Re: [PATCH 01/11] iommu: Add device dma ownership set/release interfaces

From: Lu Baolu
Date: Sat Nov 20 2021 - 06:20:58 EST

Next message: Kyle Copperfield: "[PATCH] mmc: arasan: add runtime power management support"
Previous message: Zoeb Mithaiwala: "[PATCH 2/2] Staging: rtl8712: rtl871x_security: fixed a camel case variable name coding style issue"
In reply to: Jason Gunthorpe: "Re: [PATCH 01/11] iommu: Add device dma ownership set/release interfaces"
Next in thread: Jason Gunthorpe: "Re: [PATCH 01/11] iommu: Add device dma ownership set/release interfaces"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Joerg,

On 11/19/21 11:06 PM, Jörg Rödel wrote:

On Fri, Nov 19, 2021 at 07:14:10PM +0800, Lu Baolu wrote:

The singleton group requirement for iommu_attach/detach_device() was
added by below commit:

commit 426a273834eae65abcfc7132a21a85b3151e0bce
Author: Joerg Roedel <jroedel@xxxxxxx>
Date: Thu May 28 18:41:30 2015 +0200

iommu: Limit iommu_attach/detach_device to devices with their own group

This patch changes the behavior of the iommu_attach_device
and iommu_detach_device functions. With this change these
functions only work on devices that have their own group.
For all other devices the iommu_group_attach/detach
functions must be used.

Signed-off-by: Joerg Roedel <jroedel@xxxxxxx>

Joerg,can you please shed some light on the background of this
requirement? Does above idea of transition from singleton group
to group with single driver bound make sense to you?

This change came to be because the iommu_attach/detach_device()
interface doesn't fit well into a world with iommu-groups. Devices
within a group are by definition not isolated between each other, so
they must all be in the same address space (== iommu_domain). So it
doesn't make sense to allow attaching a single device within a group to
a different iommu_domain.

Thanks for the explanation. It's very helpful. There seems to be a lot
of discussions around this, but I didn't see any meaningful reasons to
break the assumption of "all devices in a group being in a same address
space".

Best regards,
baolu

I know that in theory it is safe to allow devices within a group to be
in different domains because there iommu-groups catch multiple
non-isolation cases:

1) Devices behind a non-ACS capable bridge or multiple functions
of a PCI device. Here it is safe to put the devices into
different iommu-domains as long as all affected devices are
controlled by the same owner.

2) Devices which share a single request-id and can't be
differentiated by the IOMMU hardware. These always need to be
in the same iommu_domain.

To lift the single-domain-per-group requirement the iommu core code
needs to learn the difference between the two cases above.

Regards,

Joerg

Next message: Kyle Copperfield: "[PATCH] mmc: arasan: add runtime power management support"
Previous message: Zoeb Mithaiwala: "[PATCH 2/2] Staging: rtl8712: rtl871x_security: fixed a camel case variable name coding style issue"
In reply to: Jason Gunthorpe: "Re: [PATCH 01/11] iommu: Add device dma ownership set/release interfaces"
Next in thread: Jason Gunthorpe: "Re: [PATCH 01/11] iommu: Add device dma ownership set/release interfaces"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]