From: Benjamin Herrenschmidt <benh@kernel.crashing.org>
To: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Christoph Hellwig <hch@infradead.org>,
Will Deacon <will.deacon@arm.com>,
Anshuman Khandual <khandual@linux.vnet.ibm.com>,
virtualization@lists.linux-foundation.org,
linux-kernel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
aik@ozlabs.ru, robh@kernel.org, joe@perches.com,
elfring@users.sourceforge.net, david@gibson.dropbear.id.au,
jasowang@redhat.com, mpe@ellerman.id.au, linuxram@us.ibm.com,
haren@linux.vnet.ibm.com, paulus@samba.org,
srikar@linux.vnet.ibm.com, robin.murphy@arm.com,
jean-philippe.brucker@arm.com, marc.zyngier@arm.com
Subject: Re: [RFC 0/4] Virtio uses DMA API for all devices
Date: Tue, 07 Aug 2018 09:18:44 +1000 [thread overview]
Message-ID: <8e985b8117407b256e2dd8f1c0a5c2e560ef03d7.camel@kernel.crashing.org> (raw)
In-Reply-To: <20180806233024-mutt-send-email-mst@kernel.org>
On Mon, 2018-08-06 at 23:35 +0300, Michael S. Tsirkin wrote:
> On Tue, Aug 07, 2018 at 05:56:59AM +1000, Benjamin Herrenschmidt wrote:
> > On Mon, 2018-08-06 at 16:46 +0300, Michael S. Tsirkin wrote:
> > >
> > > > Right, we'll need some quirk to disable balloons in the guest I
> > > > suppose.
> > > >
> > > > Passing something from libvirt is cumbersome because the end user may
> > > > not even need to know about secure VMs. There are use cases where the
> > > > security is a contract down to some special application running inside
> > > > the secure VM, the sysadmin knows nothing about.
> > > >
> > > > Also there's repercussions all the way to admin tools, web UIs etc...
> > > > so it's fairly wide ranging.
> > > >
> > > > So as long as we only need to quirk a couple of devices, it's much
> > > > better contained that way.
> > >
> > > So just the balloon thing already means that yes management and all the
> > > way to the user tools must know this is going on. Otherwise
> > > user will try to inflate the balloon and wonder why this does not work.
> >
> > There is *dozens* of management systems out there, not even all open
> > source, we won't ever be able to see the end of the tunnel if we need
> > to teach every single of them, including end users, about platform
> > specific new VM flags like that.
> >
> > .../...
>
> In the end I suspect you will find you have to.
Maybe... we'll tackle this if/when we have to.
For balloon I suspect it's not such a big deal because once secure, all
the guest memory goes into the secure memory which isn't visible or
accounted by the hypervisor, so there's nothing to steal but the guest
is also using no HV memory (other than the few "non-secure" pages used
for swiotlb and a couple of other kernel things).
Future versions of our secure architecture might allow to turn
arbitrary pages of memory secure/non-secure rather than relying on a
separate physical pool, in which case, the balloon will be able to work
normally.
Cheers,
Ben.
WARNING: multiple messages have this Message-ID (diff)
From: Benjamin Herrenschmidt <benh@kernel.crashing.org>
To: "Michael S. Tsirkin" <mst@redhat.com>
Cc: robh@kernel.org, srikar@linux.vnet.ibm.com, mpe@ellerman.id.au,
Will Deacon <will.deacon@arm.com>,
linux-kernel@vger.kernel.org, linuxram@us.ibm.com,
virtualization@lists.linux-foundation.org,
Christoph Hellwig <hch@infradead.org>,
jean-philippe.brucker@arm.com, paulus@samba.org,
marc.zyngier@arm.com, joe@perches.com, robin.murphy@arm.com,
david@gibson.dropbear.id.au, linuxppc-dev@lists.ozlabs.org,
elfring@users.sourceforge.net, haren@linux.vnet.ibm.com,
Anshuman Khandual <khandual@linux.vnet.ibm.com>
Subject: Re: [RFC 0/4] Virtio uses DMA API for all devices
Date: Tue, 07 Aug 2018 09:18:44 +1000 [thread overview]
Message-ID: <8e985b8117407b256e2dd8f1c0a5c2e560ef03d7.camel@kernel.crashing.org> (raw)
In-Reply-To: <20180806233024-mutt-send-email-mst@kernel.org>
On Mon, 2018-08-06 at 23:35 +0300, Michael S. Tsirkin wrote:
> On Tue, Aug 07, 2018 at 05:56:59AM +1000, Benjamin Herrenschmidt wrote:
> > On Mon, 2018-08-06 at 16:46 +0300, Michael S. Tsirkin wrote:
> > >
> > > > Right, we'll need some quirk to disable balloons in the guest I
> > > > suppose.
