On Wed, Mar 9, 2022 at 3:30 PM Michael S. Tsirkin wrote: > On Wed, Mar 09, 2022 at 11:38:35AM +0800, Jason Wang wrote: > > > > 在 2022/3/8 下午8:16, Michael S. Tsirkin 写道: > > > On Tue, Mar 08, 2022 at 12:37:33PM +0100, Eugenio Perez Martin wrote: > > > > On Tue, Mar 8, 2022 at 11:48 AM Michael S. Tsirkin > wrote: > > > > > On Tue, Mar 08, 2022 at 04:20:53PM +0800, Jason Wang wrote: > > > > > > > Not by itself but I'm not sure we can guarantee guest will not > > > > > > > attempt to use the IOVA addresses we are reserving down > > > > > > > the road. > > > > > > The IOVA is allocated via the listeners and stored in the iova > tree > > > > > > per GPA range as IOVA->(GPA)->HVA.Guests will only see GPA, Qemu > > > > > > virtio core see GPA to HVA mapping. And we do a reverse lookup > to find > > > > > > the HVA->IOVA we allocated previously. So we have double check > here: > > > > > > > > > > > > 1) Qemu memory core to make sure the GPA that guest uses is valid > > > > > > 2) the IOVA tree that guarantees there will be no HVA beyond what > > > > > > guest can see is used > > > > > > > > > > > > So technically, there's no way for the guest to use the IOVA > address > > > > > > allocated for the shadow virtqueue. > > > > > > > > > > > > Thanks > > > > > I mean, IOVA is programmed in the host hardware to translate to > HPA, right? > > > > > > > > > Yes, that's right if the device uses physical maps. Also to note, SVQ > > > > vring is allocated in multiples of host huge pages to avoid garbage > or > > > > unintended access from the device. > > > > > > > > If a vdpa device uses physical addresses, kernel vdpa will pin qemu > > > > memory first and then will send IOVA to HPA translation to hardware. > > > > But this IOVA space is not controlled by the guest, but by SVQ. If a > > > > guest's virtqueue buffer cannot be translated first to GPA, it will > > > > not be forwarded. > > > > > > > > Thanks! > > > Right. So if guests send a buffer where buffer address overlaps the > > > range we used for the SVQ, then I think at the moment guest won't work. > > > > > > There's no way for a guest to do this, it can only use GPA > > With a vIOMMU it can. > It should be the same or I may miss something. With a vIOMMU, vDPA devices still won't use gIOVA. Instead the device will use the IOVA that is managed by the Qemu. Listeners: IOVA->HVA Qemu virtqueue helper: gIOVA->GPA->HVA SVQ: HVA->IOVA So SVQ will use an IOVA that is overlapped with gIOVA/GPA Thanks > > > but the Qemu > > won't let vDPA to use GPA as IOVA. Dedicated IOVA ranges were allocated > for > > those GPA ranges so SVQ won't use IOVA that is overlapped with what Guest > > use. > > > > Thanks > > > > > > > > >