From: Dan Williams <dan.j.williams@intel.com>
To: "Hindman, Gavin" <gavin.hindman@intel.com>
Cc: Lukas Wunner <lukas@wunner.de>,
Jonathan Cameron <Jonathan.Cameron@huawei.com>,
Linuxarm <linuxarm@huawei.com>,
"Weiny, Ira" <ira.weiny@intel.com>,
Linux PCI <linux-pci@vger.kernel.org>,
"linux-cxl@vger.kernel.org" <linux-cxl@vger.kernel.org>,
CHUCK_LEVER <chuck.lever@oracle.com>
Subject: Re: [RFC PATCH 0/1] DOE usage with pcie/portdrv
Date: Wed, 11 May 2022 14:04:24 -0700 [thread overview]
Message-ID: <CAPcyv4hpLnC7JV5Jj+h92jrz6ye8mtWzyRZeoe3FmydxYD3Waw@mail.gmail.com> (raw)
In-Reply-To: <DM4PR11MB5373D8BCF189EAECA8F22D7EFFC89@DM4PR11MB5373.namprd11.prod.outlook.com>
On Wed, May 11, 2022 at 1:22 PM Hindman, Gavin <gavin.hindman@intel.com> wrote:
>
>
>
> >-----Original Message-----
> >From: Dan Williams <dan.j.williams@intel.com>
> >Sent: Wednesday, May 11, 2022 12:42 PM
> >To: Lukas Wunner <lukas@wunner.de>
> >Cc: Jonathan Cameron <Jonathan.Cameron@huawei.com>; Hindman, Gavin
> ><gavin.hindman@intel.com>; Linuxarm <linuxarm@huawei.com>; Weiny, Ira
> ><ira.weiny@intel.com>; Linux PCI <linux-pci@vger.kernel.org>; linux-
> >cxl@vger.kernel.org; CHUCK_LEVER <chuck.lever@oracle.com>
> >Subject: Re: [RFC PATCH 0/1] DOE usage with pcie/portdrv
> >
> >On Wed, May 11, 2022 at 12:14 PM Lukas Wunner <lukas@wunner.de> wrote:
> >>
> >> On Mon, May 09, 2022 at 10:48:06AM +0100, Jonathan Cameron wrote:
> >> > On Sat, 7 May 2022 12:18:48 +0200 Lukas Wunner <lukas@wunner.de>
> >wrote:
> >> > > I'm still somewhat undecided on the kernel vs. user space question.
> >> >
> >> > Likewise. I feel a few more prototypes are needed to come to clear
> >> > conclusion.
> >>
> >> Gavin Hindman (+cc) raised an important point off-list:
> >>
> >> When an IDE-capable device is runtime suspended to D3hot and later
> >> runtime resumed to D0, it may not preserve its internal state.
> >> (The No_Soft_Reset bit in the Power Management Control/Status Register
> >> tells us whether the device is capable of preserving internal state
> >> over a transition to D3hot, see PCIe r6.0, sec. 7.5.2.2.)
> >
> >I think power-management effects relative to IDE is a soft spot of the
> >specification. If the link goes down then yes, IDE needs to be re-established,
> >but as far as I can see that's a policy tradeoff to support runtime reset or
> >support link encryption.
> >
> >> Likewise, when an IDE-capable device is reset (e.g. due to Downstream
> >> Port Containment, AER or a bus reset initiated by user space),
> >> internal state is lost and must be reconstructed by pci_restore_state().
> >> That state includes the SPDM session or IDE encryption.
> >>
> >> If setting up an SPDM session is dependent on user space, the kernel
> >> would have to leave a device in an inoperable state after runtime
> >> resume or reset, until user space gets around to initiate SPDM.
> >
> >Yes, this seems acceptable from the perspective of server platforms that can
> >make the power management vs security tradeoff.
> >
>
> Agree, though more and more we need to be thinking about sustainability and cost-of-ownership and having to keep devices awake in order to meet security goals is somewhat contrary to that objective. I fully realize those are not technical constraints, but IMO should still be considered. Latency for deadline-driven tasks was my original consideration, not just security - power-management features commonly get turned off due to resume latency, and this would appear to have the potential to extend resume latencies even in kernel, let alone waiting for user-space response. Again, obviously not a hard design constraint, but seems worthy of consideration
Keep in mind that kernel managed IDE is not much more than a stop-gap
to fully attesting that devices are within a goven trusted compute
boundary. In that model the kernel is not trusted to establish that
validation. Instead that role is reserved for a trusted platform
entity. So yes, those are important considerations, but they do not
read on the kernel implementation in the near term.
next prev parent reply other threads:[~2022-05-11 21:04 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-03 15:34 [RFC PATCH 0/1] DOE usage with pcie/portdrv Jonathan Cameron
2022-05-03 15:34 ` [RFC PATCH 1/1] pcie/portdrv: Hack in DOE and CDAT support Jonathan Cameron
2022-05-06 22:40 ` [RFC PATCH 0/1] DOE usage with pcie/portdrv Dan Williams
2022-05-07 10:18 ` Lukas Wunner
2022-05-09 9:48 ` Jonathan Cameron
2022-05-11 19:13 ` Lukas Wunner
2022-05-11 19:19 ` Lukas Wunner
2022-05-11 19:43 ` Dan Williams
2022-05-14 13:55 ` Lukas Wunner
2022-05-16 17:01 ` Dan Williams
2022-05-27 9:39 ` Lukas Wunner
2022-05-18 13:43 ` Christoph Hellwig
2022-05-18 15:08 ` Dan Williams
2022-05-20 5:42 ` Lukas Wunner
2022-05-20 15:37 ` Dan Williams
2022-05-20 15:42 ` Chuck Lever III
2022-05-11 19:42 ` Dan Williams
2022-05-11 20:22 ` Hindman, Gavin
2022-05-11 21:04 ` Dan Williams [this message]
2022-05-14 13:31 ` Lukas Wunner
2022-05-16 16:53 ` Dan Williams
2022-05-09 9:33 ` Jonathan Cameron
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAPcyv4hpLnC7JV5Jj+h92jrz6ye8mtWzyRZeoe3FmydxYD3Waw@mail.gmail.com \
--to=dan.j.williams@intel.com \
--cc=Jonathan.Cameron@huawei.com \
--cc=chuck.lever@oracle.com \
--cc=gavin.hindman@intel.com \
--cc=ira.weiny@intel.com \
--cc=linux-cxl@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=linuxarm@huawei.com \
--cc=lukas@wunner.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).