> > > >
> > > > Passing something from libvirt is cumbersome because the end user may
> > > > not even need to know about secure VMs. There are use cases where the
> > > > security is a contract down to some special application running inside
> > > > the secure VM, the sysadmin knows nothing about.
> > > >
> > > > Also there's repercussions all the way to admin tools, web UIs etc...
> > > > so it's fairly wide ranging.
> > > >
> > > > So as long as we only need to quirk a couple of devices, it's much
> > > > better contained that way.
> > >
> > > So just the balloon thing already means that yes management and all the
> > > way to the user tools must know this is going on. Otherwise
> > > user will try to inflate the balloon and wonder why this does not work.
> >
> > There is *dozens* of management systems out there, not even all open
> > source, we won't ever be able to see the end of the tunnel if we need
> > to teach every single of them, including end users, about platform
> > specific new VM flags like that.
> >
> > .../...
>
> In the end I suspect you will find you have to.
Maybe... we'll tackle this if/when we have to.
For balloon I suspect it's not such a big deal because once secure, all
the guest memory goes into the secure memory which isn't visible or
accounted by the hypervisor, so there's nothing to steal but the guest
is also using no HV memory (other than the few "non-secure" pages used
for swiotlb and a couple of other kernel things).
Future versions of our secure architecture might allow to turn
arbitrary pages of memory secure/non-secure rather than relying on a
separate physical pool, in which case, the balloon will be able to work
normally.
Cheers,
Ben.
next prev parent reply other threads:[~2018-08-06 23:24 UTC|newest]
Thread overview: 240+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-20 3:59 [RFC 0/4] Virtio uses DMA API for all devices Anshuman Khandual
2018-07-20 3:59 ` [RFC 1/4] virtio: Define virtio_direct_dma_ops structure Anshuman Khandual
2018-07-20 3:59 ` Anshuman Khandual
2018-07-30 9:24 ` Christoph Hellwig
2018-07-30 9:24 ` Christoph Hellwig
2018-07-31 4:01 ` Anshuman Khandual
2018-07-31 4:01 ` Anshuman Khandual
2018-07-20 3:59 ` [RFC 2/4] virtio: Override device's DMA OPS with virtio_direct_dma_ops selectively Anshuman Khandual
2018-07-20 3:59 ` Anshuman Khandual
2018-07-28 8:56 ` Anshuman Khandual
2018-07-28 8:56 ` Anshuman Khandual
2018-07-28 21:16 ` Michael S. Tsirkin
2018-07-30 4:15 ` Anshuman Khandual
2018-07-30 4:15 ` Anshuman Khandual
2018-07-30 9:30 ` Christoph Hellwig
2018-07-31 6:39 ` Anshuman Khandual
2018-07-31 6:39 ` Anshuman Khandual
2018-07-30 9:30 ` Christoph Hellwig
2018-07-28 21:16 ` Michael S. Tsirkin
2018-07-30 9:25 ` Christoph Hellwig
2018-07-31 7:00 ` Anshuman Khandual
2018-07-31 7:00 ` Anshuman Khandual
2018-07-30 9:25 ` Christoph Hellwig
2018-07-20 3:59 ` [RFC 3/4] virtio: Force virtio core to use DMA API callbacks for all virtio devices Anshuman Khandual
2018-07-20 3:59 ` Anshuman Khandual
