[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [PATCH 10/11] xen/arm: device assignment on 1:1 direct-map domain

  • To: Julien Grall <julien@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "sstabellini@xxxxxxxxxx" <sstabellini@xxxxxxxxxx>
  • From: Penny Zheng <Penny.Zheng@xxxxxxx>
  • Date: Sat, 9 Oct 2021 09:40:46 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=nxCN7YUiHa2aOxcQyZRnG4XEruW3sn6G6+e8TIJaOKU=; b=NREAm9FwMNtaION5V+6rrFWu4X71lEywatvo4w0FWln95cMZUzFg+P8hFvevl4ez5o0F9CMegTipD+CREaerXoIRl0FsCpUxVAbpC6JXLobvwAdSZbpqGTn5MuIuQ6kZte4I/EOG0W8dexB7wJjJnPdb2JtG0gK2+IGJ19r/T36jp/Zk4PKpvGevXD8Vwwf8PJpfWw6eBw4I1CuSx4p18DSM9j4tM7LcBJzcEuhkg/AlVp/ZJgAPupCWlpcj7zDvf0WkOuO9JhvFhnJio6Y/nVvvlkgwSIAuZopSqOz2AZ/0LG7HtzVrZID9e1a39srSGD80U3MYnSNqWc5P2EZtTw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Byq2Jt7SleFq6/Z/SeFLbb/k7Gd1HVuFLN8FNvs+s2i8FReyw3s9zuTNmEMD0FbaCVIS/GUVXVx2tWtxSsqv+lvB7Jd4um07CsBi8TydNOHrvgqD3p7iQVqOlQMpoP+OkgYjtZ61o1a6OAhDA/tvof6RQBtnF40GHuq6UYoQtuz0vnOrBZtBJ+418LoWHkrRaJhmCrhfzsK3rm5GniopMfUqJTzPSg+J+/PCn1kWhbzpsMS2Yhnz4ZN0COqFLVGVOEFs8knzK3bsD8orZ1WmngM6PzKVLnGUsUESjBDOT93abvCMxa2pBUd57h1FWx1pDlGA03AmubeWxirCd+uyKA==
  • Authentication-results-original: xen.org; dkim=none (message not signed) header.d=none;xen.org; dmarc=none action=none header.from=arm.com;
  • Cc: Bertrand Marquis <Bertrand.Marquis@xxxxxxx>, Wei Chen <Wei.Chen@xxxxxxx>
  • Delivery-date: Sat, 09 Oct 2021 09:41:09 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Nodisclaimer: true
  • Original-authentication-results: xen.org; dkim=none (message not signed) header.d=none;xen.org; dmarc=none action=none header.from=arm.com;
  • Thread-index: AQHXsCjEx0HGlBpA+Em1L92CXDXaB6uxe3AAgBj87fA=
  • Thread-topic: [PATCH 10/11] xen/arm: device assignment on 1:1 direct-map domain
Hi Julien

> -----Original Message-----
> From: Julien Grall <julien@xxxxxxx>
> Sent: Thursday, September 23, 2021 7:27 PM
> To: Penny Zheng <Penny.Zheng@xxxxxxx>; xen-devel@xxxxxxxxxxxxxxxxxxxx;
> sstabellini@xxxxxxxxxx
> Cc: Bertrand Marquis <Bertrand.Marquis@xxxxxxx>; Wei Chen
> <Wei.Chen@xxxxxxx>
> Subject: Re: [PATCH 10/11] xen/arm: device assignment on 1:1 direct-map
> domain
> 
> Hi,
> 
> On 23/09/2021 08:11, Penny Zheng wrote:
> > User could do device passthrough, with
> > "xen,force-assign-without-iommu" in the device tree snippet, on
> > trusted guest through 1:1 direct-map, if IOMMU absent or disabled on
> hardware.
> 
> At the moment, it would be possible to passthrough a non-DMA capable
> device with direct-mapping. After this patch, this is going to be forbidden.
> 
> >
> > In order to achieve that, this patch adds 1:1 direct-map check and
> > disables iommu-related action.
> >
> > Signed-off-by: Penny Zheng <penny.zheng@xxxxxxx>
> > ---
> >   xen/arch/arm/domain_build.c | 12 ++++++++----
> >   1 file changed, 8 insertions(+), 4 deletions(-)
> >
> > diff --git a/xen/arch/arm/domain_build.c b/xen/arch/arm/domain_build.c
> > index c92e510ae7..9a9d2522b7 100644
> > --- a/xen/arch/arm/domain_build.c
> > +++ b/xen/arch/arm/domain_build.c
> > @@ -2070,14 +2070,18 @@ static int __init
> handle_passthrough_prop(struct kernel_info *kinfo,
> >       if ( res < 0 )
> >           return res;
> >
> > +    /*
> > +     * If xen_force, we allow assignment of devices without IOMMU
> protection.
> > +     * And if IOMMU is disabled or absent, 1:1 direct-map is necessary > +
> */
> > +    if ( xen_force && is_domain_direct_mapped(kinfo->d) &&
> > +         !dt_device_is_protected(node) )
> 
> dt_device_is_protected() will be always false unless the device is protected
> behing an SMMU using the legacy binding. So I don't think this is correct to
> move this check ahead. In fact..
> 
> > +        return 0;
> > +
> >       res = iommu_add_dt_device(node);
> 
> ... the call should already be a NOP when the IOMMU is disabled or the
> device is not behind an IOMMU. So can you explain what you are trying to
> prevent here?
> 

If the IOMMU is disabled, iommu_add_dt_device will return 1 as errno. 
So we could not make it to the xen_force check...

So I tried to move all IOMMU action behind xen_force check.

Now, device assignment without IOMMU protection is only
applicable on direct-map domains, so this commit also adds
is_domain_direct_mapped check together with xen_force check.

> >       if ( res < 0 )
> >           return res;
> >
> > -    /* If xen_force, we allow assignment of devices without IOMMU
> protection. */
> > -    if ( xen_force && !dt_device_is_protected(node) )
> > -        return 0;
> > -
> >       return iommu_assign_dt_device(kinfo->d, node);
> >   }
> >
> >
> 
> Cheers,
> 
> --
> Julien Grall

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.