Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp1127065rwb; Wed, 7 Dec 2022 08:59:53 -0800 (PST) X-Google-Smtp-Source: AA0mqf6c6hHIM0aQCMrp2B3Xf547tpvyCHNrUNX7Y+uLhTCv1phIOLhzQGyfF285gg8ev77x8Y+B X-Received: by 2002:a63:1563:0:b0:477:8fed:811f with SMTP id 35-20020a631563000000b004778fed811fmr64776992pgv.343.1670432393434; Wed, 07 Dec 2022 08:59:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1670432393; cv=none; d=google.com; s=arc-20160816; b=kj8gxrpUqadOACmqBGEoi/Fa82lO49Bvkx8/vblmmy8VSDvS5v5KYvLnP0L23hONNN 0tgHf1mfsxcwuCaQ2JzcIZpLyyltUjIZ6Ts+ZUaQ9ewRcLyRnkXU7/KfgeP7DbeG30JC D3od0rY9Hpjwgsq95+NyBXQTXEV0axqJqTwHJhBF/wFW3QALUjexBy0ohBS/6grIHJYL 90wcTY0wqmMhiMI1dIkILuvwcj0N22PMWLD41HDN1iZwPLKZ8Mj/dfadImDCRBKcnQzh vg6GzkbQLaJC4orf/Xiuu0TNYRPH2VMkPESilGp7UGO96h59YoC+S0KzV2cGmnEPMiGi lD8g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=1GaFqgPXmAfwDzAsLHQhkzY6GeCahZTSrWGKHKleOfE=; b=BJesMa9IT8+i4SWXrjNOhK8/hclVNjlWHYN/eXToEum0dxORkAT9/t2YkSRC+E+b5H 2xSia+q51DYMtpvQIaVIZhU24XSqG0NVFqUm5Kc7W92kumXsbdT6tBZeD8Ssw+ucDj8a KrgMQHd3X663yOPjzmRULzB1BfuuRfzyuJkI0+j4SwOzDb7YJWqlVR70wOBL3uh+yzzS jUh10m8++1eWB8EuleG+MBeDhghKSpbq1NGakT/l1ygCt415kaup0B3RhR5MEOH0FtRw 0W/qnzRV2wZqtZtKkMTV3yW9h2csTY8quHpWUDXwU/fZ+sTFnSp9iY1PhQSi4ZFIrItl mBAA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id m10-20020a170902db0a00b0018685c559a1si21053541plx.383.2022.12.07.08.59.43; Wed, 07 Dec 2022 08:59:53 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229711AbiLGQjE (ORCPT + 76 others); Wed, 7 Dec 2022 11:39:04 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60642 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229515AbiLGQjD (ORCPT ); Wed, 7 Dec 2022 11:39:03 -0500 Received: from verein.lst.de (verein.lst.de [213.95.11.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AA9A0164A7; Wed, 7 Dec 2022 08:39:02 -0800 (PST) Received: by verein.lst.de (Postfix, from userid 2407) id 83FB967373; Wed, 7 Dec 2022 17:38:57 +0100 (CET) Date: Wed, 7 Dec 2022 17:38:57 +0100 From: Christoph Hellwig To: Jason Gunthorpe Cc: Christoph Hellwig , Lei Rao , kbusch@kernel.org, axboe@fb.com, kch@nvidia.com, sagi@grimberg.me, alex.williamson@redhat.com, cohuck@redhat.com, yishaih@nvidia.com, shameerali.kolothum.thodi@huawei.com, kevin.tian@intel.com, mjrosato@linux.ibm.com, linux-kernel@vger.kernel.org, linux-nvme@lists.infradead.org, kvm@vger.kernel.org, eddie.dong@intel.com, yadong.li@intel.com, yi.l.liu@intel.com, Konrad.wilk@oracle.com, stephen@eideticom.com, hang.yuan@intel.com Subject: Re: [RFC PATCH 1/5] nvme-pci: add function nvme_submit_vf_cmd to issue admin commands for VF driver. Message-ID: <20221207163857.GB2010@lst.de> References: <20221206135810.GA27689@lst.de> <20221206153811.GB2266@lst.de> <20221206165503.GA8677@lst.de> <20221207075415.GB2283@lst.de> <20221207135203.GA22803@lst.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.17 (2007-11-01) X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Dec 07, 2022 at 11:07:11AM -0400, Jason Gunthorpe wrote: > > And while that is a fine concept per see, the current incarnation of > > that is fundamentally broken is it centered around the controlled > > VM. Which really can't work. > > I don't see why you keep saying this. It is centered around the struct > vfio_device object in the kernel, which is definately NOT the VM. Sorry, I meant VF. Your continued using of SR-IOV teminology now keeps confusing my mind so much that I start mistyping things. > > Even then you need a controlling and a controlled entity. The > > controlling entity even in SIOV remains a PCIe function. The > > controlled entity might just be a bunch of hardware resoures and > > a PASID. Making it important again that all migration is driven > > by the controlling entity. > > If they are the same driver implementing vfio_device you may be able > to claim they conceptually exist, but it is pretty artificial to draw > this kind of distinction inside a single driver. How are they in this reply? I can't parse how this even relates to what I wrote. > > Also the whole concept that only VFIO can do live migration is > > a little bogus. With checkpoint and restart it absolutely > > does make sense to live migrate a container, and with that > > the hardware interface (e.g. nvme controller) assigned to it. > > I agree people may want to do this, but it is very unclear how SRIOV > live migration can help do this. SRIOV live migration doesn't, because honestly there is no such thing as "SRIOV" live migration to start with. > Let alone how to solve the security problems of allow userspace to > load arbitary FW blobs into a device with potentially insecure DMA > access.. Any time you assign a PCI device to userspace you might get into that.