From: Don Dutile <ddutile@redhat.com>
To: Stephen Bates <sbates@raithlin.com>,
Alex Williamson <alex.williamson@redhat.com>
Cc: "Logan Gunthorpe" <logang@deltatee.com>,
"Christian König" <christian.koenig@amd.com>,
"Bjorn Helgaas" <helgaas@kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-pci@vger.kernel.org" <linux-pci@vger.kernel.org>,
"linux-nvme@lists.infradead.org" <linux-nvme@lists.infradead.org>,
"linux-rdma@vger.kernel.org" <linux-rdma@vger.kernel.org>,
"linux-nvdimm@lists.01.org" <linux-nvdimm@lists.01.org>,
"linux-block@vger.kernel.org" <linux-block@vger.kernel.org>,
"Christoph Hellwig" <hch@lst.de>, "Jens Axboe" <axboe@kernel.dk>,
"Keith Busch" <keith.busch@intel.com>,
"Sagi Grimberg" <sagi@grimberg.me>,
"Bjorn Helgaas" <bhelgaas@google.com>,
"Jason Gunthorpe" <jgg@mellanox.com>,
"Max Gurtovoy" <maxg@mellanox.com>,
"Dan Williams" <dan.j.williams@intel.com>,
"Jérôme Glisse" <jglisse@redhat.com>,
"Benjamin Herrenschmidt" <benh@kernel.crashing.org>
Subject: Re: [PATCH v4 04/14] PCI/P2PDMA: Clear ACS P2P flags for all devices behind switches
Date: Wed, 9 May 2018 11:58:46 -0400 [thread overview]
Message-ID: <09b4088a-838a-48f5-4395-f261de483dbf@redhat.com> (raw)
In-Reply-To: <C6D0BD3A-FA82-425A-899C-C2DBDCBC7EEC@raithlin.com>
On 05/09/2018 08:44 AM, Stephen Bates wrote:
> Hi Don
>
>> RDMA VFs lend themselves to NVMEoF w/device-assignment.... need a way to
>> put NVME 'resources' into an assignable/manageable object for 'IOMMU-grouping',
>> which is really a 'DMA security domain' and less an 'IOMMU grouping domain'.
>
> Ha, I like your term "DMA Security Domain" which sounds about right for what we are discussing with p2pdma and ACS disablement ;-). The problem is that ACS is, in some ways, too big of hammer for what we want here in the sense that it is either on or off for the bridge or MF EP we enable/disable it for. ACS can't filter the TLPs by address or ID though PCI-SIG are having some discussions on extending ACS. That's a long term solution and won't be applicable to us for some time.
>
> NVMe SSDs that support SR-IOV are coming to market but we can't assume all NVMe SSDs with support SR-IOV. That will probably be a pretty high end-feature...
>
> Stephen
>
>
>
Sure, we could provide unsecure enablement for development and kick-the-tires deployment ..
device-assignment started that way (no ACS, no intr-remapping, etc.), but for secure setups,
VF's for both p2p EPs is the best security model.
So, we should have a design goal for the secure configuration.
workarounds/unsecure modes to deal with near-term what-we-have-to-work-with can be employed, but they shoudn't be
the only/defacto/final-solution.
next prev parent reply other threads:[~2018-05-09 15:58 UTC|newest]
Thread overview: 103+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-23 23:30 [PATCH v4 00/14] Copy Offload in NVMe Fabrics with P2P PCI Memory Logan Gunthorpe
2018-04-23 23:30 ` [PATCH v4 01/14] PCI/P2PDMA: Support peer-to-peer memory Logan Gunthorpe
2018-05-07 23:00 ` Bjorn Helgaas
2018-05-07 23:09 ` Logan Gunthorpe
2018-04-23 23:30 ` [PATCH v4 02/14] PCI/P2PDMA: Add sysfs group to display p2pmem stats Logan Gunthorpe
2018-04-23 23:30 ` [PATCH v4 03/14] PCI/P2PDMA: Add PCI p2pmem dma mappings to adjust the bus offset Logan Gunthorpe
2018-05-07 23:02 ` Bjorn Helgaas
2018-04-23 23:30 ` [PATCH v4 04/14] PCI/P2PDMA: Clear ACS P2P flags for all devices behind switches Logan Gunthorpe
2018-04-24 3:33 ` Randy Dunlap
2018-05-07 23:13 ` Bjorn Helgaas
2018-05-08 7:17 ` Christian König
2018-05-08 14:25 ` Stephen Bates
2018-05-08 16:37 ` Christian König
2018-05-08 16:27 ` Logan Gunthorpe
2018-05-08 16:50 ` Christian König
2018-05-08 19:13 ` Logan Gunthorpe
2018-05-08 19:34 ` Alex Williamson
2018-05-08 19:45 ` Logan Gunthorpe
2018-05-08 20:13 ` Alex Williamson
2018-05-08 20:19 ` Logan Gunthorpe
2018-05-08 20:43 ` Alex Williamson
2018-05-08 20:49 ` Logan Gunthorpe
2018-05-08 21:26 ` Alex Williamson
2018-05-08 21:42 ` Stephen Bates
2018-05-08 22:03 ` Alex Williamson
2018-05-08 22:10 ` Logan Gunthorpe
2018-05-08 22:25 ` Stephen Bates
2018-05-08 23:11 ` Alex Williamson