2018-07-20 3:59 ` [RFC 4/4] virtio: Add platform specific DMA API translation for virito devices Anshuman Khandual
2018-07-20 13:15 ` Michael S. Tsirkin
2018-07-20 13:15 ` Michael S. Tsirkin
2018-07-23 2:16 ` Anshuman Khandual
2018-07-23 2:16 ` Anshuman Khandual
2018-07-25 4:30 ` Anshuman Khandual
2018-07-25 4:30 ` Anshuman Khandual
2018-07-25 13:31 ` Michael S. Tsirkin
2018-07-25 13:31 ` Michael S. Tsirkin
2018-07-20 3:59 ` Anshuman Khandual
2018-07-20 13:16 ` [RFC 0/4] Virtio uses DMA API for all devices Michael S. Tsirkin
2018-07-20 13:16 ` Michael S. Tsirkin
2018-07-23 6:28 ` Anshuman Khandual
2018-07-23 9:08 ` Michael S. Tsirkin
2018-07-23 9:08 ` Michael S. Tsirkin
2018-07-25 3:26 ` Anshuman Khandual
2018-07-27 11:31 ` Michael S. Tsirkin
2018-07-27 11:31 ` Michael S. Tsirkin
2018-07-28 8:37 ` Anshuman Khandual
2018-07-28 8:37 ` Anshuman Khandual
2018-07-25 3:26 ` Anshuman Khandual
2018-07-23 6:28 ` Anshuman Khandual
2018-07-27 9:58 ` Will Deacon
2018-07-27 9:58 ` Will Deacon
2018-07-27 9:58 ` Will Deacon
2018-07-27 10:58 ` Anshuman Khandual
2018-07-27 10:58 ` Anshuman Khandual
2018-07-30 9:34 ` Christoph Hellwig
2018-07-30 9:34 ` Christoph Hellwig
2018-07-30 10:28 ` Michael S. Tsirkin
2018-07-30 10:28 ` Michael S. Tsirkin
2018-07-30 11:18 ` Christoph Hellwig
2018-07-30 11:18 ` Christoph Hellwig
2018-07-30 13:26 ` Michael S. Tsirkin
2018-07-30 13:26 ` Michael S. Tsirkin
2018-07-31 17:30 ` Christoph Hellwig
2018-07-31 17:30 ` Christoph Hellwig
2018-07-31 20:36 ` Benjamin Herrenschmidt
2018-07-31 20:36 ` Benjamin Herrenschmidt
2018-08-01 8:16 ` Will Deacon
2018-08-01 8:16 ` Will Deacon
2018-08-01 8:36 ` Christoph Hellwig
2018-08-01 8:36 ` Christoph Hellwig
2018-08-01 8:36 ` Christoph Hellwig
2018-08-01 9:05 ` Will Deacon
2018-08-01 9:05 ` Will Deacon
2018-08-01 22:41 ` Michael S. Tsirkin
2018-08-01 22:41 ` Michael S. Tsirkin
2018-08-01 22:35 ` Michael S. Tsirkin
2018-08-01 22:35 ` Michael S. Tsirkin
2018-08-02 15:24 ` Benjamin Herrenschmidt
2018-08-02 15:24 ` Benjamin Herrenschmidt
2018-08-02 15:41 ` Michael S. Tsirkin
2018-08-02 15:41 ` Michael S. Tsirkin
2018-08-02 16:01 ` Benjamin Herrenschmidt
2018-08-02 16:01 ` Benjamin Herrenschmidt
2018-08-02 17:19 ` Michael S. Tsirkin
2018-08-02 17:19 ` Michael S. Tsirkin
2018-08-02 17:53 ` Benjamin Herrenschmidt
2018-08-02 17:53 ` Benjamin Herrenschmidt
2018-08-02 20:52 ` Michael S. Tsirkin
2018-08-02 20:52 ` Michael S. Tsirkin
2018-08-02 21:13 ` Benjamin Herrenschmidt
2018-08-02 21:13 ` Benjamin Herrenschmidt
2018-08-02 21:51 ` Michael S. Tsirkin
2018-08-02 21:51 ` Michael S. Tsirkin
2018-08-03 7:05 ` Christoph Hellwig
2018-08-03 7:05 ` Christoph Hellwig
2018-08-03 15:58 ` Benjamin Herrenschmidt
2018-08-03 15:58 ` Benjamin Herrenschmidt
2018-08-03 16:02 ` Christoph Hellwig
2018-08-03 16:02 ` Christoph Hellwig
2018-08-03 18:58 ` Benjamin Herrenschmidt
2018-08-03 18:58 ` Benjamin Herrenschmidt
2018-08-04 8:21 ` Christoph Hellwig
2018-08-04 8:21 ` Christoph Hellwig
2018-08-05 1:10 ` Benjamin Herrenschmidt
2018-08-05 1:10 ` Benjamin Herrenschmidt
