Received: by 2002:a05:7412:37c9:b0:e2:908c:2ebd with SMTP id jz9csp820519rdb; Tue, 19 Sep 2023 11:02:52 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHUeIJL1RJbV91/1yF6XlAIL29NxD8uhp2b5p/pBLWHrhlzehVV87Cqeq0N14re9OrzQwkE X-Received: by 2002:a05:6a21:a5a7:b0:14c:ad99:22a9 with SMTP id gd39-20020a056a21a5a700b0014cad9922a9mr341307pzc.32.1695146572023; Tue, 19 Sep 2023 11:02:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695146572; cv=none; d=google.com; s=arc-20160816; b=gMynekrMtG0bMJjbwbIGPazhnBzzj3COC+0tmOd79n7lbGoqUnQozA1Rto+z5WBJ/j Pz7d1iv0YeXwwIT6YX1HX50F8ScTE6AlKtkMrbU3e6tQD59fBQBzSJUGy9seZwGB5XxO caFDWlq355AXMOsV21iiPW9f4+DDc7eSK18znoqOWLX7+RIqqIaMnyk0cw81f5NzbyBL LIMV6wE1KK7ZF9HnXgThMvZ4WZ3qgOOEs7FSA1LS3EGYtTv4jyl/G9DQ9QkFQzTE8Ubi sTm9Qg2TDrzNmGqxORm/cLlCdt9VYfllD7qK8c8JqoUbO1hpZZdL19eApgb043eG5huM 0eTw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=z8EeTcSjHvooAnPAD/ewFN4qX5ZjnganMlD2Wn7F0mQ=; fh=ncJBVmsnOSqrX1O37yfYEzicwaA2e7ARxnsU7aiysyE=; b=uGjxSOjjGum74dQCFSSom59UuJbpKgv+TKe5fhIoQvrUvjPGY93OV20fzFhFhtc1rq G2G4LJjZvbR/DhrwLfu68+CRQJV3PgmdcSXgYITSpXD6jlwtTUjJwFEz2Bv54d2I6JGg ESWo5dRsv1XHZkoaN0WAgBKIP/LeJExuUbKsMCNteQ809toKA6gRib1gh8dK5S/MJLTI Mgj4cNPJRyfDfmpO8E6J+IPy0xBhuwEMVJO0ZudboCtE/s7ZbY7mSeKz7t1baLJp1eU0 aBJMG4l1LJKbr7OL0ZsJX4MlYGhl0qhB5r79rACj7rlsWH3nbQpuqk/VQrw6yAr8Cwah dJ4A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=dm8WE+HW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from fry.vger.email (fry.vger.email. [2620:137:e000::3:8]) by mx.google.com with ESMTPS id z39-20020a056a001da700b0068be710ee8esi9940785pfw.36.2023.09.19.11.02.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 19 Sep 2023 11:02:52 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) client-ip=2620:137:e000::3:8; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=dm8WE+HW; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by fry.vger.email (Postfix) with ESMTP id 76E8C80942DA; Tue, 19 Sep 2023 02:25:44 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at fry.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231267AbjISJZk (ORCPT + 99 others); Tue, 19 Sep 2023 05:25:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45298 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231210AbjISJZh (ORCPT ); Tue, 19 Sep 2023 05:25:37 -0400 Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.100]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0E169DA; Tue, 19 Sep 2023 02:25:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1695115528; x=1726651528; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=HRgwNmKwP4O6YStwVfMY8tcYduf05Yuqqfm8fE3FZmw=; b=dm8WE+HWTfa4zpVAgaEeOb3ivBghr8EbvEJKrV1cA5Hjo/p7taSrYEt0 03gI87KhbSRpLbNpzF/UsvJlpY1flOPTcPWVSBNPYAATyQGyiiMMHN/2I Z7ozXFCnhfELckP0TaQKfJ8TRolH3DWDPtQsm8QGseN32rFjtz1/UHr6p wfmvuuTxGVE7D8OzN6tizaY75RU7ngfCC6KazCVKXMStc+qBKutBJ6Ju+ ZjfE285TjfsYUwWdUzJhPg6CIucILEEFc2HjMqJfwkKD1HSmHfYP/oUXq RjBKoEG2GHuqBDaeVObEjhvIQLI4ikjBxSJDlPlIszIg8J5oaIzoqLpVz A==; X-IronPort-AV: E=McAfee;i="6600,9927,10837"; a="446368827" X-IronPort-AV: E=Sophos;i="6.02,159,1688454000"; d="scan'208";a="446368827" Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 19 Sep 2023 02:25:25 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10837"; a="722804619" X-IronPort-AV: E=Sophos;i="6.02,159,1688454000"; d="scan'208";a="722804619" Received: from 984fee00a4c6.jf.intel.com ([10.165.58.231]) by orsmga006.jf.intel.com with ESMTP; 19 Sep 2023 02:25:25 -0700 From: Yi Liu To: joro@8bytes.org, alex.williamson@redhat.com, jgg@nvidia.com, kevin.tian@intel.com, robin.murphy@arm.com, baolu.lu@linux.intel.com Cc: cohuck@redhat.com, eric.auger@redhat.com, nicolinc@nvidia.com, kvm@vger.kernel.org, mjrosato@linux.ibm.com, chao.p.peng@linux.intel.com, yi.l.liu@intel.com, yi.y.sun@linux.intel.com, peterx@redhat.com, jasowang@redhat.com, shameerali.kolothum.thodi@huawei.com, lulu@redhat.com, suravee.suthikulpanit@amd.com, iommu@lists.linux.dev, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, zhenzhong.duan@intel.com, joao.m.martins@oracle.com