qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
From: Jean-Philippe Brucker <jean-philippe@linaro.org>
To: Auger Eric <eric.auger@redhat.com>
Cc: yang.zhong@intel.com, peter.maydell@linaro.org,
	kevin.tian@intel.com, tnowicki@marvell.com, mst@redhat.com,
	jean-philippe.brucker@arm.com, quintela@redhat.com,
	qemu-devel@nongnu.org, Peter Xu <peterx@redhat.com>,
	armbru@redhat.com, bharatb.linux@gmail.com, qemu-arm@nongnu.org,
	dgilbert@redhat.com, eric.auger.pro@gmail.com
Subject: Re: [PATCH for-5.0 v11 08/20] virtio-iommu: Implement translate
Date: Thu, 9 Jan 2020 11:40:32 +0100	[thread overview]
Message-ID: <20200109104032.GA937123@myrica> (raw)
In-Reply-To: <0beb9d61-05b8-3152-e967-64413def6ab7@redhat.com>

On Thu, Jan 09, 2020 at 09:58:49AM +0100, Auger Eric wrote:
> >> I share Peter's concern about having a different default policy than x86.
> > 
> > Yes I'd say just align with whatever policy is already in place. Do you
> > think we could add a command-line option to let people disable
> > default-bypass, though?  That would be a convenient way to make the IOMMU
> > protection airtight for those who need it.
> Yes I could easily add a device option to disable the default bypass.
> 
> Shall we change the meaning of the F_BYPASS feature then? If exposed by
> the device, the device does bypass by default, otherwise it doesn't.
> This would be controlled by the device option.

For a device that doesn't do bypass by default, the driver wouldn't have
the ability to enable bypass (feature bit not offered, not negotiable).

> The driver then could have means to overwrite this behavior once loaded?

Let's keep the bypass feature bit for this. If the bit is offered, the
driver chooses to enable or disable it. If the bit is not offered or not
negotiated, then the behavior is deny. If the bit is offered and
negotiated then the behavior is allow.

We can say that before features negotiation (latched at features register
write, I think, in practice?) the behavior is platform dependent. The
current wording about bypass intends to discourage unsafe choices but
makes a strong statement only about the device behavior after features
negotiation. 

We could add a second feature bit specifically for the boot bypass
behavior. It wouldn't be useful to the OS (the driver doesn't have a
choice) but could present a bit in config space that allows a firmware to
disable boot-bypass in a way that is sticky across reset. So when the OS
resets the device after taking it over, it doesn't accidentally enable
bypass. I wouldn't bother though. If a FW/bootloader is able to support
virtio-iommu, the user might as well instantiate the device with the
default-deny option.

Thanks,
Jean



  reply	other threads:[~2020-01-09 10:41 UTC|newest]

