LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Wei Liu <wei.liu@kernel.org>
To: Robin Murphy <robin.murphy@arm.com>
Cc: Wei Liu <wei.liu@kernel.org>,
	Linux on Hyper-V List <linux-hyperv@vger.kernel.org>,
	"K. Y. Srinivasan" <kys@microsoft.com>,
	Stephen Hemminger <sthemmin@microsoft.com>,
	pasha.tatashin@soleen.com, kumarpraveen@linux.microsoft.com,
	Will Deacon <will@kernel.org>,
	Haiyang Zhang <haiyangz@microsoft.com>,
	Dexuan Cui <decui@microsoft.com>,
	Linux Kernel List <linux-kernel@vger.kernel.org>,
	Michael Kelley <mikelley@microsoft.com>,
	"open list:IOMMU DRIVERS" <iommu@lists.linux-foundation.org>,
	Nuno Das Neves <nunodasneves@linux.microsoft.com>,
	Sunil Muthuswamy <sunilmut@microsoft.com>,
	virtualization@lists.linux-foundation.org,
	Vineeth Pillai <viremana@linux.microsoft.com>
Subject: Re: [RFC v1 6/8] mshv: command line option to skip devices in PV-IOMMU
Date: Fri, 9 Jul 2021 13:34:56 +0000	[thread overview]
Message-ID: <20210709133456.awctvxgtivjo6fuj@liuwe-devbox-debian-v2> (raw)
In-Reply-To: <1c839a00-0f5f-fdfa-cfb3-f345bef9f849@arm.com>

On Fri, Jul 09, 2021 at 01:46:19PM +0100, Robin Murphy wrote:
> On 2021-07-09 12:43, Wei Liu wrote:
> > Some devices may have been claimed by the hypervisor already. One such
> > example is a user can assign a NIC for debugging purpose.
> > 
> > Ideally Linux should be able to tell retrieve that information, but
> > there is no way to do that yet. And designing that new mechanism is
> > going to take time.
> > 
> > Provide a command line option for skipping devices. This is a stopgap
> > solution, so it is intentionally undocumented. Hopefully we can retire
> > it in the future.
> 
> Huh? If the host is using a device, why the heck is it exposing any
> knowledge of that device to the guest at all, let alone allowing the guest
> to do anything that could affect its operation!?

The host in this setup consists of the hypervisor, the root kernel and a
bunch of user space programs.

Root is not an ordinary guest. It does need to know all the hardware to
manage the platform. Hypervisor does not claim more devices than it
needs to, nor does it try to hide hardware details from the root.

The hypervisor can protect itself just fine. Any attempt to use the
already claimed devices will be blocked or rejected, so are the attempts
to attach them to device domains.

That, however, leads to some interesting interactions between the
hypervisor and Linux kernel.  When kernel initializes IOMMU during boot,
it will try to attach all devices in one go. Any failure there will
cause kernel to detach the already attached devices. That's not fatal to
kernel, and is only a minor annoyance to our current use case, because
the default domain is a passthrough domain anyway. It will become
problematic once we switch the default domain to a DMA domain to further
tighten security during Linux boot.

Wei.

> 
> Robin.
> 

  reply	other threads:[~2021-07-09 13:35 UTC|newest]

Thread overview: 35+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-07-09 11:43 [RFC v1 0/8] MSHV: add PV-IOMMU driver Wei Liu
2021-07-09 11:43 ` [RFC v1 1/8] x86/hyperv: export hv_build_pci_dev_id Wei Liu
2021-07-09 11:43 ` [RFC v1 2/8] asm-generic/hyperv: add device domain definitions Wei Liu
2021-07-09 11:43 ` [RFC v1 3/8] intel/vt-d: make DMAR table parsing code more flexible Wei Liu
2021-07-09 12:56   ` Robin Murphy
2021-07-09 13:42     ` Wei Liu
2021-07-09 11:43 ` [RFC v1 4/8] intel/vt-d: export intel_iommu_get_resv_regions Wei Liu
2021-07-09 14:17   ` Lu Baolu
2021-07-09 14:21     ` Wei Liu
2021-07-09 11:43 ` [RFC v1 5/8] mshv: add paravirtualized IOMMU support Wei Liu
2021-08-03 18:40   ` Praveen Kumar
2021-08-03 21:47     ` Wei Liu
2021-08-04  6:43       ` Praveen Kumar
2021-08-10 10:46         ` Wei Liu
2021-07-09 11:43 ` [RFC v1 6/8] mshv: command line option to skip devices in PV-IOMMU Wei Liu
2021-07-09 12:46   ` Robin Murphy
2021-07-09 13:34     ` Wei Liu [this message]
2021-08-03 18:50   ` Praveen Kumar
2021-08-03 21:56     ` Wei Liu
2021-08-04  7:03       ` Praveen Kumar
2021-08-10 10:04         ` Wei Liu
2021-07-09 11:43 ` [RFC v1 7/8] mshv: implement in-kernel device framework Wei Liu
2021-07-09 13:02   ` Matthew Wilcox
2021-07-09 13:50     ` Wei Liu
2021-07-09 15:32       ` Matthew Wilcox
2021-07-09 16:27         ` Wei Liu
2021-07-09 16:38           ` Matthew Wilcox
2021-07-09 19:14             ` Wei Liu
2021-07-09 19:48               ` Matthew Wilcox
2021-07-09 20:11                 ` Wei Liu
2021-08-03 19:12   ` Praveen Kumar
2021-08-03 22:04     ` Wei Liu
2021-07-09 11:43 ` [RFC v1 8/8] mshv: add vfio bridge device Wei Liu
2021-08-03 19:27   ` Praveen Kumar
2021-08-10 10:52     ` Wei Liu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210709133456.awctvxgtivjo6fuj@liuwe-devbox-debian-v2 \
    --to=wei.liu@kernel.org \
    --cc=decui@microsoft.com \
    --cc=haiyangz@microsoft.com \
    --cc=iommu@lists.linux-foundation.org \
    --cc=kumarpraveen@linux.microsoft.com \
    --cc=kys@microsoft.com \
    --cc=linux-hyperv@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mikelley@microsoft.com \
    --cc=nunodasneves@linux.microsoft.com \
    --cc=pasha.tatashin@soleen.com \
    --cc=robin.murphy@arm.com \
    --cc=sthemmin@microsoft.com \
    --cc=sunilmut@microsoft.com \
    --cc=viremana@linux.microsoft.com \
    --cc=virtualization@lists.linux-foundation.org \
    --cc=will@kernel.org \
    --subject='Re: [RFC v1 6/8] mshv: command line option to skip devices in PV-IOMMU' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).