[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v5 01/11] xen/arm: xc_domain_ioport_permission(..) not supported on ARM.


  • To: Bertrand Marquis <Bertrand.Marquis@xxxxxxx>
  • From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Date: Mon, 11 Oct 2021 18:32:49 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JN2qooTMidmqi0poQK8uzNQTGb5Cuhe9Crr5BSVThh8=; b=eUWeZd1l8zz+ppp1AXUyTNRbFxH0F+GzH0zbhH+T5gWrkgh8ylY0CsE0w8qL8sn06NL2mERMBDt7/JsXo1qRXErJ3TIKMnwD5XAiz/MJ7sTleii6IWOwFp5A9xYR9VyIQ5NWdw9sbadUuIDO5v5hJ/Gmu1AH/da/UuBGyHiBcCJ7saJGpEpL0enQ2/SWe23mE+8AEhu/qLALEnKWSXjcgpRRyf3yt560YTtHSKPMqPSL5ylLrKEF2b2xNK8319ZbmQV22ftwXCCoTFGCn9O5ry6MZaG6YuEGDQk+3NG3UZlQiG9bvaMznJ/9pRYqw1RP8AZGcOroS6yogjzN/PNdpQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hC/tnu4PrTlhorH59ikoEsQCCKMTy1OBaCHGo8FC7FdsW41p6ekkk/yTOQj08FL2Q9q/6XvLBpC6TOjAm4+xsU3svMKZ8gXDL+cxRw9MHMnMC+kUibT6KJYk1VEkNMMWyd/XdA31UwCFMY5qXKPeY+U3P/RT3/kUsTQ9Lpg/fz0RNopD9bZ+GoIO0mv3y8cqKFTE++/qTCQ30lK+/aG5fWkcPvy66N/Ica/beac2sZxEpjzRafh1ukBCQgJrNwWzpvXzEQcJRkSFcyYxmJ57K3m7wpeXGWbK89ol3VP+DT5mHpcSDM5HTvXyAcZLLNh5GnGUT9mYuf7BgaYEAqZ43g==
  • Authentication-results: esa3.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: Oleksandr Andrushchenko <Oleksandr_Andrushchenko@xxxxxxxx>, Rahul Singh <Rahul.Singh@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Andre Przywara <Andre.Przywara@xxxxxxx>, Ian Jackson <iwj@xxxxxxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>
  • Delivery-date: Mon, 11 Oct 2021 16:33:37 +0000
  • Ironport-data: A9a23:3wtHI6IE3yvIMQ/vFE+RpZMlxSXFcZb7ZxGr2PjKsXjdYENSg2AGn TMZWzqBbqyNY2D0L49zPd/kphkPsZLWnd82S1dlqX01Q3x08seUXt7xwmUcns+xwm8vaGo9s q3yv/GZdJhcokcxIn5BC5C5xZVG/fjgqoHUVaiUZ0ideSc+EH140Eo6wrZg6mJVqYPR7z2l6 IuaT/L3YDdJ6xYsWo7Dw/vewP/HlK2aVAIw5jTSV9gS1LPtvyB94KYkDbOwNxPFrrx8RYZWc QphIIaRpQs19z91Yj+sfy2SnkciGtY+NiDW4pZatjTLbrGvaUXe345iXMfwZ3u7hB2ntM9Lj /Z/p6fochsYOoLWocFedUdHRnQW0a1uoNcrIFC6uM2XiUbHb2Ht07NlC0Re0Y8wo7gtRzsUr LpBdW5LPkvra+GemdpXTsF2gcsuNo/zNZ43sXB81zDJS/0hRPgvRo2XuY4Dhmpg26iiG97EZ sgELjkxSCjZZixwAXENEJQ/s/yn0yyXnzpw9wvO+PtfD3Lo5BN1+KjgNpzSYNPibcRKnG6Iq 2Te5WP7DxoGctuFxlKt6Wmwj+XCmSf6XoM6F7Ci8PNuxlqJyQQ7ChIMUkCgieKkkUP4UNVaQ 2Q9/CY0oO4K7l66UdDnVjWxunvCtRkZM/J3F+A58wiLxrDjygCVHHUfTjVBZdols+c7XTUvk FSOmrvBLzF1rKecT37b076OtC6zIgAcN2pEbigBJSMV7t+mrIwtgxbnStd4DLXzntDzASv3w T2BsG45nbp7pfQC17i/u2vGhT2sjpHTS0g+4QC/Y46+xlonPsj/PdXusAWFq6YbRGqEcrWfl FYvhPLZz9IcNsm2iB2Jb/80OfKPuenQZVUwnmVTN5Um8j2s/VuqcoZR/CxyKS9VDyoURdP6S BSM4V0Jtfe/KFPvNPUtO9vgVKzG2IC5TYy9Ps04eOaidXSYmOWvxyppeVKLl17klEwhgMnT0 r/KLJ7yUx725UlhpQdaptvxM5d3lkjSJkuJHPgXKihLN5LEORZ5rp9fYTOzghgRtv/sneks2 4832zG24xteSvbiRSLc7JQeK1sHRVBiW8ut+50PKbfaflQ9cI3ENxM36eh7E2CCt/4E/tokA 1nnAhMIoLYBrSyvxfq2hoBLN+q0AMcXQYMTNi0wJ1e4s0XPkq70hJrzg6AfJOF9nMQ6lKYcZ 6BcJ62oX6QeIhyaqm91RcSs8+RfmOGD2Fvm09yNO2NkIfaNhmXhp7fZQ+cY3HBWVHTo7pFi/ +TIO8GyacNrejmOxf3+MZqH51iwoWIciKR1WU7JKcNUY0Li7M5hLCmZsxP9C5hkxczrymTI2 gCILw0foOWR8YY5/MOQ3fKPrpuzEvs4FU1fRjGJ4bGzPCjc32yi3Y4fD7rYIWGDDDv5qPe4e OFY7/DgK/lbzlxEhJVxTuRwxqUk6tqx+7IDllZ4HG/GZkiAA697JiXUxtFGs6BAn+cLuQa/V k+V1MNdPLGFZJHsHFILfVJ3ZeWfz/AE3DLV6K1tckn94SZ2+puBUFlTYEbQ2HAMcuMtPdp8k +k7ucMQ5wiusTYQM46L3nJO6mCBDn0cSKF75JsUN5Dm11gwwVZYbJ2CViKvuMOTa89BO1UBK yOPgPaQnKxVw0fPfiZhFXXJ2uYB150CtAoTkQ0HLlWN3NHEmuU2zFta9jFuFlZZyRBO0uRSP Gl3NhIqefXSrmkw3MUTDXqxHwxhBQGC/h2jwlQEo2TVUk20WzGfN2Y6I+uMoBgU/m80kuK3J 11EJLIJiQrXQfw=
  • Ironport-hdrordr: A9a23:yoo/7q62J/fesULCpQPXwVSBI+orL9Y04lQ7vn2ZFiY6TiXIra +TdaoguSMc6AxwZJkh8erwXpVoZUmsiKKdhrNhQYtKPTOWwldASbsC0WKM+UyEJ8STzJ846U 4kSdkANDSSNykLsS+Z2njBLz9I+rDum8rE9ISurQYfcegpUdAa0+4QMHfrLqQcfng+OXNWLu v62iIRzADQB0j/I/7LS0UtbqzmnZnmhZjmaRkJC1oO7xSPtyqh7PrfHwKD1hkTfjtTyfN6mF K13DDR1+GGibWW2xXc32jc49B/n8bg8MJKAIiphtIOIjvhpw60bMBKWqGEvhoyvOazgWxa3O XkklMFBYBe+nnRdma6rV/E3BTh6i8n7zvYxVqRkRLY0ITEbQN/L/AEqZNScxPf5UZllsp7yr h302WQsIcSJQ/cnQzmjuK4Fy1Cpw6Rmz4PgOQTh3tQXc81c7lKt7ES+0tTDdMpAD/60oY6C+ NjZfuspcq+SWnqLUwxg1MfheBFBh8Ib1O7qwk5y4KoOgFt7TNEJxBy/r1Zop8CnKhNAqWsqd 60dJiAr4s+O/P+W5gNctvpcfHHeFAlfii8RF56AW6XX53vaEi94aIe3t0OlZaXkdozvcIPpK g=
  • Ironport-sdr: 5nbEISG4Wf0o/ZsQkbUpeb/1wQ5pjqoN1BHsvMVJ8GKpr0CxkK3dYV229kMvTEIGR9tuSlIVqA zSlX0q3kSO58ENphfXYIKbE+qNc49vBbo4E2ZbrSBr06dCcxg4tVxKiQH0TX2sf5HDZMz1gGO9 ZcOgjLcxKlQOHos6Nbr0ugVtuDAGZMN7czSAiFe3qEabn23GZ5l23CbDRoXkI49TPOavRLs+B4 08yGTF88JA0at9WrJ0GWruPzxfRvj/Q0oGs4BFF4ubV/CWPIoJbBCmlm8Lq213jvK/35PRSdM6 wpa+bZhP6NlK7aIjXWjBmdRj
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Mon, Oct 11, 2021 at 02:16:19PM +0000, Bertrand Marquis wrote:
> Hi Roger,
> 
> > On 11 Oct 2021, at 14:57, Roger Pau Monné <roger.pau@xxxxxxxxxx> wrote:
> > 
> > On Mon, Oct 11, 2021 at 01:40:30PM +0000, Bertrand Marquis wrote:
> >> Hi Roger,
> >> 
> >> + Oleksandr to have a better PCI expert then me.
> >> 
> >>> On 11 Oct 2021, at 14:20, Roger Pau Monné <roger.pau@xxxxxxxxxx> wrote:
> >>> 
> >>> On Mon, Oct 11, 2021 at 12:11:04PM +0000, Bertrand Marquis wrote:
> >>>> Hi Roger,
> >>>> 
> >>>>> On 11 Oct 2021, at 12:47, Roger Pau Monné <roger.pau@xxxxxxxxxx> wrote:
> >>>>> 
> >>>>> On Wed, Oct 06, 2021 at 06:40:27PM +0100, Rahul Singh wrote:
> >>>>>> ARM architecture does not implement I/O ports. Ignore this call on ARM
> >>>>>> to avoid the overhead of making a hypercall just for Xen to return
> >>>>>> -ENOSYS.
> >>>>> 
> >>>>> What is the cal trace of this function actually on Arm?
> >>>>> 
> >>>>> AFAICT libxl will only call xc_domain_ioport_permission if there are
> >>>>> IO ports explicitly defined in the guest configuration, or if any of
> >>>>> the BARs of the PCI device is in the IO space, which is not possible
> >>>>> on Arm.
> >>>> 
> >>>> PCI devices BARs can be in the IO space as the PCI devices are not
