All of lore.kernel.org
 help / color / mirror / Atom feed
From: Julien Grall <julien@xen.org>
To: "Roger Pau Monné" <roger.pau@citrix.com>
Cc: Stefano Stabellini <sstabellini@kernel.org>,
	Oleksandr Andrushchenko <andr2000@gmail.com>,
	Bertrand Marquis <Bertrand.Marquis@arm.com>,
	Oleksandr <olekstysh@gmail.com>,
	xen-devel <xen-devel@lists.xenproject.org>,
	alex.bennee@linaro.org, Artem Mygaiev <joculator@gmail.com>
Subject: Re: Virtio in Xen on Arm (based on IOREQ concept)
Date: Tue, 21 Jul 2020 14:32:38 +0100	[thread overview]
Message-ID: <606db7cd-123a-f824-7eb3-689d74215f47@xen.org> (raw)
In-Reply-To: <20200721132503.GP7191@Air-de-Roger>

Hi Roger,

On 21/07/2020 14:25, Roger Pau Monné wrote:
> On Tue, Jul 21, 2020 at 01:31:48PM +0100, Julien Grall wrote:
>> Hi Stefano,
>>
>> On 20/07/2020 21:37, Stefano Stabellini wrote:
>>> On Mon, 20 Jul 2020, Roger Pau Monné wrote:
>>>> On Mon, Jul 20, 2020 at 10:40:40AM +0100, Julien Grall wrote:
>>>>>
>>>>>
>>>>> On 20/07/2020 10:17, Roger Pau Monné wrote:
>>>>>> On Fri, Jul 17, 2020 at 09:34:14PM +0300, Oleksandr wrote:
>>>>>>> On 17.07.20 18:00, Roger Pau Monné wrote:
>>>>>>>> On Fri, Jul 17, 2020 at 05:11:02PM +0300, Oleksandr Tyshchenko wrote:
>>>>>>>> Do you have any plans to try to upstream a modification to the VirtIO
>>>>>>>> spec so that grants (ie: abstract references to memory addresses) can
>>>>>>>> be used on the VirtIO ring?
>>>>>>>
>>>>>>> But VirtIO spec hasn't been modified as well as VirtIO infrastructure in the
>>>>>>> guest. Nothing to upsteam)
>>>>>>
>>>>>> OK, so there's no intention to add grants (or a similar interface) to
>>>>>> the spec?
>>>>>>
>>>>>> I understand that you want to support unmodified VirtIO frontends, but
>>>>>> I also think that long term frontends could negotiate with backends on
>>>>>> the usage of grants in the shared ring, like any other VirtIO feature
>>>>>> negotiated between the frontend and the backend.
>>>>>>
>>>>>> This of course needs to be on the spec first before we can start
>>>>>> implementing it, and hence my question whether a modification to the
>>>>>> spec in order to add grants has been considered.
>>>>> The problem is not really the specification but the adoption in the
>>>>> ecosystem. A protocol based on grant-tables would mostly only be used by Xen
>>>>> therefore:
>>>>>      - It may be difficult to convince a proprietary OS vendor to invest
>>>>> resource on implementing the protocol
>>>>>      - It would be more difficult to move in/out of Xen ecosystem.
>>>>>
>>>>> Both, may slow the adoption of Xen in some areas.
>>>>
>>>> Right, just to be clear my suggestion wasn't to force the usage of
>>>> grants, but whether adding something along this lines was in the
>>>> roadmap, see below.
>>>>
>>>>> If one is interested in security, then it would be better to work with the
>>>>> other interested parties. I think it would be possible to use a virtual
>>>>> IOMMU for this purpose.
>>>>
>>>> Yes, I've also heard rumors about using the (I assume VirtIO) IOMMU in
>>>> order to protect what backends can map. This seems like a fine idea,
>>>> and would allow us to gain the lost security without having to do the
>>>> whole work ourselves.
>>>>
>>>> Do you know if there's anything published about this? I'm curious
>>>> about how and where in the system the VirtIO IOMMU is/should be
>>>> implemented.
>>>
>>> Not yet (as far as I know), but we have just started some discussons on
>>> this topic within Linaro.
>>>
>>>
>>> You should also be aware that there is another proposal based on
>>> pre-shared-memory and memcpys to solve the virtio security issue:
>>>
>>> https://marc.info/?l=linux-kernel&m=158807398403549
>>>
>>> It would be certainly slower than the "virtio IOMMU" solution but it
>>> would take far less time to develop and could work as a short-term
>>> stop-gap.
>>
>> I don't think I agree with this blank statement. In the case of "virtio
>> IOMMU", you would need to potentially map/unmap pages every request which
>> would result to a lot of back and forth to the hypervisor.
>>
>> So it may turn out that pre-shared-memory may be faster on some setup.
> 
> AFAICT you could achieve the same with an IOMMU: pre-share (ie: add to
> the device IOMMU page tables) a bunch of pages and keep bouncing data
> to/from them in order to interact with the device, that way you could
> avoid the map and unmaps (and is effectively how persistent grants
> work in the blkif protocol).

