From: Lu Baolu <baolu.lu@linux.intel.com>
To: Joerg Roedel <joro@8bytes.org>,
David Woodhouse <dwmw2@infradead.org>,
Alex Williamson <alex.williamson@redhat.com>,
Kirti Wankhede <kwankhede@nvidia.com>
Cc: ashok.raj@intel.com, sanjay.k.kumar@intel.com,
jacob.jun.pan@intel.com, kevin.tian@intel.com,
Jean-Philippe Brucker <jean-philippe.brucker@arm.com>,
yi.l.liu@intel.com, yi.y.sun@intel.com, peterx@redhat.com,
tiwei.bie@intel.com, Zeng Xin <xin.zeng@intel.com>,
iommu@lists.linux-foundation.org, kvm@vger.kernel.org,
linux-kernel@vger.kernel.org, Lu Baolu <baolu.lu@linux.intel.com>,
Jacob Pan <jacob.jun.pan@linux.intel.com>
Subject: [PATCH v4 1/8] iommu: Add APIs for multiple domains per device
Date: Mon, 5 Nov 2018 15:34:01 +0800 [thread overview]
Message-ID: <20181105073408.21815-2-baolu.lu@linux.intel.com> (raw)
In-Reply-To: <20181105073408.21815-1-baolu.lu@linux.intel.com>
Sharing a physical PCI device in a finer-granularity way
is becoming a consensus in the industry. IOMMU vendors
are also engaging efforts to support such sharing as well
as possible. Among the efforts, the capability of support
finer-granularity DMA isolation is a common requirement
due to the security consideration. With finer-granularity
DMA isolation, all DMA requests out of or to a subset of
a physical PCI device can be protected by the IOMMU. As a
result, there is a request in software to attach multiple
domains to a physical PCI device. One example of such use
model is the Intel Scalable IOV [1] [2]. The Intel vt-d
3.0 spec [3] introduces the scalable mode which enables
PASID granularity DMA isolation.
This adds the APIs to support multiple domains per device.
In order to ease the discussions, we call it 'a domain in
auxiliary mode' or simply 'auxiliary domain' when multiple
domains are attached to a physical device.
The APIs includes:
* iommu_get_dev_attr(dev, IOMMU_DEV_ATTR_AUXD_CAPABILITY)
- Represents the ability of supporting multiple domains
per device.
* iommu_get_dev_attr(dev, IOMMU_DEV_ATTR_AUXD_ENABLED)
- Checks whether the device identified by @dev is working
in auxiliary mode.
* iommu_set_dev_attr(dev, IOMMU_DEV_ATTR_AUXD_ENABLE)
- Enables the multiple domains capability for the device
referenced by @dev.
* iommu_set_dev_attr(dev, IOMMU_DEV_ATTR_AUXD_DISABLE)
- Disables the multiple domains capability for the device
referenced by @dev.
* iommu_attach_device_aux(domain, dev)
- Attaches @domain to @dev in the auxiliary mode. Multiple
domains could be attached to a single device in the
auxiliary mode with each domain representing an isolated
address space for an assignable subset of the device.
* iommu_detach_device_aux(domain, dev)
- Detach @domain which has been attached to @dev in the
auxiliary mode.
* iommu_domain_get_attr(domain, DOMAIN_ATTR_AUXD_ID)
- Return ID used for finer-granularity DMA translation.
For the Intel Scalable IOV usage model, this will be
a PASID. The device which supports Scalalbe IOV needs
to writes this ID to the device register so that DMA
requests could be tagged with a right PASID prefix.
Many people involved in discussions of this design.
Kevin Tian <kevin.tian@intel.com>
Liu Yi L <yi.l.liu@intel.com>
Ashok Raj <ashok.raj@intel.com>
Sanjay Kumar <sanjay.k.kumar@intel.com>
Jacob Pan <jacob.jun.pan@linux.intel.com>
Alex Williamson <alex.williamson@redhat.com>
Jean-Philippe Brucker <jean-philippe.brucker@arm.com>
and some discussions can be found here [4].
[1] https://software.intel.com/en-us/download/intel-scalable-io-virtualization-technical-specification
[2] https://schd.ws/hosted_files/lc32018/00/LC3-SIOV-final.pdf
[3] https://software.intel.com/en-us/download/intel-virtualization-technology-for-directed-io-architecture-specification
[4] https://lkml.org/lkml/2018/7/26/4
Cc: Ashok Raj <ashok.raj@intel.com>
Cc: Jacob Pan <jacob.jun.pan@linux.intel.com>
Cc: Kevin Tian <kevin.tian@intel.com>
Cc: Liu Yi L <yi.l.liu@intel.com>
Suggested-by: Kevin Tian <kevin.tian@intel.com>
Suggested-by: Jean-Philippe Brucker <jean-philippe.brucker@arm.com>
Signed-off-by: Lu Baolu <baolu.lu@linux.intel.com>
---
drivers/iommu/iommu.c | 52 +++++++++++++++++++++++++++++++++++++++++++
include/linux/iommu.h | 52 +++++++++++++++++++++++++++++++++++++++++++
2 files changed, 104 insertions(+)
diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
index edbdf5d6962c..0b7c96d1425e 100644
--- a/drivers/iommu/iommu.c
+++ b/drivers/iommu/iommu.c
@@ -2030,3 +2030,55 @@ int iommu_fwspec_add_ids(struct device *dev, u32 *ids, int num_ids)
return 0;
}
EXPORT_SYMBOL_GPL(iommu_fwspec_add_ids);
+
+/*
+ * Generic interfaces to get or set per device IOMMU attributions.
