[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] pci/ats: do not allow broken devices to be assigned to guests

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Date: Fri, 25 Feb 2022 10:00:35 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jEbboJgImCIzDFMuUIWNM1MW/+/0gagx6MuzxgoWux0=; b=WK5XrTxOxS3tmJ2JZmcv/uiPnQN3Q1nNeSqPNt8ASB9jS6WLvEzp5fml46AK9oJuLOuBPrFmMex3FSm33uyX3RTq+mnSvObjbKRrLX9LdfYUgXt5ocpZTrivInJS/Qn8mSrTfsCYASU28t/YM8sNzs9wtBO4orMdasnTtu+9+kVHX4LXgm9IBd+jtl9+aKv9wCrcPoQBcxEpnsbtnfnOxVG6zbFOOPtFBYODvavqFyfHXL2SvH3vVhwk5P25LrW8ECFTbYswmgn0V4IP5y2Ji8wIkc3krUlX/d6Crqu7ng3h8mmeoZeKdKXH2zrRAoQXCzPUQGpa+JrWM6+TVA33NQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=I1lRB/KIZbjjc8AhITbiQQzFHxvlrbNL76iphoNbFHbrxCOQXHuus2jdTr9Dc6ms2eZzC+xmlgcDiP2bVkiJdweC3CYsI7/shoan2QyHcqJjpuwrt0ifRKoYBXVslrcn3NIvip57uvmShopu4e9vWkBMkBhXP0nOIZ9LU+SD3F4BWBaC1UPsOit4ZBeQVKCsAVSAqPVppnoD64o0LPHv4N5DM9UQ5mpQ4Fh86t3Sv5mq9NIObx6ihpX7kM7z46gkktUwjLCc1P2dZR8x8kTxKQSf3mI0yH6XXobyz8zXTbAy/oiqc4FRReD/4NSAN7rsOIqwKk8gbV85/w9ulBnanw==
  • Authentication-results: esa6.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: Paul Durrant <paul@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Kevin Tian <kevin.tian@xxxxxxxxx>, Oleksandr Andrushchenko <andr2000@xxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Fri, 25 Feb 2022 09:00:55 +0000
  • Ironport-data: A9a23:Wt8WUqJv4n3NzAT3FE+RJ5UlxSXFcZb7ZxGr2PjKsXjdYENShTMGn WNOX2qOPvaJNGajeNAiOd7n8UkCucCHytVhQQNlqX01Q3x08seUXt7xwmUcns+xwm8vaGo9s q3yv/GZdJhcokf0/0vrav67xZVF/fngqoDUUYYoAQgsA148IMsdoUg7wbRh2NQ12YLR7z6l4 rseneWOYDdJ5BYsWo4kw/rrRMRH5amaVJsw5zTSVNgT1LPsvyB94KE3fMldG0DQUIhMdtNWc s6YpF2PEsE1yD92Yj+tuu6TnkTn2dc+NyDW4pZdc/DKbhSvOkXee0v0XRYRQR4/ttmHozx+4 OQdp5aKEF54B/HVkvYPbSYCKmJiMrITrdcrIVDn2SCS50jPcn+qyPRyFkAme4Yf/46bA0kXq 6ZecmpUKEne2aTmm9pXScE17ignBNPsM44F/Glp0BnSDOo8QICFSKLPjTNd9Gls1p4RRKiDD yYfQThUazvFQjluBnkeDrkUjcOlj3XfYSIN/Tp5ooJoujOOnWSdyoPFM9fLe9rMWcRcmG6Zo H7L+yLyBRRyHMOb4SqI9DSrnOCntTP2XsceGaO18tZugUaP3SoDBRsOT1y5rPKlzEmkVLp3I koY4HB29fAa+0miT927VBq9yFactwMYc8pdFas98g7l4qje7hudB2MEZiVcc9Fgv8gzLRQxz UOAld7tAT1psZWWRGib+7PSqim9UQAXMGsDaCksXQYDpd75r+kOYgnnF4g5VvTv15usRG+2k 2viQDUCa6s7vJ4Z3Z/ipAH+3yumtIr3cVQMpRnYQTfwhu9mX7KNa4ut4FndyP9PKoeFU1WM1 EQ5d9iiAPMmVs/UynHUKAkZNPTwvqvebmWA6bJ6N8R5r1yQF2ifkZe8Cd2UDGNgKY46dDDge yc/UisBtcYIbBNGgUKaCr9d6vjGL4C8RLwJtdiON7Kih6SdkifdrUmCgmbKggjQfLAEy/1XB HtiWZ/E4YwmIapm1iGqYOwWzKUmwCszrUuKG8ymkEj+jefGPCbNIVvgDLdoRrpohE9jiF+Im +uzyuPQk0kPOAEASnO/HXEvwaAiciFgWMGeRz1/fe+fOAt2cFzN+NeKqY7Nj7dNxvwP/s+Rp ynVchYBlDLX2C2WQS3XOysLQO6+Av5CQYcTYHVE0aCAgCN4P+5CLc43KvMKQFXQ3Lc7nK4sE qJcIJ3o7zYmYm2vxgnxpKLV9eRKXB+qmRiPL2yiZj0+dIRnXAvH5pnveQ6HycXEJnDfWRcWy 1F46j7mfA==
