| Message ID | 20230724110406.107212-2-yi.l.liu@intel.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:9010:0:b0:3e4:2afc:c1 with SMTP id l16csp1733905vqg;
Mon, 24 Jul 2023 04:32:10 -0700 (PDT)
X-Google-Smtp-Source:
APBJJlG2bMh6gBXAUKvWpwbDdx7dipdQsy6JMuEd2kHHtXlY0J3h9eU4qV+He0Z6jrG/HvBPeaPb
X-Received: by 2002:a05:6358:6f1d:b0:134:c37f:4b63 with SMTP id
r29-20020a0563586f1d00b00134c37f4b63mr7506003rwn.2.1690198329759;
Mon, 24 Jul 2023 04:32:09 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1690198329; cv=none;
d=google.com; s=arc-20160816;
b=n5KTeB63pfXFcTUn2y3v/hVAJl8TxkOREFKtnMHG1z3ud3pQqPbnNf2DRlE1hAStmT
3OOmBAyaX1G5HAPiRcuesIDpg7jJVe1zKtmfCrPG7TL74LUXD+CasDHA4n3ZUEQeAlOI
uFLpLgmqYdp5vJYn11pcPr7hk0c2dc0BoDZi7J2wFIO9q+TyOQScSgNAKx5M5YVvMU8E
ESREOS1/NNZTEFDBxQBphyw2Ov+XtE06XQhb+eQq2jFbw2Q40DVoru37G/rNBRFhCoyO
Fnp2bEo7VdoIRChr3H02kO1Xyu6zTLntTEM9PxO9MRuxZLgLTDt6Or3t9XmsY7NoMVZc
yWDw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:references:in-reply-to:message-id:date:subject:cc:to:from
:dkim-signature;
bh=TdCCqW6CwmU+Z6qtILQdbzolgESIQSGAvbL7V08947c=;
fh=25kVo4cotgMzE250R6E3K5ES7E7C2JawiavlW0h5mKU=;
b=TB+2msCziju+Vu2n52mE+fsnP4sDp487YhJYSUaqHC1SYZoMjH1wmvRDHXx1GyfD0Q
QRZdGHZYl6lQ+mvGsdXXnX3wDvr2+hvou0Pd3+TiKIIrNOLG60TYFSnHhYZ722EFud8P
kVjzd6iTV7xijShRfzt04QKD/739kaSx15leeYVxUzTqZnPTx27pRecm/vZluWoAM/4q
UxwSUxatDzfPggwNexsVp/XTeaJ08WeKPIqEV9xiKtLvIukq5Q64BjbOnxjjGwtdI74n
U95/U4EAltoRlrwMkn0H00cLn626P6QzFRXlTZUlptU9CQ/t4e1iYHHjbpuFcxcsg+zh
QHxw==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@intel.com header.s=Intel header.b=QnDquC3p;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
i4-20020a633c44000000b00563ab5598f1si2518666pgn.307.2023.07.24.04.31.56;
Mon, 24 Jul 2023 04:32:09 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@intel.com header.s=Intel header.b=QnDquC3p;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S233369AbjGXLEQ (ORCPT <rfc822;kautuk.consul.80@gmail.com>
+ 99 others); Mon, 24 Jul 2023 07:04:16 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57840 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S233355AbjGXLEM (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Mon, 24 Jul 2023 07:04:12 -0400
Received: from mga04.intel.com (mga04.intel.com [192.55.52.120])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 20D4CFF;
Mon, 24 Jul 2023 04:04:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
t=1690196651; x=1721732651;
h=from:to:cc:subject:date:message-id:in-reply-to:
references:mime-version:content-transfer-encoding;
bh=3GrlJi/a+lAeB3GC1MTYxABhNsVM8smyv4iDkQdAdoU=;
b=QnDquC3pUlhL8g8YXlCBufINSAsksrjBsibDgaJK0gEW8/4QQupcxHxN
SlAIlQauqa5mwGiuZOfEstq9iKv06U48CstVlhZf66ACUzNrUJ7VGNgTh
BqleQjxklew/7OIb1cj/uxjX3tlYcBEwvjLwYu3DrFBA1QecBuYRLY9Cf
Q0gRii8nISkcJTR1cwaTZ7iS79fzrnakDysvXNNKt56hf+/d726NMHh3W
qMKXIa8rIKdSrU6BXgkfbG6dzc4RzXo6k9UhbgmifM498U2ZmNVpo4z/I
B3x1ONWF8vJAHSsxO5iXsl8iI+Tk0zgyGJtAeEmGTOATtvY1g3k/BNrRe
g==;
X-IronPort-AV: E=McAfee;i="6600,9927,10780"; a="366301779"
X-IronPort-AV: E=Sophos;i="6.01,228,1684825200";
d="scan'208";a="366301779"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
24 Jul 2023 04:04:10 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10780"; a="815775745"
X-IronPort-AV: E=Sophos;i="6.01,228,1684825200";