> >>>> Arm specific. There is not ioports on arm so to be used those can be
> >>>> in some cases remapped and accessed as MMIOs or are not possible
> >>>> to use at all.
> >>>> 
> >>>> But the IO space does appear when BARs are listed even on Arm.
> >>> 
> >>> Urg, I wonder whether those devices with IO BARs will work correctly
> >>> under Arm then.
> >>> 
> >>> How do you know whether the BAR has been remapped from IO space into
> >>> MMIO?
> >> 
> >> We cannot, I think the platform will define if this is the case and where.
> >> @oleksandr: I remember that this was discussed during some of our
> >> meetings but I have no idea of the details here, can you help ?
> >> 
> >>> 
> >>> IMO instead of faking a successful return value from
> >>> xc_domain_ioport_permission we should avoid the call completely in the
> >>> first place, specially if we need to instead issue a call to
> >>> xc_domain_iomem_permission.
> >> 
> >> At the end we will never have to issue this because this will never be a 
> >> matter
> >> of “iomem” permission as there would not be any way to cut on something 
> >> under
> >> the page. If this is to be supported one day, it will probably have to be 
> >> fully emulated
> >> to keep the isolation.
> > 
> > So you have a set of memory pages that map accesses from
> > MMIO into IO space but it's not possible to isolate specific IO port
> > regions as they are all contiguous in the same page(s).
> 
> Exact.
> 
> > 
> >> Right now on arm you can just make the more simple assumption that ioports 
> >> are
> >> just not supported.
> > 
> > Would it make sense in the future to provide a memory region to guests
> > in order to use for IO port accesses, and call
> > xc_domain_ioport_permission to set which ports would be allowed?
> 
> Right now we do not plan to support this at all and we will have to
> figure this out if we do this one day.
> 
> > 
> > I think the commit message needs to at least be expanded in order to
> > contain the information provided here. It might also be helpful to
> > figure out whether we would have to handle IO port accesses in the
> > future on Arm, or if it's fine to just ignore them.
> 
> All our investigations and tests have been done without supporting it
> without any issues so this is not a critical feature (most devices can
> be operated without using the I/O ports).

IMO we should let the users know they attempted to use a device with
BARs in the IO space, and that those BARs won't be accessible which
could make the device not function as expected.

Do you think it would be reasonable to attempt the hypercall on Arm
also, and in case of error (on Arm) just print a warning message and
continue operations as normal?

Thanks, Roger.



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.