RE: [PATCH v3 02/14] iommu: Report domain nesting info
From: Tian, Kevin
Date: Mon Jun 29 2020 - 22:00:55 EST
> From: Liu, Yi L <yi.l.liu@xxxxxxxxx>
> Sent: Monday, June 29, 2020 8:23 PM
>
> Hi Stefan,
>
> > From: Stefan Hajnoczi <stefanha@xxxxxxxxx>
> > Sent: Monday, June 29, 2020 5:25 PM
> >
> > On Wed, Jun 24, 2020 at 01:55:15AM -0700, Liu Yi L wrote:
> > > +/*
> > > + * struct iommu_nesting_info - Information for nesting-capable IOMMU.
> > > + * user space should check it before using
> > > + * nesting capability.
> > > + *
> > > + * @size: size of the whole structure
> > > + * @format: PASID table entry format, the same definition with
> > > + * @format of struct iommu_gpasid_bind_data.
> > > + * @features: supported nesting features.
> > > + * @flags: currently reserved for future extension.
> > > + * @data: vendor specific cap info.
> > > + *
> > > + * +---------------+----------------------------------------------------+
> > > + * | feature | Notes |
> > > + *
> >
> +===============+===============================================
> ====
> > =+
> > > + * | SYSWIDE_PASID | Kernel manages PASID in system wide, PASIDs
> used |
> > > + * | | in the system should be allocated by host kernel |
> > > + * +---------------+----------------------------------------------------+
> > > + * | BIND_PGTBL | bind page tables to host PASID, the PASID could |
> > > + * | | either be a host PASID passed in bind request or |
> > > + * | | default PASIDs (e.g. default PASID of aux-domain) |
> > > + * +---------------+----------------------------------------------------+
> > > + * | CACHE_INVLD | mandatory feature for nesting capable IOMMU
> |
> > > + * +---------------+----------------------------------------------------+
> >
> > This feature description is vague about what CACHE_INVLD does and how
> to
> > use it. If I understand correctly, the presence of this feature means
> > that VFIO_IOMMU_NESTING_OP_CACHE_INVLD must be used?
> >
> > The same kind of clarification could be done for SYSWIDE_PASID and
> > BIND_PGTBL too.
>
> For SYSWIDE_PASID and BIND_PGTBL, yes, presence of the feature bit
> means must use. So the two are requirements to user space if it wants
> to setup nesting. While for CACHE_INVLD, it's kind of availability
> here. How about removing CACHE_INVLD as presence of BIND_PGTBL should
> indicates support of CACHE_INVLD?
>
So far this assumption is correct but it may not be true when thinking forward.
For example, a vendor might find a way to allow the owner of 1st-level page
table to directly invalidate cache w/o going through host IOMMU driver. From
this angle I feel explicitly reporting this capability is more robust.
Regarding to the description, what about below?
--
SYSWIDE_PASID: PASIDs are managed in system-wide, instead of per device.
When a device is assigned to userspace or VM, proper uAPI (provided by
userspace driver framework, e.g. VFIO) must be used to allocate/free PASIDs
for the assigned device.
BIND_PGTBL: The owner of the first-level/stage-1 page table must explicitly
bind the page table to associated PASID (either the one specified in bind
request or the default PASID of the iommu domain), through VFIO_IOMMU
_NESTING_OP
CACHE_INVLD: The owner of the first-level/stage-1 page table must
explicitly invalidate the IOMMU cache through VFIO_IOMMU_NESTING_OP,
according to vendor-specific requirement when changing the page table.
--
Thanks
Kevin