Subject: [PATCH 1/6] iommu: Add new iommu op to create domains owned by userspace Date: Tue, 19 Sep 2023 02:25:18 -0700 Message-Id: <20230919092523.39286-2-yi.l.liu@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230919092523.39286-1-yi.l.liu@intel.com> References: <20230919092523.39286-1-yi.l.liu@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Tue, 19 Sep 2023 02:25:44 -0700 (PDT) Introduce a new iommu_domain op to create domains owned by userspace, e.g. through IOMMUFD. These domains have a few different properties compares to kernel owned domains: - They may be UNMANAGED domains, but created with special parameters. For instance aperture size changes/number of levels, different IOPTE formats, or other things necessary to make a vIOMMU work - We have to track all the memory allocations with GFP_KERNEL_ACCOUNT to make the cgroup sandbox stronger - Device-specialty domains, such as NESTED domains can be created by IOMMUFD. The new op clearly says the domain is being created by IOMMUFD, that the domain is intended for userspace use, and it provides a way to pass user flags or a driver specific uAPI structure to customize the created domain to exactly what the vIOMMU userspace driver requires. iommu drivers that cannot support VFIO/IOMMUFD should not support this op. This includes any driver that cannot provide a fully functional UNMANAGED domain. This new op for now is only supposed to be used by IOMMUFD, hence no wrapper for it. IOMMUFD would call the callback directly. As for domain free, IOMMUFD would use iommu_domain_free(). Suggested-by: Jason Gunthorpe Signed-off-by: Lu Baolu Co-developed-by: Nicolin Chen Signed-off-by: Nicolin Chen Signed-off-by: Yi Liu --- include/linux/iommu.h | 8 ++++++++ include/uapi/linux/iommufd.h | 12 +++++++++++- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/include/linux/iommu.h b/include/linux/iommu.h index c50a769d569a..660dc1931dc9 100644 --- a/include/linux/iommu.h +++ b/include/linux/iommu.h @@ -235,6 +235,13 @@ struct iommu_iotlb_gather { * use. The information type is one of enum iommu_hw_info_type defined * in include/uapi/linux/iommufd.h. * @domain_alloc: allocate iommu domain + * @domain_alloc_user: Allocate an iommu domain corresponding to the input + * parameters like flags defined as enum iommufd_ioas_map_flags + * in include/uapi/linux/iommufd.h. Different from the + * domain_alloc op, it requires iommu driver to fully + * initialize a new domain including the generic iommu_domain + * struct. Upon success, a domain is returned. Upon failure, + * ERR_PTR must be returned. * @probe_device: Add device to iommu driver handling * @release_device: Remove device from iommu driver handling * @probe_finalize: Do final setup work after the device is added to an IOMMU @@ -267,6 +274,7 @@ struct iommu_ops { /* Domain allocation and freeing by the iommu driver */ struct iommu_domain *(*domain_alloc)(unsigned iommu_domain_type); + struct iommu_domain *(*domain_alloc_user)(struct device *dev, u32 flags); struct iommu_device *(*probe_device)(struct device *dev); void (*release_device)(struct device *dev); diff --git a/include/uapi/linux/iommufd.h b/include/uapi/linux/iommufd.h index b4ba0c0cbab6..4a7c5c8fdbb4 100644 --- a/include/uapi/linux/iommufd.h +++ b/include/uapi/linux/iommufd.h @@ -347,10 +347,20 @@ struct iommu_vfio_ioas { }; #define IOMMU_VFIO_IOAS _IO(IOMMUFD_TYPE, IOMMUFD_CMD_VFIO_IOAS) +/** + * enum iommufd_hwpt_alloc_flags - Flags for HWPT allocation + * @IOMMU_HWPT_ALLOC_NEST_PARENT: If set, allocate a domain which can serve + * as the parent domain in the nesting + * configuration. + */ +enum iommufd_hwpt_alloc_flags { + IOMMU_HWPT_ALLOC_NEST_PARENT = 1 << 0, +}; + /** * struct iommu_hwpt_alloc - ioctl(IOMMU_HWPT_ALLOC) * @size: sizeof(struct iommu_hwpt_alloc) - * @flags: Must be 0 + * @flags: Combination of enum iommufd_hwpt_alloc_flags * @dev_id: The device to allocate this HWPT for * @pt_id: The IOAS to connect this HWPT to * @out_hwpt_id: The ID of the new HWPT -- 2.34.1