d="scan'208";a="815775745"
Received: from 984fee00a4c6.jf.intel.com ([10.165.58.231])
by FMSMGA003.fm.intel.com with ESMTP; 24 Jul 2023 04:04:09 -0700
From: Yi Liu <yi.l.liu@intel.com>
To: joro@8bytes.org, alex.williamson@redhat.com, jgg@nvidia.com,
kevin.tian@intel.com, robin.murphy@arm.com,
baolu.lu@linux.intel.com
Cc: cohuck@redhat.com, eric.auger@redhat.com, nicolinc@nvidia.com,
kvm@vger.kernel.org, mjrosato@linux.ibm.com,
chao.p.peng@linux.intel.com, yi.l.liu@intel.com,
yi.y.sun@linux.intel.com, peterx@redhat.com, jasowang@redhat.com,
shameerali.kolothum.thodi@huawei.com, lulu@redhat.com,
suravee.suthikulpanit@amd.com, iommu@lists.linux.dev,
linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org,
zhenzhong.duan@intel.com
Subject: [PATCH v3 01/17] iommu: Add new iommu op to create domains owned by
userspace
Date: Mon, 24 Jul 2023 04:03:50 -0700
Message-Id: <20230724110406.107212-2-yi.l.liu@intel.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20230724110406.107212-1-yi.l.liu@intel.com>
References: <20230724110406.107212-1-yi.l.liu@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham
autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1772301403668366723
X-GMAIL-MSGID: 1772301403668366723
|
| Series |
iommufd: Add nesting infrastructure
|
|
Commit Message
Yi Liu
July 24, 2023, 11:03 a.m. UTC
From: Lu Baolu <baolu.lu@linux.intel.com> Introduce a new iommu_domain op to create domains owned by userspace, e.g. through iommufd. These domains have a few different properties compares to kernel owned domains: - They may be UNMANAGED domains, but created with special parameters. For instance aperture size changes/number of levels, different IOPTE formats, or other things necessary to make a vIOMMU work - We have to track all the memory allocations with GFP_KERNEL_ACCOUNT to make the cgroup sandbox stronger - Device-specialty domains, such as NESTED domains can be created by iommufd. The new op clearly says the domain is being created by IOMMUFD, that the domain is intended for userspace use, and it provides a way to pass a driver specific uAPI structure to customize the created domain to exactly what the vIOMMU userspace driver requires. iommu drivers that cannot support VFIO/IOMMUFD should not support this op. This includes any driver that cannot provide a fully functional UNMANAGED domain. This op chooses to make the special parameters opaque to the core. This suits the current usage model where accessing any of the IOMMU device special parameters does require a userspace driver that matches the kernel driver. If a need for common parameters, implemented similarly by several drivers, arises then there is room in the design to grow a generic parameter set as well. This new op for now is only supposed to be used by iommufd, hence no wrapper for it. iommufd would call the callback directly. As for domain free, iommufd would use iommu_domain_free(). enum iommu_hwpt_type is defined to differentiate the user parameters use by different usages. For the allocations that don't require user parameter, IOMMU_HWPT_TYPE_DEFAULT is defined for backward compatibility. Other types would be added by future iommu vendor driver extensions. Suggested-by: Jason Gunthorpe <jgg@nvidia.com> Signed-off-by: Lu Baolu <baolu.lu@linux.intel.com> Co-developed-by: Nicolin Chen <nicolinc@nvidia.com> Signed-off-by: Nicolin Chen <nicolinc@nvidia.com> Signed-off-by: Yi Liu <yi.l.liu@intel.com> --- include/linux/iommu.h | 20 ++++++++++++++++++++ include/uapi/linux/iommufd.h | 8 ++++++++ 2 files changed, 28 insertions(+)