Thread overview: 89+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-11-22 18:29 [PATCH for-5.0 v11 00/20] VIRTIO-IOMMU device Eric Auger
2019-11-22 18:29 ` [PATCH for-5.0 v11 01/20] migration: Support QLIST migration Eric Auger
2019-11-27 11:46   ` Dr. David Alan Gilbert
2020-01-08 13:19     ` Juan Quintela
2020-01-08 13:40       ` Auger Eric
2020-01-08 13:51         ` Juan Quintela
2020-01-08 14:02           ` Auger Eric
2019-11-22 18:29 ` [PATCH for-5.0 v11 02/20] virtio-iommu: Add skeleton Eric Auger
2019-12-10 16:31   ` Jean-Philippe Brucker
2019-12-19 10:31     ` Auger Eric
2019-11-22 18:29 ` [PATCH for-5.0 v11 03/20] virtio-iommu: Decode the command payload Eric Auger
2019-12-10 16:32   ` Jean-Philippe Brucker
2019-12-10 19:14   ` Peter Xu
2019-11-22 18:29 ` [PATCH for-5.0 v11 04/20] virtio-iommu: Add the iommu regions Eric Auger
2019-12-10 16:34   ` Jean-Philippe Brucker
2019-12-19 18:11     ` Auger Eric
2019-12-10 19:18   ` Peter Xu
2019-11-22 18:29 ` [PATCH for-5.0 v11 05/20] virtio-iommu: Endpoint and domains structs and helpers Eric Auger
2019-12-10 16:37   ` Jean-Philippe Brucker
2019-12-19 18:31     ` Auger Eric
2019-12-20 17:00       ` Jean-Philippe Brucker
2019-12-23  9:11         ` Auger Eric
2019-11-22 18:29 ` [PATCH for-5.0 v11 06/20] virtio-iommu: Implement attach/detach command Eric Auger
2019-12-10 16:41   ` Jean-Philippe Brucker
2019-12-23  9:14     ` Auger Eric
2019-11-22 18:29 ` [PATCH for-5.0 v11 07/20] virtio-iommu: Implement map/unmap Eric Auger
2019-12-10 16:43   ` Jean-Philippe Brucker
2019-12-23  9:42     ` Auger Eric
2019-11-22 18:29 ` [PATCH for-5.0 v11 08/20] virtio-iommu: Implement translate Eric Auger
2019-12-10 16:43   ` Jean-Philippe Brucker
2019-12-10 19:33   ` Peter Xu
2019-12-19 10:30     ` Auger Eric
2019-12-19 13:33       ` Peter Xu
2019-12-19 14:38         ` Auger Eric
2019-12-19 14:49           ` Peter Xu
2019-12-19 15:09             ` Auger Eric
2019-12-20 16:26               ` Jean-Philippe Brucker
2019-12-20 16:51                 ` Peter Xu
2020-01-06 17:06                   ` Jean-Philippe Brucker
2020-01-06 17:58                     ` Peter Xu
2020-01-07 10:10                       ` Jean-Philippe Brucker
2020-01-08 16:55                         ` Auger Eric
2020-01-09  8:47                           ` Jean-Philippe Brucker
2020-01-09  8:58                             ` Auger Eric
2020-01-09 10:40                               ` Jean-Philippe Brucker [this message]
2020-01-09 11:01                                 ` Auger Eric
2020-01-09 11:15                                   ` Jean-Philippe Brucker
2020-01-09 11:32                                     ` Auger Eric
2019-11-22 18:29 ` [PATCH for-5.0 v11 09/20] virtio-iommu: Implement fault reporting Eric Auger
2019-12-10 16:44   ` Jean-Philippe Brucker
2019-11-22 18:29 ` [PATCH for-5.0 v11 10/20] virtio-iommu-pci: Add virtio iommu pci support Eric Auger
2019-12-10 16:44   ` Jean-Philippe Brucker
2019-11-22 18:29 ` [PATCH for-5.0 v11 11/20] hw/arm/virt: Add the virtio-iommu device tree mappings Eric Auger
2019-12-10 16:45   ` Jean-Philippe Brucker
2019-11-22 18:29 ` [PATCH for-5.0 v11 12/20] qapi: Introduce DEFINE_PROP_INTERVAL Eric Auger
2019-11-22 19:03   ` Dr. David Alan Gilbert
2019-11-25 13:12     ` Auger Eric
2019-12-12 12:17   ` Markus Armbruster
2019-12-12 15:13     ` Auger Eric
2019-12-13 10:03       ` Markus Armbruster
2019-11-22 18:29 ` [PATCH for-5.0 v11 13/20] virtio-iommu: Implement probe request Eric Auger
2019-12-10 16:46   ` Jean-Philippe Brucker
2019-12-10 19:36   ` Peter Xu
2019-11-22 18:29 ` [PATCH for-5.0 v11 14/20] virtio-iommu: Handle reserved regions in the translation process Eric Auger
2019-12-10 16:46   ` Jean-Philippe Brucker
2019-12-10 19:39   ` Peter Xu
2019-11-22 18:29 ` [PATCH for-5.0 v11 15/20] virtio-iommu-pci: Add array of Interval properties Eric Auger
2019-12-10 16:47   ` Jean-Philippe Brucker
2019-11-22 18:29 ` [PATCH for-5.0 v11 16/20] hw/arm/virt-acpi-build: Introduce fill_iort_idmap helper Eric Auger
2019-12-10 16:47   ` Jean-Philippe Brucker
2019-11-22 18:29 ` [PATCH for-5.0 v11 17/20] hw/arm/virt-acpi-build: Add virtio-iommu node in IORT table Eric Auger
2019-12-10 16:48   ` Jean-Philippe Brucker
2019-11-22 18:29 ` [PATCH for-5.0 v11 18/20] virtio-iommu: Support migration Eric Auger
2019-11-27 12:06   ` Dr. David Alan Gilbert
2019-12-10 16:50   ` Jean-Philippe Brucker
2019-12-19 11:03     ` Auger Eric
2019-12-10 20:01   ` Peter Xu
2019-12-24  7:39     ` Auger Eric
2019-11-22 18:29 ` [PATCH for-5.0 v11 19/20] pc: Add support for virtio-iommu-pci Eric Auger
2019-12-10 16:50   ` Jean-Philippe Brucker
2019-12-24  7:39     ` Auger Eric
2020-01-09 12:02   ` Michael S. Tsirkin
2020-01-09 13:34     ` Auger Eric
2019-11-22 18:29 ` [PATCH for-5.0 v11 20/20] tests: Add virtio-iommu test Eric Auger
2019-11-22 21:56 ` [PATCH for-5.0 v11 00/20] VIRTIO-IOMMU device no-reply
2019-12-11 16:40 ` Michael S. Tsirkin
2019-12-11 16:48   ` Auger Eric
2019-12-11 20:40     ` Michael S. Tsirkin
2019-12-12 15:05       ` Auger Eric

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200109104032.GA937123@myrica \
    --to=jean-philippe@linaro.org \
    --cc=armbru@redhat.com \
    --cc=bharatb.linux@gmail.com \
    --cc=dgilbert@redhat.com \
    --cc=eric.auger.pro@gmail.com \
    --cc=eric.auger@redhat.com \
    --cc=jean-philippe.brucker@arm.com \
    --cc=kevin.tian@intel.com \
    --cc=mst@redhat.com \
    --cc=peter.maydell@linaro.org \
    --cc=peterx@redhat.com \
    --cc=qemu-arm@nongnu.org \
    --cc=qemu-devel@nongnu.org \
    --cc=quintela@redhat.com \
    --cc=tnowicki@marvell.com \
    --cc=yang.zhong@intel.com \
    --subject='Re: [PATCH for-5.0 v11 08/20] virtio-iommu: Implement translate' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).