+ */
+int iommu_get_dev_attr(struct device *dev, enum iommu_dev_attr attr, void *data)
+{
+ const struct iommu_ops *ops = dev->bus->iommu_ops;
+
+ if (ops && ops->get_dev_attr)
+ return ops->get_dev_attr(dev, attr, data);
+
+ return -EINVAL;
+}
+EXPORT_SYMBOL_GPL(iommu_get_dev_attr);
+
+int iommu_set_dev_attr(struct device *dev, enum iommu_dev_attr attr, void *data)
+{
+ const struct iommu_ops *ops = dev->bus->iommu_ops;
+
+ if (ops && ops->set_dev_attr)
+ return ops->set_dev_attr(dev, attr, data);
+
+ return -EINVAL;
+}
+EXPORT_SYMBOL_GPL(iommu_set_dev_attr);
+
+/*
+ * APIs to attach/detach a domain to/from a device in the
+ * auxiliary mode.
+ */
+int iommu_attach_device_aux(struct iommu_domain *domain, struct device *dev)
+{
+ int ret = -ENODEV;
+
+ if (domain->ops->attach_dev_aux)
+ ret = domain->ops->attach_dev_aux(domain, dev);
+
+ if (!ret)
+ trace_attach_device_to_domain(dev);
+
+ return ret;
+}
+EXPORT_SYMBOL_GPL(iommu_attach_device_aux);
+
+void iommu_detach_device_aux(struct iommu_domain *domain, struct device *dev)
+{
+ if (domain->ops->detach_dev_aux) {
+ domain->ops->detach_dev_aux(domain, dev);
+ trace_detach_device_from_domain(dev);
+ }
+}
+EXPORT_SYMBOL_GPL(iommu_detach_device_aux);
diff --git a/include/linux/iommu.h b/include/linux/iommu.h
index a1d28f42cb77..9bf1b3f2457a 100644
--- a/include/linux/iommu.h
+++ b/include/linux/iommu.h
@@ -126,6 +126,7 @@ enum iommu_attr {
DOMAIN_ATTR_NESTING, /* two stages of translation */
DOMAIN_ATTR_DMA_USE_FLUSH_QUEUE,
DOMAIN_ATTR_MAX,
+ DOMAIN_ATTR_AUXD_ID,
};
/* These are the possible reserved region types */
@@ -156,6 +157,14 @@ struct iommu_resv_region {
enum iommu_resv_type type;
};
+/* Per device IOMMU attributions */
+enum iommu_dev_attr {
+ IOMMU_DEV_ATTR_AUXD_CAPABILITY,
+ IOMMU_DEV_ATTR_AUXD_ENABLED,
+ IOMMU_DEV_ATTR_AUXD_ENABLE,
+ IOMMU_DEV_ATTR_AUXD_DISABLE,
+};
+
#ifdef CONFIG_IOMMU_API
/**
@@ -183,6 +192,8 @@ struct iommu_resv_region {
* @domain_window_enable: Configure and enable a particular window for a domain
* @domain_window_disable: Disable a particular window for a domain
* @of_xlate: add OF master IDs to iommu grouping
+ * @get_dev_attr: get per device IOMMU attributions
+ * @set_dev_attr: set per device IOMMU attributions
* @pgsize_bitmap: bitmap of all possible supported page sizes
*/
struct iommu_ops {
@@ -226,6 +237,15 @@ struct iommu_ops {
int (*of_xlate)(struct device *dev, struct of_phandle_args *args);
bool (*is_attach_deferred)(struct iommu_domain *domain, struct device *dev);
+ /* Get/set per device IOMMU attributions */
+ int (*get_dev_attr)(struct device *dev,
+ enum iommu_dev_attr attr, void *data);
+ int (*set_dev_attr)(struct device *dev,
+ enum iommu_dev_attr attr, void *data);
+ /* Attach/detach aux domain */
+ int (*attach_dev_aux)(struct iommu_domain *domain, struct device *dev);
+ void (*detach_dev_aux)(struct iommu_domain *domain, struct device *dev);
+
unsigned long pgsize_bitmap;
};
@@ -398,6 +418,16 @@ void iommu_fwspec_free(struct device *dev);
int iommu_fwspec_add_ids(struct device *dev, u32 *ids, int num_ids);
const struct iommu_ops *iommu_ops_from_fwnode(struct fwnode_handle *fwnode);
+int iommu_get_dev_attr(struct device *dev,
+ enum iommu_dev_attr attr, void *data);
+int iommu_set_dev_attr(struct device *dev,
+ enum iommu_dev_attr attr, void *data);