Comments
> From: Yi Liu <yi.l.liu@intel.com> > Sent: Monday, July 24, 2023 7:04 PM > > + * @domain_alloc_user: allocate a user iommu domain corresponding to > the input > + * @hwpt_type that is defined as enum iommu_hwpt_type in the > + * include/uapi/linux/iommufd.h. A returning domain will be > + * set to an IOMMU_DOMAIN_NESTED type, upon valid > @user_data > + * and @parent that is a kernel-managed domain. Otherwise, > + * it will be set to an IOMMU_DOMAIN_UNMANAGED type. > Return > + * ERR_PTR on allocation failure. "If @user_data is valid and @parent points to a kernel-managed domain, the returning domain is set to IOMMU_DOMAIN_NESTED type. Otherwise it is set to IOMMU_DOMAIN_UNMANAGED type." Reviewed-by: Kevin Tian <kevin.tian@intel.com>
On Fri, Jul 28, 2023 at 09:37:21AM +0000, Tian, Kevin wrote: > > From: Yi Liu <yi.l.liu@intel.com> > > Sent: Monday, July 24, 2023 7:04 PM > > > > + * @domain_alloc_user: allocate a user iommu domain corresponding to > > the input > > + * @hwpt_type that is defined as enum iommu_hwpt_type in the > > + * include/uapi/linux/iommufd.h. A returning domain will be > > + * set to an IOMMU_DOMAIN_NESTED type, upon valid > > @user_data > > + * and @parent that is a kernel-managed domain. Otherwise, > > + * it will be set to an IOMMU_DOMAIN_UNMANAGED type. > > Return > > + * ERR_PTR on allocation failure. > > "If @user_data is valid and @parent points to a kernel-managed domain, > the returning domain is set to IOMMU_DOMAIN_NESTED type. Otherwise > it is set to IOMMU_DOMAIN_UNMANAGED type." "If @user_data is valid and @parent points to a kernel-managed domain, then the returned domain must be the IOMMU_DOMAIN_NESTED type. Otherwise the returned domain is IOMMU_DOMAIN_UNMANAGED." Notice the detail that this API expects the driver to set the type and fully initialize the domain, including the generic iommu_domain struct, which is different than alloc_domain. When we implement this in drivers we should tidy this so all the alloc flows fully initialize the domain internally. Jason
> From: Jason Gunthorpe <jgg@nvidia.com> > Sent: Saturday, July 29, 2023 12:56 AM > > On Fri, Jul 28, 2023 at 09:37:21AM +0000, Tian, Kevin wrote: > > > From: Yi Liu <yi.l.liu@intel.com> > > > Sent: Monday, July 24, 2023 7:04 PM > > > > > > + * @domain_alloc_user: allocate a user iommu domain corresponding to > > > the input > > > + * @hwpt_type that is defined as enum iommu_hwpt_type in the > > > + * include/uapi/linux/iommufd.h. A returning domain will be > > > + * set to an IOMMU_DOMAIN_NESTED type, upon valid > > > @user_data > > > + * and @parent that is a kernel-managed domain. Otherwise, > > > + * it will be set to an IOMMU_DOMAIN_UNMANAGED type. > > > Return > > > + * ERR_PTR on allocation failure. > > > > "If @user_data is valid and @parent points to a kernel-managed domain, > > the returning domain is set to IOMMU_DOMAIN_NESTED type. Otherwise > > it is set to