Re: [PATCH v1 2/2] vfio/pci: Emulate PASID/PRI capability for VFs

From: Alex Williamson
Date: Mon Apr 13 2020 - 15:45:15 EST

Next message: Tejun Heo: "Re: [PATCH 5/8] kernfs: let objects opt-in to propagating from the initial namespace"
Previous message: Chris Paterson: "RE: [PATCH 4.4 00/29] 4.4.219-rc1 review"
In reply to: Jean-Philippe Brucker: "Re: [PATCH v1 2/2] vfio/pci: Emulate PASID/PRI capability for VFs"
Next in thread: Raj, Ashok: "Re: [PATCH v1 2/2] vfio/pci: Emulate PASID/PRI capability for VFs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 9 Apr 2020 09:35:33 +0200
Jean-Philippe Brucker <jean-philippe@xxxxxxxxxx> wrote:

> On Wed, Apr 08, 2020 at 10:19:40AM -0600, Alex Williamson wrote:
> > On Tue, 7 Apr 2020 21:00:21 -0700
> > "Raj, Ashok" <ashok.raj@xxxxxxxxx> wrote:
> >
> > > Hi Alex
> > >
> > > + Bjorn
> >
> > + Don
> >
> > > FWIW I can't understand why PCI SIG went different ways with ATS,
> > > where its enumerated on PF and VF. But for PASID and PRI its only
> > > in PF.
> > >
> > > I'm checking with our internal SIG reps to followup on that.
> > >
> > > On Tue, Apr 07, 2020 at 09:58:01AM -0600, Alex Williamson wrote:
> > > > > Is there vendor guarantee that hidden registers will locate at the
> > > > > same offset between PF and VF config space?
> > > >
> > > > I'm not sure if the spec really precludes hidden registers, but the
> > > > fact that these registers are explicitly outside of the capability
> > > > chain implies they're only intended for device specific use, so I'd say
> > > > there are no guarantees about anything related to these registers.
> > >
> > > As you had suggested in the other thread, we could consider
> > > using the same offset as in PF, but even that's a better guess
> > > still not reliable.
> > >
> > > The other option is to maybe extend driver ops in the PF to expose
> > > where the offsets should be. Sort of adding the quirk in the
> > > implementation.
> > >
> > > I'm not sure how prevalent are PASID and PRI in VF devices. If SIG is resisting
> > > making VF's first class citizen, we might ask them to add some verbiage
> > > to suggest leave the same offsets as PF open to help emulation software.
> >
> > Even if we know where to expose these capabilities on the VF, it's not
> > clear to me how we can actually virtualize the capability itself. If
> > the spec defines, for example, an enable bit as r/w then software that
> > interacts with that register expects the bit is settable. There's no
> > protocol for "try to set the bit and re-read it to see if the hardware
> > accepted it". Therefore a capability with a fixed enable bit
> > representing the state of the PF, not settable by the VF, is
> > disingenuous to the spec.
>
> Would it be OK to implement a lock down mechanism for the PF PASID
> capability, preventing changes to the PF cap when the VF is in use by
> VFIO? The emulation would still break the spec: since the PF cap would
> always be enabled the VF configuration bits would have no effect, but it
> seems preferable to having the Enable bit not enable anything.

I think we absolutely need some mechanism to make sure the PF driver
doesn't change the PASID enable bit while we're using it. A PASID user
registration perhaps. And yes, that doesn't necessarily map to being
able to actually disable PASID, but it sounds like Kevin and Ashok have
some ideas how the emulation could use the IOMMU settings to achieve
that more precisely.

> > If what we're trying to do is expose that PASID and PRI are enabled on
> > the PF to a VF driver, maybe duplicating the PF capabilities on the VF
> > without the ability to control it is not the right approach. Maybe we
> > need new capabilities exposing these as slave features that cannot be
> > controlled? We could define our own vendor capability for this, but of
> > course we have both the where to put it in config space issue, as well
> > as the issue of trying to push an ad-hoc standard. vfio could expose
> > these as device features rather than emulating capabilities, but that
> > still leaves a big gap between vfio in the hypervisor and the driver in
> > the guest VM. That might still help push the responsibility and policy
> > for how to expose it to the VM as a userspace problem though.
>
> Userspace might have more difficulty working around the issues mentioned
> in this thread. They would still need a guarantee that the PF PASID
> configuration doesn't change at runtime, and they wouldn't have the
> ability to talk to a vendor driver to figure out where to place the fake
> PASID capability.

Couldn't we do this with the DEVICE_FEATURE ioctl we just added? A
user could set a PASID user or get a capability offset, where vfio-pci
would plumb these through to whatever PF/vendor driver provides that
interface, just as if it was implemented in the vfio-pci driver. But
that still lets us leave the policy of inserting a capability and using
the IOMMU to implement the bits to the user/QEMU. Thanks,

Alex

Next message: Tejun Heo: "Re: [PATCH 5/8] kernfs: let objects opt-in to propagating from the initial namespace"
Previous message: Chris Paterson: "RE: [PATCH 4.4 00/29] 4.4.219-rc1 review"
In reply to: Jean-Philippe Brucker: "Re: [PATCH v1 2/2] vfio/pci: Emulate PASID/PRI capability for VFs"
Next in thread: Raj, Ashok: "Re: [PATCH v1 2/2] vfio/pci: Emulate PASID/PRI capability for VFs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]