Re: [PATCH v6 05/13] iommufd/viommu: Add IOMMU_VIOMMU_ALLOC ioctl

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Nov 07, 2024 at 12:37:59PM +1100, Alexey Kardashevskiy wrote:
> > +	hwpt_paging = iommufd_get_hwpt_paging(ucmd, cmd->hwpt_id);
> > +	if (IS_ERR(hwpt_paging)) {
> > +		rc = PTR_ERR(hwpt_paging);
> > +		goto out_put_idev;
> > +	}
> > +
> > +	if (!hwpt_paging->nest_parent) {
> 
> 
> I am trying to use this for my so-called viommu which does not have this so
> this fails. My viommu is only visible to the VM via paravirt interface to
> populate sDTE (secure device table) so no viommu device in the guest or
> nested paging, nothing like this just yet.

The purpose of this is to define the translation underlying the
viommu and the VM.

If I understand AMD CC HW correctly, you still need to have a
translation to make the device work - so you should have a
nest_parent.

For AMD the nest_parent is simply a v1 domain and, with what is in
Joerg's tree the AMD driver can quickly be improved to support that
allocation option.

> Is there a writeup somewhere about possible uses of this
> IOMMU_HWPT_ALLOC_NEST_PARENT? I'd think one pass through device equals 1
> IOAS, 1 HWPT, 1 domain, 1 viommu, even with guest visible vIOMMU but it is
> not the case, is it?

It is intended for HW like AMD that requires selecting a special page
table format to be used on the hypervisor side. Ie select the v1 page
table format.

> btw is there a way to get a snapshot of all current objects in iommufd? They
> all use "dev_id" and not file descriptors so cannot look at /proc/><pid>/fd,
> and there is nothing in debugfs either.

Nothing has been done, a debugfs could be interesting

> For my current hack, I can pass IOMMU_HWPT_ALLOC_NEST_PARENT to QEMU's
> iommufd_backend_alloc_hwpt() but it is... meh. Thanks,

This is what I'd expect, yes. Qemu should be allocating domains that
are going to be used as part of advanced virtualization (viommu,
nesting, etc) using NEST_PARENT, AMD driver should accept this and
enforce the v1 format.

Jason




[Index of Archives]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]     [Linux Resources]

  Powered by Linux