Yes it is possible to do the same with the virtio IOMMU. I was more 
arguing on the statement that pre-shared-memory is going to be slower 
than the IOMMU case.

> 
> The thread referenced by Stefano seems to point out this shared memory
> model is targeted for very limited hypervisors that don't have the
> capacity to trap, decode and emulate accesses to memory?

Technically we are in the same case for Xen on Arm as we don't have the 
IOREQ support yet. But I think IOREQ is worthwhile as it would enable 
existing unmodified Linux with virtio driver to boot on Xen.

Cheers,

-- 
Julien Grall


  reply	other threads:[~2020-07-21 13:32 UTC|newest]

Thread overview: 38+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-07-17 14:11 Virtio in Xen on Arm (based on IOREQ concept) Oleksandr Tyshchenko
2020-07-17 15:00 ` Roger Pau Monné
2020-07-17 18:34   ` Oleksandr
2020-07-20  9:17     ` Roger Pau Monné
2020-07-20  9:40       ` Julien Grall
2020-07-20 10:20         ` Roger Pau Monné
2020-07-20 20:37           ` Stefano Stabellini
2020-07-21 12:31             ` Julien Grall
2020-07-21 13:25               ` Roger Pau Monné
2020-07-21 13:32                 ` Julien Grall [this message]
2020-07-21 13:40                   ` Roger Pau Monné
2020-07-21 14:09               ` Alex Bennée
2020-07-21 16:14                 ` Stefano Stabellini
2020-07-20 10:56       ` Oleksandr
2020-07-20 11:09         ` Roger Pau Monné
2020-07-20 20:40           ` Stefano Stabellini
2020-07-21 12:43             ` Oleksandr
2020-07-20 20:38     ` Stefano Stabellini
2020-07-21 12:26       ` Oleksandr
2020-07-21 13:43         ` Julien Grall
2020-07-21 14:32           ` André Przywara
2020-07-21 14:52             ` Oleksandr
2020-07-21 14:58               ` André Przywara
2020-07-21 16:09                 ` Oleksandr
2020-07-21 17:02                   ` André Przywara
2020-07-21 13:22       ` Julien Grall
2020-07-21 14:15         ` Alex Bennée
2020-07-21 14:40           ` Julien Grall
2020-07-21 16:42             ` Stefano Stabellini
2020-07-21 14:27     ` Julien Grall
2020-07-21 17:24       ` Oleksandr
2020-07-21 18:16       ` Oleksandr
2020-07-21 21:12         ` Julien Grall
2020-07-22  8:21           ` Roger Pau Monné
2020-07-22 10:47             ` Julien Grall
2020-07-22 11:10               ` Roger Pau Monné
2020-07-22 11:17                 ` Julien Grall
2020-07-22 11:37                   ` Roger Pau Monné

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=606db7cd-123a-f824-7eb3-689d74215f47@xen.org \
    --to=julien@xen.org \
    --cc=Bertrand.Marquis@arm.com \
    --cc=alex.bennee@linaro.org \
    --cc=andr2000@gmail.com \
    --cc=joculator@gmail.com \
    --cc=olekstysh@gmail.com \
    --cc=roger.pau@citrix.com \
    --cc=sstabellini@kernel.org \
    --cc=xen-devel@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.