[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC PATCH 00/21] Add SMMUv3 Stage 1 Support for XEN guests


  • To: Stefano Stabellini <sstabellini@xxxxxxxxxx>
  • From: Rahul Singh <Rahul.Singh@xxxxxxx>
  • Date: Tue, 6 Dec 2022 11:49:25 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=X6+jHMFw/gB8nLK3z+xYtUntAvpnbHMSCLei1hpOzfk=; b=NrhssJMkVbXEDFEVIMSQkDF3Pr64Y6NhYRpQ16lyfkmyTA9sMSj9PphkfwaOGSq2Uu0QnHUK45GLi70uRLwuwUxuxi0BYNQ4Onxy8qClegFWeQv2jP1doQiLTXa7ZB6qzRHJxBSHFzPME+cNrFpqouuxOnPO3U3AJaB1YUkys7N51QLoEtju43GsdLEC9RYSAv1AMFIszLlXI7iewECgBSo8USAmjq6xhEqD5oK8M9rrWUdaB5IHsB7Pc2lkjYXXR/yUGoskj0oB8O6Zy9XOyt9oahQil5B2YT6j5kcnU/2pXvouUI4OlINnh8915lm25VZVYLuonNVQdv7wjfU1tg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=g0VzPBbIKvcQZGKgCFt/DqfxB0XQ2IqyrFE+n3khf/i8mqSzMReM4BhGGIL5Isw8Sc/0qbGy8kalHqylcQMIb7a2APUj83WeaBO0Bg0vQNhCCCnH3tW9Qk/Pt29+EcpZI8hU1faSifOYcP2IhJCsojTHL3Of57AqdWt01RCduLVjnpTda/drKK9yY4/juOExbW9c89ZvfFQpphTXyAMu1+0vSTaGcSjmGPf8E/aPrVvVt/SpZCiaTSxJAo1E23FrndXhcqhtniIQiZvcDcPKF8Hy3GdF50qz4yEZhB2E9AnwWpKfEtWg4fHhAXl1FVYcVd+CH/PCdPNW+c4LjVn+zw==
  • Authentication-results-original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Cc: Julien Grall <julien@xxxxxxx>, Xen developer discussion <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Bertrand Marquis <Bertrand.Marquis@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Paul Durrant <paul@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Nick Rosbrook <rosbrookn@xxxxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • Delivery-date: Tue, 06 Dec 2022 11:50:01 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Nodisclaimer: true
  • Original-authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Thread-index: AQHZBZ5+Ng+vzjZ4EEiQHhlU/SEGMa5cu/uAgAMd/ICAAOxSAA==
  • Thread-topic: [RFC PATCH 00/21] Add SMMUv3 Stage 1 Support for XEN guests

Hi Stefano,Julien

> On 5 Dec 2022, at 9:43 pm, Stefano Stabellini <sstabellini@xxxxxxxxxx> wrote:
> 
> On Sat, 3 Dec 2022, Julien Grall wrote:
>> On 01/12/2022 16:02, Rahul Singh wrote:
>>> This patch series is sent as RFC to get the initial feedback from the
>>> community. This patch series consists of 21 patches which is a big number
>>> for
>>> the reviewer to review the patches but to understand the feature end-to-end
>>> we
>>> thought of sending this as a big series. Once we will get initial feedback,
>>> we
>>> will divide the series into a small number of patches for review.
>> 
>> From the cover letter, it is not clear to me what sort of input you are
>> expecting for the RFC. Is this about the design itself?
>> 
>> If so, I think it would be more helpful to write an high level document on 
>> how
>> you plan to emulate the vIOMMU in Xen. So there is one place to
>> read/agree/verify rather than trying to collate all the information from the
>> 20+ patches.
>> 
>> Briefly skimming through I think the main things that need to be addressed in
>> order of priority:
>>  - How to secure the vIOMMU
>>  - 1 vs multiple vIOMMU
>> 
>> The questions are very similar to the vITS because the SMMUv3 is based on a
>> queue. And given you are selling this feature as a security one, I don't 
>> think
>> we can go forward with the review without any understanding/agreement on what
>> needs to be implemented in order to have a safe/secure vIOMMU.
> 
> I think we are all aligned here, but let me try to clarify further.
> 
> As the vIOMMU is exposed to the guest, and exposing a queue-based
> interface to the guest is not simple, it would be good to clarify in a
> document the following points:
> 
> - how is the queue exposed to the guest
> - how are guest-inputs sanitized
> - how do the virtual queue resources map to the physical queue
>  resources
> - lifecycle of the resource mappings
> - any memory allocations triggered by guest actions and their lifecycle
> 
> It is difficult to extrapole these details from 21 patches. Having these
> key detailed written down in the 0/21 email would greatly help with the
> review. It would make the review go a lot faster.

Ack. I will send the design docs by next week that will include all the 
requested
information.

Regards.
Rahul





 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.