[PATCH v3 13/16] Documentation: userspace-api: iommufd: Update vDEVICE

From: Nicolin Chen
Date: Wed Oct 09 2024 - 12:44:12 EST

Next message: Nicolin Chen: "[PATCH v3 11/16] iommufd/selftest: Add IOMMU_TEST_OP_DEV_CHECK_CACHE test command"
Previous message: Nicolin Chen: "[PATCH v3 07/16] iommufd: Allow hwpt_id to carry viommu_id for IOMMU_HWPT_INVALIDATE"
In reply to: Nicolin Chen: "[PATCH v3 07/16] iommufd: Allow hwpt_id to carry viommu_id for IOMMU_HWPT_INVALIDATE"
Next in thread: Nicolin Chen: "[PATCH v3 11/16] iommufd/selftest: Add IOMMU_TEST_OP_DEV_CHECK_CACHE test command"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

With the introduction of the new object and its infrastructure, update the
doc and the vIOMMU graph to reflect that.

Signed-off-by: Nicolin Chen <nicolinc@xxxxxxxxxx>
---
Documentation/userspace-api/iommufd.rst | 58 ++++++++++++++++++-------
1 file changed, 42 insertions(+), 16 deletions(-)

diff --git a/Documentation/userspace-api/iommufd.rst b/Documentation/userspace-api/iommufd.rst
index 37eb1adda57b..3c27cc92c2cb 100644
--- a/Documentation/userspace-api/iommufd.rst
+++ b/Documentation/userspace-api/iommufd.rst
@@ -94,6 +94,19 @@ Following IOMMUFD objects are exposed to userspace:
backed by corresponding vIOMMU objects, in which case a guest OS would do
the "dispatch" naturally instead of VMM trappings.

+ - IOMMUFD_OBJ_VDEVICE, representing a virtual device for an IOMMUFD_OBJ_DEVICE
+ against an IOMMUFD_OBJ_VIOMMU. This virtual device holds the device's virtual
+ information or attributes (related to the vIOMMU) in a VM. An immediate vDATA
+ example can be the virtual ID of the device on a vIOMMU, which is a unique ID
+ that VMM assigns to the device for a translation channel/port of the vIOMMU,
+ e.g. vSID of ARM SMMUv3, vDeviceID of AMD IOMMU, and vID of Intel VT-d to a
+ Context Table. Potential use cases of some advanced security information can
+ be forwarded via this object too, such as security level or realm information
+ in a Confidential Compute Architecture. A VMM should create a vDEVICE object
+ to forward all the device information in a VM, when it connects a device to a
+ vIOMMU, which is a separate ioctl call from attaching the same device to an
+ HWPT_PAGING that the vIOMMU holds.
+
All user-visible objects are destroyed via the IOMMU_DESTROY uAPI.

The diagrams below show relationships between user-visible objects and kernel
@@ -133,23 +146,26 @@ creating the objects and links::
|____________| |____________| |______|

_______________________________________________________________________
- | iommufd (with vIOMMU) |
+ | iommufd (with vIOMMU/vDEVICE) |
| |
- | [5] |
- | _____________ |
- | | | |
- | [1] | vIOMMU | [4] [2] |
- | ________________ | | _____________ ________ |
- | | | | [3] | | | | | |
- | | IOAS |<---|(HWPT_PAGING)|<---| HWPT_NESTED |<--| DEVICE | |
- | |________________| |_____________| |_____________| |________| |
- | | | | | |
- |_________|____________________|__________________|_______________|_____|
- | | | |
- | ______v_____ ______v_____ ___v__
- | PFN storage | (paging) | | (nested) | |struct|
- |------------>|iommu_domain|<----|iommu_domain|<----|device|
- |____________| |____________| |______|
+ | [5] [6] |
+ | _____________ _____________ |
+ | | | | | |
+ | |----------------| vIOMMU |<---| vDEVICE |<----| |
+ | | | | |_____________| | |
+ | | | | | |
+ | | [1] | | [4] | [2] |
+ | | ______ | | _____________ _|______ |
+ | | | | | [3] | | | | | |
+ | | | IOAS |<---|(HWPT_PAGING)|<---| HWPT_NESTED |<--| DEVICE | |
+ | | |______| |_____________| |_____________| |________| |
+ | | | | | | |
+ |______|________|______________|__________________|_______________|_____|
+ | | | | |
+ ______v_____ | ______v_____ ______v_____ ___v__
+ | struct | | PFN | (paging) | | (nested) | |struct|
+ |iommu_device| |------>|iommu_domain|<----|iommu_domain|<----|device|
+ |____________| storage|____________| |____________| |______|

1. IOMMUFD_OBJ_IOAS is created via the IOMMU_IOAS_ALLOC uAPI. An iommufd can
hold multiple IOAS objects. IOAS is the most generic object and does not
@@ -212,6 +228,15 @@ creating the objects and links::
the vIOMMU object and the HWPT_PAGING, then this vIOMMU object can be used
as a nesting parent object to allocate an HWPT_NESTED object described above.

+6. IOMMUFD_OBJ_VDEVICE can be only manually created via the IOMMU_VDEVICE_ALLOC
+ uAPI, provided a viommu_id for an iommufd_viommu object and a dev_id for an
+ iommufd_device object. The vDEVICE object will be the binding between these
+ two parent objects. Another @virt_id will be also set via the uAPI providing
+ the iommufd core an index to store the vDEVICE object to a vDEVICE array per
+ vIOMMU. If necessary, the IOMMU driver may choose to implement a vdevce_alloc
+ op to init its HW for virtualization feature related to a vDEVICE. Successful
+ completion of this operation sets up the linkages between vIOMMU and device.
+
A device can only bind to an iommufd due to DMA ownership claim and attach to at
most one IOAS object (no support of PASID yet).

@@ -225,6 +250,7 @@ User visible objects are backed by following datastructures:
- iommufd_hwpt_paging for IOMMUFD_OBJ_HWPT_PAGING.
- iommufd_hwpt_nested for IOMMUFD_OBJ_HWPT_NESTED.
- iommufd_viommu for IOMMUFD_OBJ_VIOMMU.
+- iommufd_vdevice for IOMMUFD_OBJ_VDEVICE

Several terminologies when looking at these datastructures:

--
2.43.0

Next message: Nicolin Chen: "[PATCH v3 11/16] iommufd/selftest: Add IOMMU_TEST_OP_DEV_CHECK_CACHE test command"
Previous message: Nicolin Chen: "[PATCH v3 07/16] iommufd: Allow hwpt_id to carry viommu_id for IOMMU_HWPT_INVALIDATE"
In reply to: Nicolin Chen: "[PATCH v3 07/16] iommufd: Allow hwpt_id to carry viommu_id for IOMMU_HWPT_INVALIDATE"
Next in thread: Nicolin Chen: "[PATCH v3 11/16] iommufd/selftest: Add IOMMU_TEST_OP_DEV_CHECK_CACHE test command"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]