  • Ironport-hdrordr: A9a23:04sO+q7R8nmTUDdkqwPXwVGBI+orL9Y04lQ7vn2ZFiY7TiXIra yTdaoguCMc6AxxZJkh8erwX5VoZUmsj6KdhrNhQItKPTOWw1dASbsN0WKM+UyDJ8STzJ856U 4kSdkDNDSSNykKsS+Z2njALz9I+rDum8rJ9ITjJjVWPHlXgslbnnlE422gYytLrWd9dP4E/M 323Ls5m9PsQwVdUiz9bUN1KtTrlpnurtbLcBQGDxko5E2nii6p0qfzF1y90g0FWz1C7L8++S yd+jaJq5mLgrWe8FvxxmXT55NZlJ/IzcZCPtWFjowwJi/3ggilSYx9U/mpvSwzosuo9FE2+e O86SsIDoBW0Tf8b2u1qRzi103J1ysv0WbrzRuijX7qsaXCNUQHIvsEobgcXgrS6kImst05+r lMxXilu51eCg6FtDjh5vDTPisa2HackD4Hq6o+nnZfWYwRZPt6tooE5n5YF58GAWbT9J0nKu 9zF8vRjcwmPm9yV0qp/lWH/ebcHUjaRny9Mwo/U42uonRrdUlCvgolLJd1pAZEyHo/I6M0kN gsfJ4Y0I2mdfVmHp6VNN1xMfdfNVa9My4kEFjiaGgPR5t3c04klfbMkcEIDaeRCds18Kc=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On Fri, Feb 25, 2022 at 09:50:03AM +0100, Jan Beulich wrote:
> On 25.02.2022 09:41, Roger Pau Monné wrote:
> > On Thu, Feb 24, 2022 at 05:43:13PM +0100, Jan Beulich wrote:
> >> On 24.02.2022 17:37, Roger Pau Monne wrote:
> >>> Introduce a new field to mark devices as broken: having it set
> >>> prevents the device from being assigned to guests. Use the field in
> >>> order to mark ATS devices that have failed a flush as broken, thus
> >>> preventing them to be assigned to any guest.
> >>>
> >>> This allows the device IOMMU context entry to be cleaned up properly,
> >>> as calling _pci_hide_device will just change the ownership of the
> >>> device, but the IOMMU context entry of the device would be left as-is.
> >>> It would also leak a Domain ID, as removing the device from it's
> >>> previous owner will allow releasing the DID used by the device without
> >>> having cleaned up the context entry.
> >>
> >> This DID aspect is VT-d specific, isn't it? I'd be inclined to ask to
> >> make this explicit (which could be done while committing if no other
> >> need for a v3 arises).
> > 
> > Indeed. AMD doesn't use iommu_dev_iotlb_flush_timeout so the function
> > is VT-d specific.
> 
> But perhaps wrongly so. Which is why I'd prefer to ...

I thought the same, but didn't care enough to try to fix the AMD side.

> > What about using:
> > 
> > "Introduce a new field to mark devices as broken: having it set
> > prevents the device from being assigned to guests. Use the field in
> > order to mark ATS devices that have failed a flush when using VT-d as
> > broken, thus preventing them to be assigned to any guest.
> 
> ... omit VT-d here (i.e. leave this paragraph as you had it before),
> but ...

OK, it wasn't my intention to make it sound like this is not required
for AMD, just not used ATM. Was merely trying to reflect the current
logic in the text.

> > This allows the device IOMMU context entry to be cleaned up properly,
> > as calling _pci_hide_device will just change the ownership of the
> > device, but the IOMMU context entry of the device would be left as-is.
> > It would also leak a VT-d Domain ID if using one, as removing the
> > device from it's previous owner will allow releasing the IOMMU DID
> > used by the device without having cleaned up the context entry."
> 
> ... use this as replacement.

Fine.

Thanks, Roger.

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.