IOMMU_DOMAIN_UNMANAGED type." > > "If @user_data is valid and @parent points to a kernel-managed domain, > then the returned domain must be the IOMMU_DOMAIN_NESTED type. Otherwise > the returned domain is IOMMU_DOMAIN_UNMANAGED." > > Notice the detail that this API expects the driver to set the type and > fully initialize the domain, including the generic iommu_domain > struct, which is different than alloc_domain. > > When we implement this in drivers we should tidy this so all the alloc > flows fully initialize the domain internally. Yes. this should be documented in the kdoc. Is it? Regards, Yi Liu
On Mon, Jul 31, 2023 at 12:44:25PM +0000, Liu, Yi L wrote: > > From: Jason Gunthorpe <jgg@nvidia.com> > > Sent: Saturday, July 29, 2023 12:56 AM > > > > On Fri, Jul 28, 2023 at 09:37:21AM +0000, Tian, Kevin wrote: > > > > From: Yi Liu <yi.l.liu@intel.com> > > > > Sent: Monday, July 24, 2023 7:04 PM > > > > > > > > + * @domain_alloc_user: allocate a user iommu domain corresponding to > > > > the input > > > > + * @hwpt_type that is defined as enum iommu_hwpt_type in the > > > > + * include/uapi/linux/iommufd.h. A returning domain will be > > > > + * set to an IOMMU_DOMAIN_NESTED type, upon valid > > > > @user_data > > > > + * and @parent that is a kernel-managed domain. Otherwise, > > > > + * it will be set to an IOMMU_DOMAIN_UNMANAGED type. > > > > Return > > > > + * ERR_PTR on allocation failure. > > > > > > "If @user_data is valid and @parent points to a kernel-managed domain, > > > the returning domain is set to IOMMU_DOMAIN_NESTED type. Otherwise > > > it is set to IOMMU_DOMAIN_UNMANAGED type." > > > > "If @user_data is valid and @parent points to a kernel-managed domain, > > then the returned domain must be the IOMMU_DOMAIN_NESTED type. Otherwise > > the returned domain is IOMMU_DOMAIN_UNMANAGED." > > > > Notice the detail that this API expects the driver to set the type and > > fully initialize the domain, including the generic iommu_domain > > struct, which is different than alloc_domain. > > > > When we implement this in drivers we should tidy this so all the alloc > > flows fully initialize the domain internally. > > Yes. this should be documented in the kdoc. Is it? Yeah, maybe it should be mentioned Jason
On Fri, Jul 28, 2023 at 01:56:05PM -0300, Jason Gunthorpe wrote: > On Fri, Jul 28, 2023 at 09:37:21AM +0000, Tian, Kevin wrote: > > > From: Yi Liu <yi.l.liu@intel.com> > > > Sent: Monday, July 24, 2023 7:04 PM > > > > > > + * @domain_alloc_user: allocate a user iommu domain corresponding to > > > the input > > > + * @hwpt_type that is defined as enum iommu_hwpt_type in the > > > + * include/uapi/linux/iommufd.h. A returning domain will be > > > + * set to an IOMMU_DOMAIN_NESTED type, upon valid > > > @user_data > > > + * and @parent that is a kernel-managed domain. Otherwise, > > > + * it will be set to an IOMMU_DOMAIN_UNMANAGED type. > > > Return > > > + * ERR_PTR on allocation failure. > > > > "If @user_data is valid and @parent points to a kernel-managed domain, > > the returning domain is set to IOMMU_DOMAIN_NESTED type. Otherwise > > it is set to IOMMU_DOMAIN_UNMANAGED type." > > "If @user_data is valid and @parent points to a kernel-managed domain, > then the returned domain must