11/02/2020 12:18, Jerin Jacob: > On Wed, Feb 5, 2020 at 4:35 AM Alex Williamson wrote: > > > > There seems to be an ongoing desire to use userspace, vfio-based > > drivers for both SR-IOV PF and VF devices. The fundamental issue > > with this concept is that the VF is not fully independent of the PF > > driver. Minimally the PF driver might be able to deny service to the > > VF, VF data paths might be dependent on the state of the PF device, > > or the PF my have some degree of ability to inspect or manipulate the > > VF data. It therefore would seem irresponsible to unleash VFs onto > > the system, managed by a user owned PF. > > > > We address this in a few ways in this series. First, we can use a bus > > notifier and the driver_override facility to make sure VFs are bound > > to the vfio-pci driver by default. This should eliminate the chance > > that a VF is accidentally bound and used by host drivers. We don't > > however remove the ability for a host admin to change this override. > > > > The next issue we need to address is how we let userspace drivers > > opt-in to this participation with the PF driver. We do not want an > > admin to be able to unwittingly assign one of these VFs to a tenant > > that isn't working in collaboration with the PF driver. We could use > > IOMMU grouping, but this seems to push too far towards tightly coupled > > PF and VF drivers. This series introduces a "VF token", implemented > > as a UUID, as a shared secret between PF and VF drivers. The token > > needs to be set by the PF driver and used as part of the device > > matching by the VF driver. Provisions in the code also account for > > restarting the PF driver with active VF drivers, requiring the PF to > > use the current token to re-gain access to the PF. > > Thanks Alex for the series. DPDK realizes this use-case through, an out of > tree igb_uio module, for non VFIO devices. Supporting this use case, with > VFIO, will be a great enhancement for DPDK as we are planning to > get rid of out of tree modules any focus only on userspace aspects. [..] > Regarding the use case where PF bound to DPDK/VFIO and > VF bound to DPDK/VFIO are _two different_ processes then sharing the UUID > will be a little tricky thing in terms of usage. But if that is the > purpose of bringing UUID to the equation then it fine. > > Overall this series looks good to me. We can test the next non-RFC > series and give > Tested-by by after testing with DPDK. [..] > > Please comment. In particular, does this approach meet the DPDK needs > > for userspace PF and VF drivers, with the hopefully minor hurdle of > > sharing a token between drivers. The token is of course left to > > userspace how to manage, and might be static (and not very secret) for > > a given set of drivers. Thanks, Thanks Alex, it looks to be a great improvement. In the meantime, DPDK is going to move igb_uio (an out-of-tree Linux kernel module) from the main DPDK repository to a side-repo. This move and this patchset will hopefully encourage using VFIO. As Jerin said, DPDK prefers relying on upstream Linux modules.
