On Tue, 19 Jul 2022 10:49:42 +0300 Yishai Hadas <yishaih@xxxxxxxxxx> wrote: > On 19/07/2022 1:29, Alex Williamson wrote: > > On Thu, 14 Jul 2022 11:12:43 +0300 > > Yishai Hadas <yishaih@xxxxxxxxxx> wrote: > > > >> DMA logging allows a device to internally record what DMAs the device is > >> initiating and report them back to userspace. It is part of the VFIO > >> migration infrastructure that allows implementing dirty page tracking > >> during the pre copy phase of live migration. Only DMA WRITEs are logged, > >> and this API is not connected to VFIO_DEVICE_FEATURE_MIG_DEVICE_STATE. > >> > >> This patch introduces the DMA logging involved uAPIs. > >> > >> It uses the FEATURE ioctl with its GET/SET/PROBE options as of below. > >> > >> It exposes a PROBE option to detect if the device supports DMA logging. > >> It exposes a SET option to start device DMA logging in given IOVAs > >> ranges. > >> It exposes a SET option to stop device DMA logging that was previously > >> started. > >> It exposes a GET option to read back and clear the device DMA log. > >> > >> Extra details exist as part of vfio.h per a specific option. > > > > Kevin, Kirti, others, any comments on this uAPI proposal? Are there > > potentially other devices that might make use of this or is everyone > > else waiting for IOMMU based dirty tracking? > > > > > >> Signed-off-by: Yishai Hadas <yishaih@xxxxxxxxxx> > >> Signed-off-by: Jason Gunthorpe <jgg@xxxxxxxxxx> > >> --- > >> include/uapi/linux/vfio.h | 79 +++++++++++++++++++++++++++++++++++++++ > >> 1 file changed, 79 insertions(+) > >> > >> diff --git a/include/uapi/linux/vfio.h b/include/uapi/linux/vfio.h > >> index 733a1cddde30..81475c3e7c92 100644 > >> --- a/include/uapi/linux/vfio.h > >> +++ b/include/uapi/linux/vfio.h > >> @@ -986,6 +986,85 @@ enum vfio_device_mig_state { > >> VFIO_DEVICE_STATE_RUNNING_P2P = 5, > >> }; > >> > >> +/* > >> + * Upon VFIO_DEVICE_FEATURE_SET start device DMA logging. > >> + * VFIO_DEVICE_FEATURE_PROBE can be used to detect if the device supports > >> + * DMA logging. > >> + * > >> + * DMA logging allows a device to internally record what DMAs the device is > >> + * initiating and report them back to userspace. It is part of the VFIO > >> + * migration infrastructure that allows implementing dirty page tracking > >> + * during the pre copy phase of live migration. Only DMA WRITEs are logged, > >> + * and this API is not connected to VFIO_DEVICE_FEATURE_MIG_DEVICE_STATE. > >> + * > >> + * When DMA logging is started a range of IOVAs to monitor is provided and the > >> + * device can optimize its logging to cover only the IOVA range given. Each > >> + * DMA that the device initiates inside the range will be logged by the device > >> + * for later retrieval. > >> + * > >> + * page_size is an input that hints what tracking granularity the device > >> + * should try to achieve. If the device cannot do the hinted page size then it > >> + * should pick the next closest page size it supports. On output the device > >> + * will return the page size it selected. > >> + * > >> + * ranges is a pointer to an array of > >> + * struct vfio_device_feature_dma_logging_range. > >> + */ > >> +struct vfio_device_feature_dma_logging_control { > >> + __aligned_u64 page_size; > >> + __u32 num_ranges; > >> + __u32 __reserved; > >> + __aligned_u64 ranges; > >> +}; > >> + > >> +struct vfio_device_feature_dma_logging_range { > >> + __aligned_u64 iova; > >> + __aligned_u64 length; > >> +}; > >> + > >> +#define VFIO_DEVICE_FEATURE_DMA_LOGGING_START 3 > >> + > >> +/* > >> + * Upon VFIO_DEVICE_FEATURE_SET stop device DMA logging that was started > >> + * by VFIO_DEVICE_FEATURE_DMA_LOGGING_START > >> + */ > >> +#define VFIO_DEVICE_FEATURE_DMA_LOGGING_STOP 