RE: [PATCH] vfio/pci: Add DVSEC PCI Extended Config Capability to user visible list.

[Tian, Kevin]

> From: Jason Gunthorpe <jgg@xxxxxxxx>
> Sent: Monday, March 6, 2023 9:58 PM
> 
> On Fri, Mar 03, 2023 at 05:54:26AM +0000, K V P, Satyanarayana wrote:
> > Intel Platform Monitoring Technology (PMT) support is indicated by
> presence
> > of an Intel defined PCIe Designated Vendor Specific Extended Capabilities
> > (DVSEC) structure with a PMT specific ID.However DVSEC structures may
> also
> > be used by Intel to indicate support for other features. The Out Of Band
> Management
> > Services Module (OOBMSM) uses DVSEC to enumerate several features,
> including PMT.
> >
> > The current VFIO driver does not pass DVSEC capabilities to virtual machine
> (VM)
> > which makes intel_vsec driver not to work in the VM. This series adds
> DVSEC
> > capability to user visible list to allow its use with VFIO.
> >
> > Signed-off-by: K V P Satyanarayana <satyanarayana.k.v.p@xxxxxxxxx>
> > ---
> >  drivers/vfio/pci/vfio_pci_config.c | 8 ++++++++
> >  1 file changed, 8 insertions(+)
> 
> Wasn't the IDXD/SIOV team proposing to use the fact that DVSEC doesn't
> propogate to indicate that IMS doesn't work?
> 
> Did this plan get abandoned? It seems at odds with this patch.

No. Guest IMS will be indicated via hypercall/vIR as planned. 

> 
> Why would you use a "Platform Monitoring Technology" device with VFIO
> anyhow?

Ack. I guess it's a monitoring capability per PCI device to form a
platform-level monitoring technology. But w/o all those background
and usage description it's really strange to pass a 'platform' capability
into a guest.

> 
> Honestly I'm a bit reluctant to allow arbitary config space, some of
> the stuff people put there can be dangerous.
> 

Probably an allowed list to manage which DVSEC ID can be exposed
to userspace via vfio-pci, e.g. if the PMT ID in this patch is proved
to be safe for a meaningful usage?