[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v5 01/11] xen/arm: xc_domain_ioport_permission(..) not supported on ARM.

  • To: Bertrand Marquis <Bertrand.Marquis@xxxxxxx>
  • From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Date: Mon, 11 Oct 2021 15:57:25 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Gm9m+9orQmzua+6Wo8MR9/V5ClYmSSzecC45NNKeIFg=; b=XTQpDVXuKh8eVrkGLZIs13UsD5ZORp1YFgFjVIfgpHxDFme2V379u6EUw7oa5ldhpyoYFs5K+aA9Hjjy9wWdKJRVE3Bog/vPxcqDQWJAKxrP4/7ZAoYIi99nnR3VNacMK2dn53t5Kf+IeU4G0Gwf9F6FgZiO25sOh+JbIMnTsWW2LYUBWzMLiJ/Gk6GKkNTh7/y0e7TTWWlfo78kcxaaD7TaawZdeVJe7K7DLwUagOTHkh5x+xyjHWtGXWKfi+2SptKVoWDfICBjAWomeUT2ZtyA3PrHYDAvxAOgqYTLD3hS62v9haJZV9fAlDboXrUQqemSFXKcxBo206KKrhPRDA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MLGhdy017rI6ywLKUKphu1CDx510SvChFO7XHfZGko/qX70bu0HdXy253Yz6r0PMEn68cnYhD/Sgz/W0R2AWJQjbJQgYNOP7XPyu0PKXD/w04lWYIJb1+MGA+SZ80hUkuebsCyUFSaq18SJidyukYM7htZ07N182amaG8NGeUxGl6rFQuHtXF2aXux6CQ6be+KH13HCrIQ70KwU7K/VnUeV1dKm4BnDeG5EcMuztvbmww8G9w68/A9UzWIIfJpkHv+cRhCd4wRwoH8nymQUnB9VxXE3VR4TtMe4hqH8qpFoUaLfFKp/x8J76CXTZ364K0PNoApOdHkq0u3584Re6YA==
  • Authentication-results: esa6.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: Oleksandr Andrushchenko <Oleksandr_Andrushchenko@xxxxxxxx>, Rahul Singh <Rahul.Singh@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Andre Przywara <Andre.Przywara@xxxxxxx>, Ian Jackson <iwj@xxxxxxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>
  • Delivery-date: Mon, 11 Oct 2021 13:57:39 +0000
  • Ironport-data: A9a23:R9sxg6nmjbBjzBr/e0/KQino5gz1IERdPkR7XQ2eYbSJt1+Wr1Gzt xJNXGuDM66LamTzLdAkaY7k9ElTu5GAnNBhHAA9ryBmFCMWpZLJC+rCIxarNUt+DCFioGGLT Sk6QoOdRCzhZiaE/n9BClVlxJVF/fngqoDUUYYoAQgsA185IMsdoUg7wbdg2tcx2YHR7z6l4 rseneWOYDdJ5BYsWo4kw/rrRMRH5amaVJsw5zTSVNgT1LPsvyB94KE3fMldG0DQUIhMdtNWc s6YpF2PEsE1yD92Yj+tuu6TnkTn2dc+NyDW4pZdc/DKbhSvOkXee0v0XRYRQR4/ttmHozx+4 OtCtKC+VjsvAvDzocRBcBtyLGJRJ4QTrdcrIVDn2SCS50jPcn+qyPRyFkAme4Yf/46bA0kXq 6ZecmpUKEne2aTmm9pXScE17ignBNPsM44F/Glp0BnSDOo8QICFSKLPjTNd9Gps1p4WQauHD yYfQQp+MBHNXQ9FBn0WD6M1xOW0xUakfgQN/Tp5ooJoujOOnWSdyoPFL979atGMA8JPkS6wp 33E13T0BAkAM96SwibD9Wij7sfUhj/yUo8WELy+99ZpjUeVy2hVDwcZPXO5ruO+kVWWQM9EJ gof/S9GhYE0+FamCOHnTQynqWSNlhcGXpxbFOhSwCaJx6nP6gCVHF8tSDJbdccmv887Qz8t/ lKRltavDjtq2JW/RGiB7L6SoXWXMDIMMG4ZTSYeSE0O5NyLiJE+iFfDQ8huFIaxj8bpAnfgz jaSti88ir4Py8kR2M2Tx1nHnjbqnZnPQQ4d7x/SGGmi62tEiJWNPtLyrwKBtLAZcdjfHgLpU GU4d9a20u8PMZ+SqCqxHdo0PO2K5dy6cxLGqAs6d3U+zAiF93mmdIFWxThxIkZ1L8oJEQPUj F/vVRB5v8ALYiP7BUNjS8foUZ5ylPm/fTjwfqmMNoImX3RnSOOQEMiCj2ar1GfxjFNkr6g7P ZqKGSpHJSdHUfo5pNZaquF07FPK+szc7T+DLXwY507+uVZ7WJJzYe1YWLdpRrpohJ5oWC2Pr 75i2zKikn2zqtHWbCjN6pI0JlsXN3U9Dp2eg5UJLbXTc1I5QTh9VaS5LVYdl2pNxP49egDgp CDVZ6Ol4ACn2S2vxfuiOxiPl48Drb4g9ClmbETAzH6j2mQ5YJbH0UvsX8BfQFXTz8Q6laQcZ 6BcI62oW60TIhyaq2V1RcSs9+RKKUX07T9iygL4OVDTibY7HFeXkjIlFyOynBQz4t2f7JNk/ eL7jF+HGPLuhW1KVa7rVR5m9Hvo1VA1k+NuRUrYZN5VfUTn6o9xLCLtyPQwJqkxxd/rm1N2D i6aXkUVo/fjuYgw/IWbjKyItd7xQeB/AlBbDy/Q6rPvbXvW+W+qwIlhVueUfG+CCDOoqfv6P egFnevhNPAnnUpRt9YuGbhc0q9jtcDkoKVXz1o4ESyTPUirEL5pPlKPwdJL6v9W3rZctAbvA hCP99BWNK+nIsTgFFJNdgMpYv7ajaMfmyXI7ORzK0L/vXcl8L2CWERUHh+NlC0Cc+clbNJ7m b8s4ZdE5Ra+hxwmNse9ohpVr2ncfGYdV6gHt40BBNO5gAQc1VwfM4fXDTX74c/TZowUYFUqO DKdmIHLm69YmhjZa3M2GHXAgbhdiJAJtEwYxVMOPQ3UyN/Mh/tx1xxN6zUnCA9Sy0wfge50P 2FqMWxzJLmPoGg01JQSATj0FlETHgCd92zw10ANxT/QQESfX2DQKHEwZLSW90cD/mMAJjVW8 dl0Eoo+veoGqC0p4hYPZA==
  • Ironport-hdrordr: A9a23:TJpAW6tsOW2Hxk9JAmqRMeTJ7skDctV00zEX/kB9WHVpm6uj5q eTdZUgpHvJYVMqM03I9urtBEDtexzhHP1OgbX5X43NYOCOggLBRuxfBODZogHIKmnT8fNcyL clU4UWMqyUMbGit7eY3OBvKadD/OW6
