Re: [RFC 1/2] vfio/pci: keep the prefetchable attribute of a BAR region in VMA

From: Alex Williamson
Date: Tue May 04 2021 - 14:03:57 EST


On Mon, 3 May 2021 22:03:59 +0000
Vikram Sethi <vsethi@xxxxxxxxxx> wrote:

> Hi Alex,
> > From: Alex Williamson <alex.williamson@xxxxxxxxxx>
> > On Mon, 3 May 2021 13:59:43 +0000
> > Vikram Sethi <vsethi@xxxxxxxxxx> wrote:
> > > > From: Mark Kettenis <mark.kettenis@xxxxxxxxx>
> > > > > From: Marc Zyngier <maz@xxxxxxxxxx>
> > >
> > > snip
> > > > > If, by enumerating the properties of Prefetchable, you can show
> > > > > that they are a strict superset of Normal_NC, I'm on board. I
> > > > > haven't seen such an enumeration so far.
> > > > >
> > > snip
> > > > > Right, so we have made a small step in the direction of mapping
> > > > > "prefetchable" onto "Normal_NC", thanks for that. What about all
> > > > > the other properties (unaligned accesses, ordering, gathering)?
> > > >
> > > Regarding gathering/write combining, that is also allowed to
> > > prefetchable per PCI spec
> >
> > As others have stated, gather/write combining itself is not well defined.
> >
> > > From 1.3.2.2 of 5/0 base spec:
> > > A PCI Express Endpoint requesting memory resources through a BAR must
> > > set the BAR's Prefetchable bit unless the range contains locations
> > > with read side-effects or locations in which the Function does not tolerate
> > write merging.
> >
> > "write merging" This is a very specific thing, per PCI 3.0, 3.2.6:
> >
> > Byte Merging – occurs when a sequence of individual memory writes
> > (bytes or words) are merged into a single DWORD.
> >
> > The semantics suggest quadword support in addition to dword, but don't
> > require it. Writes to bytes within a dword can be merged, but duplicate
> > writes cannot.
> >
> > It seems like an extremely liberal application to suggest that this one write
> > semantic encompasses full write combining semantics, which itself is not
> > clearly defined.
> >
> Talking to our PCIe SIG representative, PCIe switches are not allowed do any of the byte
> Merging/combining etc as defined in the PCI spec, and per a rather poorly
> worded Implementation note in the spec says that no known PCIe Host Briddges/Root
> ports do it either.
> So for PCIe we don't think believe there is any byte merging that happens in the PCIe
> fabric so it's really a matter of what happens in the CPU core and interconnect
> before it gets to the PCIe hierarchy.

Yes, but merged writes, no matter where they happen, are still the only
type of write combining that a prefetchable BAR on an endpoint is
required to support.

> Stepping back from this patchset, do you agree that it is desirable to support
> Write combining as understood by ioremap_wc to work in all ISA guests including
> ARMv8?

Yes, a userspace vfio driver should be able to take advantage of the
hardware capabilities. I think where we disagree is whether it's
universally safe to assume write combining based on the PCI
prefetchable capability of a BAR. If that's something that can be
assumed universally for ARMv8 based on the architecture specification
compatibility with the PCI definition of a prefetchable BAR, then I
would expect a helper somewhere in arch code that returns the right
page protection flags, so that arch maintainers don't need to scour
device drivers for architecture hacks. Otherwise, it needs to be
exposed through the vfio uAPI to allow the userspace device driver
itself to select these semantics.

> You note that x86 virtualization doesn't have this issue, but KVM-ARM does
> because KVM maps all device BARs as Device Memory type nGnRE which
> doesn't allow ioremap_wc from within the guest to get the actual semantics desired.
>
> Marc and others have suggested that userspace should provide the hints. But the
> question is how would qemu vfio do this either? We would be stuck in the same
> arguments as here, as to what is the correct way to determine the desired attributes
> for a given BAR such that eventually when a driver in the guest asks for
> ioremap_wc it actually has a chance of working in the guest, in all ISAs.
> Do you have any suggestions on how to make progress here?

We do need some way for userspace drivers to also make use of WC
semantics, there were some discussions in the past, I think others have
referenced them as well, but nothing has been proposed for a vfio API.

If we had that API, QEMU deciding to universally enable WC for all
vfio prefetchable BARs seems only marginally better than this approach.
Ultimately the mapping should be based on the guest driver semantics,
and if you don't have any visibility to that on KVM/arm like we have on
KVM/x86, then it seems like there's nothing to trigger a vfio API here
anyway.

If that's the case, I'd probably go back to letting the arch/arm64 folks
declare that WC is compatible with the definition of PCI prefetchable
and export some sort of pgprot_pci_prefetchable() helper where the
default would be to #define it as pgproc_noncached() #ifndef by the
arch.

> A device specific list of which BARs are OK to allow ioremap_wc for seems terrible
> and I'm not sure if a commandline qemu option is any better. Is the user of device
> assignment/sysadmin supposed to know which BAR of which device is OK to allow
> ioremap_wc for?

No, a device specific userspace driver should know such device
semantics, but QEMU is not such a driver. Burdening the hypervisor
user/admin is not a good solution either. I'd lean on KVM/arm64 folks
to know how the guest driver semantics can be exposed to the
hypervisor. Thanks,

Alex