2018-08-05 1:10 ` Benjamin Herrenschmidt
2018-08-05 7:29 ` Christoph Hellwig
2018-08-05 7:29 ` Christoph Hellwig
2018-08-05 21:16 ` Benjamin Herrenschmidt
2018-08-05 21:16 ` Benjamin Herrenschmidt
2018-08-05 21:30 ` Benjamin Herrenschmidt
2018-08-05 21:30 ` Benjamin Herrenschmidt
2018-08-06 9:42 ` Christoph Hellwig
2018-08-06 9:42 ` Christoph Hellwig
2018-08-06 19:52 ` Benjamin Herrenschmidt
2018-08-06 19:52 ` Benjamin Herrenschmidt
2018-08-07 6:21 ` Christoph Hellwig
2018-08-07 6:42 ` Benjamin Herrenschmidt
2018-08-07 6:42 ` Benjamin Herrenschmidt
2018-08-07 13:55 ` Christoph Hellwig
2018-08-07 20:32 ` Benjamin Herrenschmidt
2018-08-07 20:32 ` Benjamin Herrenschmidt
2018-08-08 6:31 ` Christoph Hellwig
2018-08-08 6:31 ` Christoph Hellwig
2018-08-08 10:07 ` Benjamin Herrenschmidt
2018-08-08 10:07 ` Benjamin Herrenschmidt
2018-08-08 12:30 ` Christoph Hellwig
2018-08-08 13:18 ` Benjamin Herrenschmidt
2018-08-08 13:18 ` Benjamin Herrenschmidt
2018-08-08 20:31 ` Michael S. Tsirkin
2018-08-08 22:13 ` Benjamin Herrenschmidt
2018-08-08 22:13 ` Benjamin Herrenschmidt
2018-08-09 2:00 ` Benjamin Herrenschmidt
2018-08-09 2:00 ` Benjamin Herrenschmidt
2018-08-09 5:40 ` Christoph Hellwig
2018-08-09 5:40 ` Christoph Hellwig
2018-09-07 0:09 ` Jiandi An
2018-09-10 6:19 ` Christoph Hellwig
2018-09-10 6:19 ` Christoph Hellwig
2018-09-10 8:53 ` Gerd Hoffmann
2018-09-10 8:53 ` Gerd Hoffmann
2018-08-08 20:31 ` Michael S. Tsirkin
2018-08-08 12:30 ` Christoph Hellwig
2018-08-07 13:55 ` Christoph Hellwig
2018-08-07 6:21 ` Christoph Hellwig
2018-08-03 19:07 ` Michael S. Tsirkin
2018-08-03 19:07 ` Michael S. Tsirkin
2018-08-04 1:11 ` Benjamin Herrenschmidt
2018-08-04 1:11 ` Benjamin Herrenschmidt
2018-08-04 1:16 ` Benjamin Herrenschmidt
2018-08-04 1:16 ` Benjamin Herrenschmidt
2018-08-05 0:22 ` Michael S. Tsirkin
2018-08-05 4:52 ` Benjamin Herrenschmidt
2018-08-05 4:52 ` Benjamin Herrenschmidt
2018-08-06 13:46 ` Michael S. Tsirkin
2018-08-06 19:56 ` Benjamin Herrenschmidt
2018-08-06 19:56 ` Benjamin Herrenschmidt
2018-08-06 20:35 ` Michael S. Tsirkin
2018-08-06 21:26 ` Benjamin Herrenschmidt
2018-08-06 21:26 ` Benjamin Herrenschmidt
2018-08-06 21:46 ` Michael S. Tsirkin
2018-08-06 21:46 ` Michael S. Tsirkin
2018-08-06 22:13 ` Benjamin Herrenschmidt
2018-08-06 22:13 ` Benjamin Herrenschmidt
2018-08-06 23:16 ` Benjamin Herrenschmidt
2018-08-06 23:16 ` Benjamin Herrenschmidt
2018-08-06 23:45 ` Michael S. Tsirkin
2018-08-07 0:18 ` Benjamin Herrenschmidt
2018-08-07 0:18 ` Benjamin Herrenschmidt
2018-08-07 6:32 ` Christoph Hellwig
2018-08-07 6:32 ` Christoph Hellwig
2018-08-06 23:45 ` Michael S. Tsirkin
2018-08-07 6:27 ` Christoph Hellwig
2018-08-07 6:27 ` Christoph Hellwig
2018-08-07 6:44 ` Benjamin Herrenschmidt
2018-08-07 6:44 ` Benjamin Herrenschmidt
2018-08-07 6:18 ` Christoph Hellwig
2018-08-07 6:18 ` Christoph Hellwig
2018-08-07 6:16 ` Christoph Hellwig
2018-08-07 6:16 ` Christoph Hellwig
2018-08-06 23:18 ` Benjamin Herrenschmidt [this message]
2018-08-06 23:18 ` Benjamin Herrenschmidt