  • Ironport-sdr: pHlAMyrXCFajDoqAi5tU8v0JGit3yd3x6yASQvOQf3XKYfGEVnOwVma0u87SR1tl0qDtRVzbLw 1/vFmtu3ebvDZ0R+dMyFgPFWJCdX8EZ8tHh2jJdipuTa5OTJ5u+H4Zp5krwes7lq5aT/xtp9Hp YMne8OcnIKQDf+htxBWOu/x6Kw3lYBz9Ic5agQ7lOLKu5wQQ5z+LwJjCLuzHpoAlmw6oHZp5b9 84hrweBm/Fg8qkQGRo3OnPk7oDmgHpzRuv7Hr2KQwV5mTTBH+oW8SZPcxv0NbN9fR+TON+YDl5 ik3c92yigyQ1oDILUHqn+2k6
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On Mon, Oct 11, 2021 at 01:40:30PM +0000, Bertrand Marquis wrote:
> Hi Roger,
> 
> + Oleksandr to have a better PCI expert then me.
> 
> > On 11 Oct 2021, at 14:20, Roger Pau Monné <roger.pau@xxxxxxxxxx> wrote:
> > 
> > On Mon, Oct 11, 2021 at 12:11:04PM +0000, Bertrand Marquis wrote:
> >> Hi Roger,
> >> 
> >>> On 11 Oct 2021, at 12:47, Roger Pau Monné <roger.pau@xxxxxxxxxx> wrote:
> >>> 
> >>> On Wed, Oct 06, 2021 at 06:40:27PM +0100, Rahul Singh wrote:
> >>>> ARM architecture does not implement I/O ports. Ignore this call on ARM
> >>>> to avoid the overhead of making a hypercall just for Xen to return
> >>>> -ENOSYS.
> >>> 
> >>> What is the cal trace of this function actually on Arm?
> >>> 
> >>> AFAICT libxl will only call xc_domain_ioport_permission if there are
> >>> IO ports explicitly defined in the guest configuration, or if any of
> >>> the BARs of the PCI device is in the IO space, which is not possible
> >>> on Arm.
> >> 
> >> PCI devices BARs can be in the IO space as the PCI devices are not
> >> Arm specific. There is not ioports on arm so to be used those can be
> >> in some cases remapped and accessed as MMIOs or are not possible
> >> to use at all.
> >> 
> >> But the IO space does appear when BARs are listed even on Arm.
> > 
> > Urg, I wonder whether those devices with IO BARs will work correctly
> > under Arm then.
> > 
> > How do you know whether the BAR has been remapped from IO space into
> > MMIO?
> 
> We cannot, I think the platform will define if this is the case and where.
> @oleksandr: I remember that this was discussed during some of our
> meetings but I have no idea of the details here, can you help ?
> 
> > 
> > IMO instead of faking a successful return value from
> > xc_domain_ioport_permission we should avoid the call completely in the
> > first place, specially if we need to instead issue a call to
> > xc_domain_iomem_permission.
> 
> At the end we will never have to issue this because this will never be a 
> matter
> of “iomem” permission as there would not be any way to cut on something under
> the page. If this is to be supported one day, it will probably have to be 
> fully emulated
> to keep the isolation.

So you have a set of memory pages that map accesses from
MMIO into IO space but it's not possible to isolate specific IO port
regions as they are all contiguous in the same page(s).

> Right now on arm you can just make the more simple assumption that ioports are
> just not supported.

Would it make sense in the future to provide a memory region to guests
in order to use for IO port accesses, and call
xc_domain_ioport_permission to set which ports would be allowed?

I think the commit message needs to at least be expanded in order to
contain the information provided here. It might also be helpful to
figure out whether we would have to handle IO port accesses in the
future on Arm, or if it's fine to just ignore them.

Thanks, Roger.

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.