Received: by 2002:a05:6a10:1287:0:0:0:0 with SMTP id d7csp609997pxv; Thu, 15 Jul 2021 11:26:53 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzU5d7Sw/mjOqwcyjVc0XxSaPmvMlDMpEvjXBXmcpTX4SYgXFiuYLAEarl1/yvI7ITu9meA X-Received: by 2002:a05:6e02:1354:: with SMTP id k20mr3477043ilr.169.1626373612903; Thu, 15 Jul 2021 11:26:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1626373612; cv=none; d=google.com; s=arc-20160816; b=uJGCx/2vL/Dak8HjebLhOGvsxnPZYSg054yx8AYh9TRj7SHO2ECyCXwbcFgzvuWwQ7 NxyDxpjPoKuzYIngV//4QLuyLzzKtLrbxRGFtGK2KG7ZKltdt7pYA8MLVCwuTfTbIGfk zGlnO+XHvVdaUXfimA7p2pvOrrB38cQM/RF4bWkgOEzljqRnAFGdNQASRtj/anTjd7D5 ghc6stCiBmyXF8LGXsxxDhgWbSlW0WvOeXavLXS3Y7n4xY8fVGBF6iXxUzVgAsEugRCa AfHcpInWtjQvxyc9OXm66BiWAk6jP17K4Unx48mBVxvShHLLcOWUoWCULc0a7JqHtwvQ SxKw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=aKvzAt5GhCDNQNmmHIodzytL/ogvZb/mNtSZKMzqlY4=; b=cpfVsnfIVcpSlmrBEg41ibdO6tCBp/L9jYJEIZYbblL9EknvA1dRRYoO5CQCG4Hcyh mO/eikdIr7vcnYDXGYUAsMKKa5F4theqAK2zbo8MSpXSIGeCyZPeqTWdMDlhEWp1Y4Hz czN1opBav0sR+8J/DO2SGZYSyHwaBK1bgQu/95tuh77rL1ld6144sKBMF7h5zJcGJjlU 1bzm8H4RCkvx/YYZFtY8fN1eovKUbOtYtd6c9B7152rgn/8YBJoyjnwon1FdYGArWJt5 6MF1ma33h+MDWV81v1m6LL/3Lp6GJ1I1sjF+n5gZpKtYKsHMo2CqZMWESILBN1kuiQBL LruA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id u4si7418439jak.4.2021.07.15.11.26.41; Thu, 15 Jul 2021 11:26:52 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235462AbhGORwD (ORCPT + 99 others); Thu, 15 Jul 2021 13:52:03 -0400 Received: from mga14.intel.com ([192.55.52.115]:16124 "EHLO mga14.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235390AbhGORwC (ORCPT ); Thu, 15 Jul 2021 13:52:02 -0400 X-IronPort-AV: E=McAfee;i="6200,9189,10046"; a="210412295" X-IronPort-AV: E=Sophos;i="5.84,243,1620716400"; d="scan'208";a="210412295" Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2021 10:49:04 -0700 X-IronPort-AV: E=Sophos;i="5.84,243,1620716400"; d="scan'208";a="489539779" Received: from otc-nc-03.jf.intel.com (HELO otc-nc-03) ([10.54.39.36]) by fmsmga004-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Jul 2021 10:49:03 -0700 Date: Thu, 15 Jul 2021 10:48:36 -0700 From: "Raj, Ashok" To: Jason Gunthorpe Cc: "Tian, Kevin" , Shenming Lu , "Alex Williamson (alex.williamson@redhat.com)" , Jean-Philippe Brucker , David Gibson , Jason Wang , "parav@mellanox.com" , "Enrico Weigelt, metux IT consult" , Paolo Bonzini , Joerg Roedel , Eric Auger , Jonathan Corbet , "Liu, Yi L" , "Wu, Hao" , "Jiang, Dave" , Jacob Pan , Kirti Wankhede , Robin Murphy , "kvm@vger.kernel.org" , "iommu@lists.linux-foundation.org" , David Woodhouse , LKML , Lu Baolu , "wanghaibin.wang@huawei.com" Subject: Re: [RFC v2] /dev/iommu uAPI proposal Message-ID: <20210715174836.GB593686@otc-nc-03> References: <7ea349f8-8c53-e240-fe80-382954ba7f28@huawei.com> <20210715124813.GC543781@nvidia.com> <20210715135757.GC590891@otc-nc-03> <20210715152325.GF543781@nvidia.com> <20210715162141.GA593686@otc-nc-03> <20210715171826.GG543781@nvidia.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20210715171826.GG543781@nvidia.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jul 15, 2021 at 02:18:26PM -0300, Jason Gunthorpe wrote: > On Thu, Jul 15, 2021 at 09:21:41AM -0700, Raj, Ashok wrote: > > On Thu, Jul 15, 2021 at 12:23:25PM -0300, Jason Gunthorpe wrote: > > > On Thu, Jul 15, 2021 at 06:57:57AM -0700, Raj, Ashok wrote: > > > > On Thu, Jul 15, 2021 at 09:48:13AM -0300, Jason Gunthorpe wrote: > > > > > On Thu, Jul 15, 2021 at 06:49:54AM +0000, Tian, Kevin wrote: > > > > > > > > > > > No. You are right on this case. I don't think there is a way to > > > > > > differentiate one mdev from the other if they come from the > > > > > > same parent and attached by the same guest process. In this > > > > > > case the fault could be reported on either mdev (e.g. the first > > > > > > matching one) to get it fixed in the guest. > > > > > > > > > > If the IOMMU can't distinguish the two mdevs they are not isolated > > > > > and would have to share a group. Since group sharing is not supported > > > > > today this seems like a non-issue > > > > > > > > Does this mean we have to prevent 2 mdev's from same pdev being assigned to > > > > the same guest? > > > > > > No, it means that the IOMMU layer has to be able to distinguish them. > > > > Ok, the guest has no control over it, as it see 2 separate pci devices and > > thinks they are all different. > > > > Only time when it can fail is during the bind operation. From guest > > perspective a bind in vIOMMU just turns into a write to local table and a > > invalidate will cause the host to update the real copy from the shadow. > > > > There is no way to fail the bind? and Allocation of the PASID is also a > > separate operation and has no clue how its going to be used in the guest. > > You can't attach the same RID to the same PASID twice. The IOMMU code > should prevent this. > > As we've talked about several times, it seems to me the vIOMMU > interface is misdesigned for the requirements you have. The hypervisor > should have a role in allocating the PASID since there are invisible > hypervisor restrictions. This is one of them. Allocating a PASID is a separate step from binding, isn't it? In vt-d we have a virtual command interface that can fail an allocation of PASID. But which device its bound to is a dynamic thing that only gets at bind_mm() right? > > > Do we have any isolation requirements here? its the same process. So if the > > page-request it sent to guest and even if you report it for mdev1, after > > the PRQ is resolved by guest, the request from mdev2 from the same guest > > should simply work? > > I think we already talked about this and said it should not be done. I get the should not be done, I'm wondering where should that be implemented?