On Wed, Nov 08, 2023 at 08:53:00AM +0000, Tian, Kevin wrote: > > There are many events related to object in guest memory or controlled > > by the guest, eg C_BAD_CD and C_BAD_STE. These should be relayed or > > the emulation is not working well. > > so that's the category of unrecoverable faults? I haven't looked exhaustively but I do have the impression that the only recoverable fault is the 'page not present' one. > btw I can understand C_BAD_CD given it's walked by the physical SMMU > in nested configuration. But presumably STE is created by the smmu > driver itself then why would there be an error to be relayed for > guest STE? If the guest programs a bad STE it should still generate a C_BAD_STE even if the mediation SW could theoretically sanitize it (but sanitize it to what? BLOCKED?). Since we have to forward things like C_BAD_CD and others we may as well just drop an invalid STE and forward the event like real HW. > > > but I didn't get the last piece. If those domains are created by kernel > > > drivers why would they require a uAPI for userspace to specify fault > > > capable? > > > > Not to userspace, but a kapi to request a fault capable domain and to > > supply the fault handler. Eg: > > > > iommu_domain_alloc_faultable(dev, handler); > > Does it affect SVA too? Inside the driver the SVA should be constructed out of the same fault handling infrastructure, but a SVA domain allocation should have a different allocation function. Jason