be the IOMMU_DOMAIN_NESTED type. Otherwise > the returned domain is IOMMU_DOMAIN_UNMANAGED." > > Notice the detail that this API expects the driver to set the type and > fully initialize the domain, including the generic iommu_domain > struct, which is different than alloc_domain. > > When we implement this in drivers we should tidy this so all the alloc > flows fully initialize the domain internally. Changed to: + * @domain_alloc_user: allocate a user iommu domain corresponding to the input + * @hwpt_type that is defined as enum iommu_hwpt_type in the + * include/uapi/linux/iommufd.h. Different from domain_alloc + * it requires iommu driver to fully initialize a new domain + * including the generic iommu_domain struct. Upon success, + * if the @user_data is valid and the @parent points to a + * kernel-managed domain, the type of the new domain must be + * IOMMU_DOMAIN_NESTED, otherwise be IOMMU_DOMAIN_UNMANAGED. + * Upon failure, ERR_PTR must be returned. Thanks Nic
diff --git a/include/linux/iommu.h b/include/linux/iommu.h index 4199e13b34e6..ecbec2627b63 100644 --- a/include/linux/iommu.h +++ b/include/linux/iommu.h @@ -226,6 +226,15 @@ struct iommu_iotlb_gather { bool queued; }; +/* + * The user data to allocate a specific type user iommu domain + * + * This includes the corresponding driver data structures in + * include/uapi/linux/iommufd.h. + */ +union iommu_domain_user_data { +}; + /** * struct iommu_ops - iommu ops and capabilities * @capable: check capability @@ -235,6 +244,13 @@ struct iommu_iotlb_gather { * after use. Return the data buffer if success, or ERR_PTR on * failure. * @domain_alloc: allocate iommu domain + * @domain_alloc_user: allocate a user iommu domain corresponding to the input + * @hwpt_type that is defined as enum iommu_hwpt_type in the + * include/uapi/linux/iommufd.h. A returning domain will be + * set to an IOMMU_DOMAIN_NESTED type, upon valid @user_data + * and @parent that is a kernel-managed domain. Otherwise, + * it will be set to an IOMMU_DOMAIN_UNMANAGED type. Return + * ERR_PTR on allocation failure. * @probe_device: Add device to iommu driver handling * @release_device: Remove device from iommu driver handling * @probe_finalize: Do final setup work after the device is added to an IOMMU @@ -275,6 +291,10 @@ struct iommu_ops { /* Domain allocation and freeing by the iommu driver */ struct iommu_domain *(*domain_alloc)(unsigned iommu_domain_type); + struct iommu_domain *(*domain_alloc_user)(struct device *dev, + enum iommu_hwpt_type hwpt_type, + struct iommu_domain *parent, + const union iommu_domain_user_data *user_data); struct iommu_device *(*probe_device)(struct device *dev); void (*release_device)(struct device *dev); diff --git a/include/uapi/linux/iommufd.h b/include/uapi/linux/iommufd.h index 4295362e7b44..d38bc54fd5f2 100644 --- a/include/uapi/linux/iommufd.h +++ b/include/uapi/linux/iommufd.h @@ -347,6 +347,14 @@ struct iommu_vfio_ioas { }; #define IOMMU_VFIO_IOAS _IO(IOMMUFD_TYPE, IOMMUFD_CMD_VFIO_IOAS) +/** + * enum iommu_hwpt_type - IOMMU HWPT Type + * @IOMMU_HWPT_TYPE_DEFAULT: default + */ +enum iommu_hwpt_type { + IOMMU_HWPT_TYPE_DEFAULT, +}; + /** * struct iommu_hwpt_alloc - ioctl(IOMMU_HWPT_ALLOC) * @size: sizeof(struct iommu_hwpt_alloc)