2018-08-07 6:12 ` Christoph Hellwig
2018-08-07 6:12 ` Christoph Hellwig
2018-08-06 20:35 ` Michael S. Tsirkin
2018-08-06 13:46 ` Michael S. Tsirkin
2018-08-05 0:22 ` Michael S. Tsirkin
2018-08-04 1:18 ` Benjamin Herrenschmidt
2018-08-04 1:18 ` Benjamin Herrenschmidt
2018-08-04 1:22 ` Benjamin Herrenschmidt
2018-08-04 1:22 ` Benjamin Herrenschmidt
2018-08-05 0:23 ` Michael S. Tsirkin
2018-08-05 0:23 ` Michael S. Tsirkin
2018-08-03 19:17 ` Michael S. Tsirkin
2018-08-03 19:17 ` Michael S. Tsirkin
2018-08-04 8:15 ` Christoph Hellwig
2018-08-04 8:15 ` Christoph Hellwig
2018-08-05 0:09 ` Michael S. Tsirkin
2018-08-05 0:09 ` Michael S. Tsirkin
2018-08-05 1:11 ` Benjamin Herrenschmidt
2018-08-05 1:11 ` Benjamin Herrenschmidt
2018-08-05 7:25 ` Christoph Hellwig
2018-08-05 7:25 ` Christoph Hellwig
2018-08-05 0:53 ` Benjamin Herrenschmidt
2018-08-05 0:53 ` Benjamin Herrenschmidt
2018-08-05 0:27 ` Michael S. Tsirkin
2018-08-05 0:27 ` Michael S. Tsirkin
2018-08-06 14:05 ` Will Deacon
2018-08-06 14:05 ` Will Deacon
2018-08-01 21:56 ` Michael S. Tsirkin
2018-08-01 21:56 ` Michael S. Tsirkin
2018-08-02 15:33 ` Benjamin Herrenschmidt
2018-08-02 15:33 ` Benjamin Herrenschmidt
2018-08-02 20:53 ` Michael S. Tsirkin
2018-08-03 7:06 ` Christoph Hellwig
2018-08-03 7:06 ` Christoph Hellwig
2018-08-02 20:53 ` Michael S. Tsirkin
2018-08-02 20:55 ` Michael S. Tsirkin
2018-08-02 20:55 ` Michael S. Tsirkin
2018-08-03 2:41 ` Jason Wang
2018-08-03 2:41 ` Jason Wang
2018-08-03 19:08 ` Michael S. Tsirkin
2018-08-04 1:21 ` Benjamin Herrenschmidt
2018-08-04 1:21 ` Benjamin Herrenschmidt
2018-08-05 0:24 ` Michael S. Tsirkin
2018-08-05 0:24 ` Michael S. Tsirkin
2018-08-06 9:02 ` Anshuman Khandual
2018-08-06 9:02 ` Anshuman Khandual
2018-08-06 13:36 ` Michael S. Tsirkin
2018-08-06 13:36 ` Michael S. Tsirkin
2018-08-06 15:24 ` Christoph Hellwig
2018-08-06 16:06 ` Michael S. Tsirkin
2018-08-06 16:06 ` Michael S. Tsirkin
2018-08-06 16:10 ` Christoph Hellwig
2018-08-06 16:10 ` Christoph Hellwig
2018-08-06 16:13 ` Michael S. Tsirkin
2018-08-06 16:13 ` Michael S. Tsirkin
2018-08-06 16:34 ` Christoph Hellwig
2018-08-06 16:34 ` Christoph Hellwig
2018-08-06 15:24 ` Christoph Hellwig
2018-08-03 19:08 ` Michael S. Tsirkin
2018-07-20 3:59 Anshuman Khandual
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8e985b8117407b256e2dd8f1c0a5c2e560ef03d7.camel@kernel.crashing.org \
--to=benh@kernel.crashing.org \
--cc=aik@ozlabs.ru \
--cc=david@gibson.dropbear.id.au \
--cc=elfring@users.sourceforge.net \
--cc=haren@linux.vnet.ibm.com \
--cc=hch@infradead.org \
--cc=jasowang@redhat.com \
--cc=jean-philippe.brucker@arm.com \
--cc=joe@perches.com \
--cc=khandual@linux.vnet.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=linuxram@us.ibm.com \
--cc=marc.zyngier@arm.com \
--cc=mpe@ellerman.id.au \
--cc=mst@redhat.com \
--cc=paulus@samba.org \
--cc=robh@kernel.org \
--cc=robin.murphy@arm.com \
--cc=srikar@linux.vnet.ibm.com \
--cc=virtualization@lists.linux-foundation.org \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.