Re: [PATCH] vfio powerpc: implement IOMMU driver for VFIO
From: David Gibson
Date: Sun Mar 24 2013 - 22:20:27 EST
On Wed, Mar 20, 2013 at 09:16:24PM -0600, Alex Williamson wrote:
> On Thu, 2013-03-21 at 12:55 +1100, David Gibson wrote:
> > On Wed, Mar 20, 2013 at 02:45:24PM -0600, Alex Williamson wrote:
> > > On Tue, 2013-03-19 at 18:08 +1100, Alexey Kardashevskiy wrote:
> > > > VFIO implements platform independent stuff such as
> > > > a PCI driver, BAR access (via read/write on a file descriptor
> > > > or direct mapping when possible) and IRQ signaling.
> > > >
> > > > The platform dependent part includes IOMMU initialization
> > > > and handling. This patch implements an IOMMU driver for VFIO
> > > > which does mapping/unmapping pages for the guest IO and
> > > > provides information about DMA window (required by a POWERPC
> > > > guest).
> > > >
> > > > The counterpart in QEMU is required to support this functionality.
> > > >
> > > > Changelog:
> > > > * documentation updated
> > > > * containter enable/disable ioctls added
> > > > * request_module(spapr_iommu) added
> > > > * various locks fixed
> > > >
> > > > Cc: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx>
> > > > Signed-off-by: Alexey Kardashevskiy <aik@xxxxxxxxx>
> > > > ---
> > >
> > >
> > > Looking pretty good. There's one problem with the detach_group,
> > > otherwise just some trivial comments below. What's the status of the
> > > tce code that this depends on? Thanks,
> >
> > [snip]
> > > > +static void tce_iommu_detach_group(void *iommu_data,
> > > > + struct iommu_group *iommu_group)
> > > > +{
> > > > + struct tce_container *container = iommu_data;
> > > > + struct iommu_table *tbl = iommu_group_get_iommudata(iommu_group);
> > > > +
> > > > + BUG_ON(!tbl);
> > > > + mutex_lock(&container->lock);
> > > > + if (tbl != container->tbl) {
> > > > + pr_warn("tce_vfio: detaching group #%u, expected group is #%u\n",
> > > > + iommu_group_id(iommu_group),
> > > > + iommu_group_id(tbl->it_group));
> > > > + } else if (container->enabled) {
> > > > + pr_err("tce_vfio: detaching group #%u from enabled container\n",
> > > > + iommu_group_id(tbl->it_group));
> > >
> > > Hmm, something more than a pr_err needs to happen here. Wouldn't this
> > > imply a disable and going back to an unprivileged container?
> >
> > Uh, no. I think the idea here is that we use the enable/disable
> > semantic to address some other potential problems. Specifically,
> > sidestepping the problems of what happens if you change the
> > container's capabilities by adding/removing groups while in the middle
> > of using it. So the point is that the detach fails when the group is
> > enabled, rather than implicitly doing anything.
>
> The function returns void.
Uh, yeah, we should probably fix that.
> We're not failing the detach, just getting
> into a broken state. This is only called to unwind attaching groups
> when the iommu is set or if the user explicitly calls
> GROUP_UNSET_CONTAINER. The former won't have had a chance to call
> enable but the latter would need to be fixed.
Well, in the latter case it's essentialy a silent failure, which isn't
great.
--
David Gibson | I'll have my music baroque, and my code
david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson
Attachment:
signature.asc
Description: Digital signature