2018-05-08 23:31 ` Logan Gunthorpe
2018-05-09 0:17 ` Alex Williamson
2018-05-08 22:32 ` Alex Williamson
2018-05-08 23:00 ` Dan Williams
2018-05-08 23:15 ` Logan Gunthorpe
2018-05-09 12:38 ` Stephen Bates
2018-05-08 22:21 ` Don Dutile
2018-05-09 12:44 ` Stephen Bates
2018-05-09 15:58 ` Don Dutile [this message]
2018-05-08 20:50 ` Jerome Glisse
2018-05-08 21:35 ` Stephen Bates
2018-05-09 13:12 ` Stephen Bates
2018-05-09 13:40 ` Christian König
2018-05-09 15:41 ` Stephen Bates
2018-05-09 16:07 ` Jerome Glisse
2018-05-09 16:30 ` Stephen Bates
2018-05-09 17:49 ` Jerome Glisse
2018-05-10 14:20 ` Stephen Bates
2018-05-10 14:29 ` Christian König
2018-05-10 14:59 ` Jerome Glisse
2018-05-10 18:44 ` Stephen Bates
2018-05-09 16:45 ` Logan Gunthorpe
2018-05-10 12:52 ` Christian König
2018-05-10 14:16 ` Stephen Bates
2018-05-10 14:41 ` Jerome Glisse
2018-05-10 18:41 ` Stephen Bates
2018-05-10 18:59 ` Logan Gunthorpe
2018-05-10 19:10 ` Alex Williamson
2018-05-10 19:24 ` Jerome Glisse
2018-05-10 16:32 ` Logan Gunthorpe
2018-05-10 17:11 ` Stephen Bates
2018-05-10 17:15 ` Logan Gunthorpe
2018-05-11 8:52 ` Christian König
2018-05-11 15:48 ` Logan Gunthorpe
2018-05-11 21:50 ` Stephen Bates
2018-05-11 22:24 ` Stephen Bates
2018-05-11 22:55 ` Logan Gunthorpe
2018-05-08 14:31 ` Dan Williams
2018-05-08 14:44 ` Stephen Bates
2018-05-08 21:04 ` Don Dutile
2018-05-08 21:27 ` Stephen Bates
2018-05-08 23:06 ` Don Dutile
2018-05-09 0:01 ` Alex Williamson
2018-05-09 12:35 ` Stephen Bates
2018-05-09 14:44 ` Alex Williamson
2018-05-09 15:52 ` Don Dutile
2018-05-09 15:47 ` Don Dutile
2018-05-09 15:53 ` Don Dutile
2018-04-23 23:30 ` [PATCH v4 05/14] docs-rst: Add a new directory for PCI documentation Logan Gunthorpe
2018-04-23 23:30 ` [PATCH v4 06/14] PCI/P2PDMA: Add P2P DMA driver writer's documentation Logan Gunthorpe
2018-05-07 23:20 ` Bjorn Helgaas
2018-05-22 21:24 ` Randy Dunlap
2018-05-22 21:28 ` Logan Gunthorpe
2018-04-23 23:30 ` [PATCH v4 07/14] block: Introduce PCI P2P flags for request and request queue Logan Gunthorpe
2018-04-23 23:30 ` [PATCH v4 08/14] IB/core: Ensure we map P2P memory correctly in rdma_rw_ctx_[init|destroy]() Logan Gunthorpe
2018-04-23 23:30 ` [PATCH v4 09/14] nvme-pci: Use PCI p2pmem subsystem to manage the CMB Logan Gunthorpe
2018-04-23 23:30 ` [PATCH v4 10/14] nvme-pci: Add support for P2P memory in requests Logan Gunthorpe
2018-04-23 23:30 ` [PATCH v4 11/14] nvme-pci: Add a quirk for a pseudo CMB Logan Gunthorpe
2018-04-23 23:30 ` [PATCH v4 12/14] nvmet: Introduce helper functions to allocate and free request SGLs Logan Gunthorpe
2018-04-23 23:30 ` [PATCH v4 13/14] nvmet-rdma: Use new SGL alloc/free helper for requests Logan Gunthorpe
2018-04-23 23:30 ` [PATCH v4 14/14] nvmet: Optionally use PCI P2P memory Logan Gunthorpe
2018-05-02 11:51 ` [PATCH v4 00/14] Copy Offload in NVMe Fabrics with P2P PCI Memory Christian König
2018-05-02 15:56 ` Logan Gunthorpe
2018-05-03 9:05 ` Christian König
2018-05-03 15:59 ` Logan Gunthorpe
2018-05-03 17:29 ` Christian König
2018-05-03 18:43 ` Logan Gunthorpe
2018-05-04 14:27 ` Christian König
2018-05-04 15:52 ` Logan Gunthorpe
2018-05-07 23:23 ` Bjorn Helgaas
2018-05-07 23:34 ` Logan Gunthorpe
2018-05-08 16:57 ` Alex Williamson
2018-05-08 19:14 ` Logan Gunthorpe
2018-05-08 21:25 ` Don Dutile
2018-05-08 21:40 ` Alex Williamson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=09b4088a-838a-48f5-4395-f261de483dbf@redhat.com \
--to=ddutile@redhat.com \
--cc=alex.williamson@redhat.com \
--cc=axboe@kernel.dk \
--cc=benh@kernel.crashing.org \
--cc=bhelgaas@google.com \
--cc=christian.koenig@amd.com \
--cc=dan.j.williams@intel.com \
--cc=hch@lst.de \
--cc=helgaas@kernel.org \
--cc=jgg@mellanox.com \
--cc=jglisse@redhat.com \
--cc=keith.busch@intel.com \
--cc=linux-block@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nvdimm@lists.01.org \
--cc=linux-nvme@lists.infradead.org \
--cc=linux-pci@vger.kernel.org \
--cc=linux-rdma@vger.kernel.org \
--cc=logang@deltatee.com \
--cc=maxg@mellanox.com \
--cc=sagi@grimberg.me \
--cc=sbates@raithlin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).