Re: [PATCH v2 3/5] vfio/iommu_type1: Remove the domain->ops comparison

From: Robin Murphy
Date: Fri Jun 24 2022 - 14:32:06 EST

Next message: Paul Cercueil: "Re: [PATCH v2] brcmfmac: Remove #ifdef guards for PM related functions"
Previous message: Matthias Kaehlcke: "Re: [PATCH v1 1/2] PCI: qcom: Add system PM support"
In reply to: Jason Gunthorpe: "Re: [PATCH v2 3/5] vfio/iommu_type1: Remove the domain->ops comparison"
Next in thread: Jason Gunthorpe: "Re: [PATCH v2 3/5] vfio/iommu_type1: Remove the domain->ops comparison"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2022-06-24 14:16, Jason Gunthorpe wrote:

On Wed, Jun 22, 2022 at 08:54:45AM +0100, Robin Murphy wrote:

On 2022-06-16 23:23, Nicolin Chen wrote:

On Thu, Jun 16, 2022 at 06:40:14AM +0000, Tian, Kevin wrote:

The domain->ops validation was added, as a precaution, for mixed-driver
systems. However, at this moment only one iommu driver is possible. So
remove it.

It's true on a physical platform. But I'm not sure whether a virtual platform
is allowed to include multiple e.g. one virtio-iommu alongside a virtual VT-d
or a virtual smmu. It might be clearer to claim that (as Robin pointed out)
there is plenty more significant problems than this to solve instead of simply
saying that only one iommu driver is possible if we don't have explicit code
to reject such configuration. 😊

Will edit this part. Thanks!

Oh, physical platforms with mixed IOMMUs definitely exist already. The main
point is that while bus_set_iommu still exists, the core code effectively
*does* prevent multiple drivers from registering - even in emulated cases
like the example above, virtio-iommu and VT-d would both try to
bus_set_iommu(&pci_bus_type), and one of them will lose. The aspect which
might warrant clarification is that there's no combination of supported
drivers which claim non-overlapping buses *and* could appear in the same
system - even if you tried to contrive something by emulating, say, VT-d
(PCI) alongside rockchip-iommu (platform), you could still only describe one
or the other due to ACPI vs. Devicetree.

Right, and that is still something we need to protect against with
this ops check. VFIO is not checking that the bus's are the same
before attempting to re-use a domain.

So it is actually functional and does protect against systems with
multiple iommu drivers on different busses.

But as above, which systems *are* those? Everything that's on my radar would have drivers all competing for the platform bus - Intel and s390 are somewhat the odd ones out in that respect, but are also non-issues as above. FWIW my iommu/bus dev branch has got as far as the final bus ops removal and allowing multiple driver registrations, and before it allows that, it does now have the common attach check that I sketched out in the previous discussion of this.

It's probably also noteworthy that domain->ops is no longer the same domain->ops that this code was written to check, and may now be different between domains from the same driver.

Thanks,
Robin.

Next message: Paul Cercueil: "Re: [PATCH v2] brcmfmac: Remove #ifdef guards for PM related functions"
Previous message: Matthias Kaehlcke: "Re: [PATCH v1 1/2] PCI: qcom: Add system PM support"
In reply to: Jason Gunthorpe: "Re: [PATCH v2 3/5] vfio/iommu_type1: Remove the domain->ops comparison"
Next in thread: Jason Gunthorpe: "Re: [PATCH v2 3/5] vfio/iommu_type1: Remove the domain->ops comparison"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]