From: Benjamin Herrenschmidt <benh@kernel.crashing.org>
To: Christoph Hellwig <hch@infradead.org>
Cc: "Michael S. Tsirkin" <mst@redhat.com>,
Will Deacon <will.deacon@arm.com>,
Anshuman Khandual <khandual@linux.vnet.ibm.com>,
virtualization@lists.linux-foundation.org,
linux-kernel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
aik@ozlabs.ru, robh@kernel.org, joe@perches.com,
elfring@users.sourceforge.net, david@gibson.dropbear.id.au,
jasowang@redhat.com, mpe@ellerman.id.au, linuxram@us.ibm.com,
haren@linux.vnet.ibm.com, paulus@samba.org,
srikar@linux.vnet.ibm.com, robin.murphy@arm.com,
jean-philippe.brucker@arm.com, marc.zyngier@arm.com
Subject: Re: [RFC 0/4] Virtio uses DMA API for all devices
Date: Mon, 06 Aug 2018 07:30:54 +1000 [thread overview]
Message-ID: <00113a1e9ec3e111ee4e12d682168142dcbbcf61.camel@kernel.crashing.org> (raw)
In-Reply-To: <b7e8294e3e70d24072883a7e8e5375719d5af870.camel@kernel.crashing.org>
On Mon, 2018-08-06 at 07:16 +1000, Benjamin Herrenschmidt wrote:
> I'm trying to understand because the limitation is not a device side
> limitation, it's not a qemu limitation, it's actually more of a VM
> limitation. It has most of its memory pages made inaccessible for
> security reasons. The platform from a qemu/KVM perspective is almost
> entirely normal.
In fact this is probably the best image of what's going on:
It's a normal VM from a KVM/qemu perspective (and thus virtio). It
boots normally, can run firmware, linux, etc... normally, it's not
created with any different XML or qemu command line definition etc...
It just that once it reaches the kernel with the secure stuff enabled
(could be via kexec from a normal kernel), that kernel will "stash
away" most of the VM's memory into some secure space that nothing else
(not even the hypervisor) can access.
It can keep around a pool or two of normal memory for bounce buferring
IOs but that's about it.
I think that's the clearest way I could find to explain what's going
on, and why I'm so resistant on adding things on qemu side.
That said, we *can* (and will) notify KVM and qemu of the transition,
and we can/will do so after virtio has been instanciated and used by
the bootloader, but before it will be used (or even probed) by the
secure VM itself, so there's an opportunity to poke at things, either
from the VM itself (a quirk poking at virtio config space for example)
or from qemu (though I find the idea of iterating all virtio devices
from qemu to change a setting rather gross).
Cheers,
Ben.
next prev parent reply other threads:[~2018-08-05 21:36 UTC|newest]
Thread overview: 119+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-20 3:59 [RFC 0/4] Virtio uses DMA API for all devices Anshuman Khandual
2018-07-20 3:59 ` [RFC 1/4] virtio: Define virtio_direct_dma_ops structure Anshuman Khandual
2018-07-30 9:24 ` Christoph Hellwig
2018-07-31 4:01 ` Anshuman Khandual
2018-07-20 3:59 ` [RFC 2/4] virtio: Override device's DMA OPS with virtio_direct_dma_ops selectively Anshuman Khandual
2018-07-28 8:56 ` Anshuman Khandual
2018-07-28 21:16 ` Michael S. Tsirkin
2018-07-30 4:15 ` Anshuman Khandual
2018-07-30 9:30 ` Christoph Hellwig
2018-07-31 6:39 ` Anshuman Khandual
2018-07-30 9:25 ` Christoph Hellwig
2018-07-31 7:00 ` Anshuman Khandual
2018-07-20 3:59 ` [RFC 3/4] virtio: Force virtio core to use DMA API callbacks for all virtio devices Anshuman Khandual
2018-07-20 3:59 ` [RFC 4/4] virtio: Add platform specific DMA API translation for virito devices Anshuman Khandual
2018-07-20 13:15 ` Michael S. Tsirkin
2018-07-23 2:16 ` Anshuman Khandual
2018-07-25 4:30 ` Anshuman Khandual
2018-07-25 13:31 ` Michael S. Tsirkin
2018-07-20 13:16 ` [RFC 0/4] Virtio uses DMA API for all devices Michael S. Tsirkin
2018-07-23 6:28 ` Anshuman Khandual
2018-07-23 9:08 ` Michael S. Tsirkin
2018-07-25 3:26 ` Anshuman Khandual
2018-07-27 11:31 ` Michael S. Tsirkin
2018-07-28 8:37 ` Anshuman Khandual
2018-07-27 9:58 ` Will Deacon
2018-07-27 10:58 ` Anshuman Khandual
2018-07-30 9:34 ` Christoph Hellwig
2018-07-30 10:28 ` Michael S. Tsirkin
2018-07-30 11:18 ` Christoph Hellwig
2018-07-30 13:26 ` Michael S. Tsirkin
2018-07-31 17:30 ` Christoph Hellwig
