsRbRT qmKFuoqWalvFrP9Mct8HLY3SjT/lXke7356q11hjhKMVRWNdmwZSsX6rak8+N+cy sQI9Y/ZtjJVSYYA8e/FQOSsMW4AnQpDCNCQhDEU0Do6MJ+Epf92C4BiDQnBprrBJ GuZaoRA3tlUKb1wUYcyG1piE8aAWGUyVNxGR0h7P6CQ9qR1mLugUPEJLwS8J6ZFD h50XuLB9SD1WynaS3onyvugDSP8EPdnei+nAHQqyOs97zZksy6j+/066OslhEhWw OIMQbIC+f9WHHBABG7g4g8ZCQUY9jYPvw23gjyWDHuyQtqrCXRUE8O/9kn6fQbBM 0jcZUEyvq5RiSnfnP3+Ja6z0bj6BL83IYkUIrVKJFwY4c19HwTk5cqYqU+lG2PRg hv212bYgICZXJ4QZBbzqR/1Jc5maQB/tc0LYiyrtc4GagrUOuchgN3T9mmNKe+IV widXRoL/4ntxuPzZnUhgcOjpHAVxC2wkv3aAfLcRVDTfu7xfU29YW84cSHbCulHK FZ6zhyeEY818TljNrE8LY6iCyUJqLINRaIC97bqzCvxkquXvQF4= =pdCD -----END PGP SIGNATURE----- --yLEcQ6F0C4xJHQpz--