+
+extern int iommu_attach_device_aux(struct iommu_domain *domain,
+ struct device *dev);
+extern void iommu_detach_device_aux(struct iommu_domain *domain,
+ struct device *dev);
+
#else /* CONFIG_IOMMU_API */
struct iommu_ops {};
@@ -682,6 +712,28 @@ const struct iommu_ops *iommu_ops_from_fwnode(struct fwnode_handle *fwnode)
return NULL;
}
+static inline int
+iommu_get_dev_attr(struct device *dev, enum iommu_dev_attr attr, void *data)
+{
+ return -EINVAL;
+}
+
+static inline int
+iommu_set_dev_attr(struct device *dev, enum iommu_dev_attr attr, void *data)
+{
+ return -EINVAL;
+}
+
+static inline int
+iommu_attach_device_aux(struct iommu_domain *domain, struct device *dev)
+{
+ return -ENODEV;
+}
+
+static inline void
+iommu_detach_device_aux(struct iommu_domain *domain, struct device *dev)
+{
+}
#endif /* CONFIG_IOMMU_API */
#ifdef CONFIG_IOMMU_DEBUGFS
--
2.17.1
next prev parent reply other threads:[~2018-11-05 7:37 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-05 7:34 [PATCH v4 0/8] vfio/mdev: IOMMU aware mediated device Lu Baolu
2018-11-05 7:34 ` Lu Baolu [this message]
2018-11-23 10:50 ` [PATCH v4 1/8] iommu: Add APIs for multiple domains per device Auger Eric
2018-11-26 2:04 ` Lu Baolu
2018-11-05 7:34 ` [PATCH v4 2/8] iommu/vt-d: Add multiple domains per device query Lu Baolu
2018-11-23 10:49 ` Auger Eric
2018-11-26 2:10 ` Lu Baolu
2018-11-05 7:34 ` [PATCH v4 3/8] iommu/vt-d: Enable/disable multiple domains per device Lu Baolu
2018-11-05 7:34 ` [PATCH v4 4/8] iommu/vt-d: Attach/detach domains in auxiliary mode Lu Baolu
2018-11-23 10:49 ` Auger Eric
2018-11-26 2:37 ` Lu Baolu
2018-11-05 7:34 ` [PATCH v4 5/8] iommu/vt-d: Return ID associated with an auxiliary domain Lu Baolu
2018-11-05 7:34 ` [PATCH v4 6/8] vfio/mdev: Add iommu place holders in mdev_device Lu Baolu
2018-11-05 14:51 ` Christoph Hellwig
2018-11-05 23:33 ` Lu Baolu
2018-11-06 23:53 ` Alex Williamson
2018-11-07 1:48 ` Lu Baolu
2018-11-15 21:31 ` Kirti Wankhede
2018-11-16 1:20 ` Lu Baolu
2018-11-16 8:57 ` Christoph Hellwig
2018-11-17 2:37 ` Lu Baolu
2018-11-20 20:52 ` Kirti Wankhede
2018-11-21 8:45 ` Christoph Hellwig
2018-12-03 16:27 ` Kirti Wankhede
2018-11-05 7:34 ` [PATCH v4 7/8] vfio/type1: Add domain at(de)taching group helpers Lu Baolu
2018-11-23 14:13 ` Auger Eric
2018-11-26 3:05 ` Lu Baolu
2018-11-05 7:34 ` [PATCH v4 8/8] vfio/type1: Handle different mdev isolation type Lu Baolu
2018-11-23 14:23 ` Auger Eric
2018-11-26 3:09 ` Lu Baolu
2018-12-04 3:46 ` [PATCH v4 0/8] vfio/mdev: IOMMU aware mediated device Xu Zaibo
2018-12-04 6:20 ` Lu Baolu
2018-12-04 6:50 ` Xu Zaibo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181105073408.21815-2-baolu.lu@linux.intel.com \
--to=baolu.lu@linux.intel.com \
--cc=alex.williamson@redhat.com \
--cc=ashok.raj@intel.com \
--cc=dwmw2@infradead.org \
--cc=iommu@lists.linux-foundation.org \
--cc=jacob.jun.pan@intel.com \
--cc=jacob.jun.pan@linux.intel.com \
--cc=jean-philippe.brucker@arm.com \
--cc=joro@8bytes.org \
--cc=kevin.tian@intel.com \
--cc=kvm@vger.kernel.org \
--cc=kwankhede@nvidia.com \
--cc=linux-kernel@vger.kernel.org \
--cc=peterx@redhat.com \
--cc=sanjay.k.kumar@intel.com \
--cc=tiwei.bie@intel.com \
--cc=xin.zeng@intel.com \
--cc=yi.l.liu@intel.com \
--cc=yi.y.sun@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).