2018-07-31 20:36 ` Benjamin Herrenschmidt
2018-08-01 8:16 ` Will Deacon
2018-08-01 8:36 ` Christoph Hellwig
2018-08-01 9:05 ` Will Deacon
2018-08-01 22:41 ` Michael S. Tsirkin
2018-08-01 22:35 ` Michael S. Tsirkin
2018-08-02 15:24 ` Benjamin Herrenschmidt
2018-08-02 15:41 ` Michael S. Tsirkin
2018-08-02 16:01 ` Benjamin Herrenschmidt
2018-08-02 17:19 ` Michael S. Tsirkin
2018-08-02 17:53 ` Benjamin Herrenschmidt
2018-08-02 20:52 ` Michael S. Tsirkin
2018-08-02 21:13 ` Benjamin Herrenschmidt
2018-08-02 21:51 ` Michael S. Tsirkin
2018-08-03 7:05 ` Christoph Hellwig
2018-08-03 15:58 ` Benjamin Herrenschmidt
2018-08-03 16:02 ` Christoph Hellwig
2018-08-03 18:58 ` Benjamin Herrenschmidt
2018-08-04 8:21 ` Christoph Hellwig
2018-08-05 1:10 ` Benjamin Herrenschmidt
2018-08-05 7:29 ` Christoph Hellwig
2018-08-05 21:16 ` Benjamin Herrenschmidt
2018-08-05 21:30 ` Benjamin Herrenschmidt [this message]
2018-08-06 9:42 ` Christoph Hellwig
2018-08-06 19:52 ` Benjamin Herrenschmidt
2018-08-07 6:21 ` Christoph Hellwig
2018-08-07 6:42 ` Benjamin Herrenschmidt
2018-08-07 13:55 ` Christoph Hellwig
2018-08-07 20:32 ` Benjamin Herrenschmidt
2018-08-08 6:31 ` Christoph Hellwig
2018-08-08 10:07 ` Benjamin Herrenschmidt
2018-08-08 12:30 ` Christoph Hellwig
2018-08-08 13:18 ` Benjamin Herrenschmidt
2018-08-08 20:31 ` Michael S. Tsirkin
2018-08-08 22:13 ` Benjamin Herrenschmidt
2018-08-09 2:00 ` Benjamin Herrenschmidt
2018-08-09 5:40 ` Christoph Hellwig
2018-09-07 0:09 ` Jiandi An
2018-09-10 6:19 ` Christoph Hellwig
2018-09-10 8:53 ` Gerd Hoffmann
2018-08-03 19:07 ` Michael S. Tsirkin
2018-08-04 1:11 ` Benjamin Herrenschmidt
2018-08-04 1:16 ` Benjamin Herrenschmidt
2018-08-05 0:22 ` Michael S. Tsirkin
2018-08-05 4:52 ` Benjamin Herrenschmidt
2018-08-06 13:46 ` Michael S. Tsirkin
2018-08-06 19:56 ` Benjamin Herrenschmidt
2018-08-06 20:35 ` Michael S. Tsirkin
2018-08-06 21:26 ` Benjamin Herrenschmidt
2018-08-06 21:46 ` Michael S. Tsirkin
2018-08-06 22:13 ` Benjamin Herrenschmidt
2018-08-06 23:16 ` Benjamin Herrenschmidt
2018-08-06 23:45 ` Michael S. Tsirkin
2018-08-07 0:18 ` Benjamin Herrenschmidt
2018-08-07 6:32 ` Christoph Hellwig
2018-08-07 6:27 ` Christoph Hellwig
2018-08-07 6:44 ` Benjamin Herrenschmidt
2018-08-07 6:18 ` Christoph Hellwig
2018-08-07 6:16 ` Christoph Hellwig
2018-08-06 23:18 ` Benjamin Herrenschmidt
2018-08-07 6:12 ` Christoph Hellwig
2018-08-04 1:18 ` Benjamin Herrenschmidt
2018-08-04 1:22 ` Benjamin Herrenschmidt
2018-08-05 0:23 ` Michael S. Tsirkin
2018-08-03 19:17 ` Michael S. Tsirkin
2018-08-04 8:15 ` Christoph Hellwig
2018-08-05 0:09 ` Michael S. Tsirkin
2018-08-05 1:11 ` Benjamin Herrenschmidt
2018-08-05 7:25 ` Christoph Hellwig
2018-08-05 0:53 ` Benjamin Herrenschmidt
2018-08-05 0:27 ` Michael S. Tsirkin
2018-08-06 14:05 ` Will Deacon
2018-08-01 21:56 ` Michael S. Tsirkin
2018-08-02 15:33 ` Benjamin Herrenschmidt
2018-08-02 20:53 ` Michael S. Tsirkin
2018-08-03 7:06 ` Christoph Hellwig
2018-08-02 20:55 ` Michael S. Tsirkin
2018-08-03 2:41 ` Jason Wang
2018-08-03 19:08 ` Michael S. Tsirkin
2018-08-04 1:21 ` Benjamin Herrenschmidt
2018-08-05 0:24 ` Michael S. Tsirkin
2018-08-06 9:02 ` Anshuman Khandual
2018-08-06 13:36 ` Michael S. Tsirkin
2018-08-06 15:24 ` Christoph Hellwig
2018-08-06 16:06 ` Michael S. Tsirkin
2018-08-06 16:10 ` Christoph Hellwig
2018-08-06 16:13 ` Michael S. Tsirkin
2018-08-06 16:34 ` Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=00113a1e9ec3e111ee4e12d682168142dcbbcf61.camel@kernel.crashing.org \
--to=benh@kernel.crashing.org \
--cc=aik@ozlabs.ru \
--cc=david@gibson.dropbear.id.au \
--cc=elfring@users.sourceforge.net \
--cc=haren@linux.vnet.ibm.com \
--cc=hch@infradead.org \
--cc=jasowang@redhat.com \
--cc=jean-philippe.brucker@arm.com \
--cc=joe@perches.com \
--cc=khandual@linux.vnet.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=linuxram@us.ibm.com \
--cc=marc.zyngier@arm.com \
--cc=mpe@ellerman.id.au \
--cc=mst@redhat.com \
--cc=paulus@samba.org \
--cc=robh@kernel.org \
--cc=robin.murphy@arm.com \
--cc=srikar@linux.vnet.ibm.com \
--cc=virtualization@lists.linux-foundation.org \
--cc=will.deacon@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).