4 > >> + > >> +/* > >> + * Upon VFIO_DEVICE_FEATURE_GET read back and clear the device DMA log > >> + * > >> + * Query the device's DMA log for written pages within the given IOVA range. > >> + * During querying the log is cleared for the IOVA range. > >> + * > >> + * bitmap is a pointer to an array of u64s that will hold the output bitmap > >> + * with 1 bit reporting a page_size unit of IOVA. The mapping of IOVA to bits > >> + * is given by: > >> + * bitmap[(addr - iova)/page_size] & (1ULL << (addr % 64)) > >> + * > >> + * The input page_size can be any power of two value and does not have to > >> + * match the value given to VFIO_DEVICE_FEATURE_DMA_LOGGING_START. The driver > >> + * will format its internal logging to match the reporting page size, possibly > >> + * by replicating bits if the internal page size is lower than requested. > >> + * > >> + * Bits will be updated in bitmap using atomic or to allow userspace to s/or/OR/ > >> + * combine bitmaps from multiple trackers together. Therefore userspace must > >> + * zero the bitmap before doing any reports. > > Somewhat confusing, perhaps "between report sets"? > > The idea was that the driver just turns on its own dirty bits and > doesn't touch others. Right, we can aggregate dirty bits from multiple devices into a single bitmap. > Do you suggest the below ? > > "Therefore userspace must zero the bitmap between report sets". It may be best to simply drop this guidance, we don't need to presume the user algorithm, we only need to make it apparent that LOGGING_REPORT will only set bits in the bitmap and never clear or preform any initialization of the user provided bitmap. > >> + * > >> + * If any error is returned userspace should assume that the dirty log is > >> + * corrupted and restart. > > Restart what? The user can't just zero the bitmap and retry, dirty > > information at the device has been lost. > > Right > > > Are we suggesting they stop > > DMA logging and restart it, which sounds a lot like failing a migration > > and starting over. Or could the user gratuitously mark the bitmap > > fully dirty and a subsequent logging report iteration might work? > > Thanks, > > > > Alex > > An error at that step is not expected and might be fatal. > > User space can consider marking all as dirty and continue with that > approach for next iterations, maybe even without calling the driver. > > Alternatively, user space can abort the migration and retry later on. > > We can come with some rephrasing as of the above. > > What do you think ? If userspace needs to consider the bitmap undefined for any errno, that's a pretty serious usage restriction that may negate the practical utility of atomically OR'ing in dirty bits. We can certainly have EINVAL, ENOTTY, EFAULT, E2BIG, ENOMEM conditions that don't result in a corrupted/undefined bitmap, right? Maybe some of those result in an incomplete bitmap, but how does the bitmap actually get corrupted? It seems like such a condition should be pretty narrowly defined and separate from errors resulting in an incomplete bitmap, maybe we'd reserve -EIO for such a case. The driver itself can also gratuitously mark ranges dirty itself if it loses sync with the device, and can probably do so at a much more accurate granularity than userspace. Thanks, Alex > >> + * > >> + * If DMA logging is not enabled, an error will be returned. > >> + * > >> + */ > >> +struct vfio_device_feature_dma_logging_report { > >> + __aligned_u64 iova; > >> + __aligned_u64 length; > >> + __aligned_u64 page_size; > >> + __aligned_u64 bitmap; > >> +}; > >> + > >> +#define VFIO_DEVICE_FEATURE_DMA_LOGGING_REPORT 5 > >> + > >> /* -------- API for Type1 VFIO IOMMU -------- */ > >> > >> /** > >