[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v5 01/11] xen/arm: xc_domain_ioport_permission(..) not supported on ARM.

  • To: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • From: Bertrand Marquis <Bertrand.Marquis@xxxxxxx>
  • Date: Mon, 11 Oct 2021 17:11:31 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=3zgwV/V/LAzdrofH2bmODNKRUygFZoH0srIdTPBfcnk=; b=T+enonhqtT7uQpkZ3m8UncU/VfTph87KCvVnBvKPJbs/YfEN21x/6h9q9h8+JfpTWl8+JgyiCWrlnrjErjYJAufGJe0u6jywkqs6nYVvTqEdUDgMj8FW3wKmXxNDtdWoEx5lM/a/B/IQAznjyZGtNptfsXygXMY3f8D5NMyKT97BOI4jugfTfqJdAk2aCje4hUocD39aQgEenUrJTzZns4gF665OQuB0k4oX1nb22Y145cbwWKLEVlKdsEnh5fZqBXH3XQInf8Ax5HeGB7PHqR9l8lXQ5ZumwWoY36omHf2eRXLx5OE8RRl9wynbW4PwNza4y4qqV6Dd9Qfs3iafSg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kmYUuxEwdUwXtJxP9kqUor9ROgU8d21Ptju2OK+03vR/6rgcAF6mafN96s32UcUpryePZ7Yf3TiaUB4FrAvqXQn2klPTKVcvE+ROSDejmgeyQqAkkBeaM5RCutWtxKLK82zFejq/oumf2cpnSfBS087DzTuspbOwy+q1JqLH8rDfpHC6LTzO3NLxMloAI8rfc7MFkkpwR6VmxadgDIc+FCB5CwPL2PWXDI1bb3DLpVL/7rjB7Y68JIwKGxa7zI1aYR6WvVqkqMfofVipQW/rqD5PqRw/sYsorZuBYR+LwZSzThnqf4dNMjqvWQyf+Up407NDUu/E2XOxPfw+G1iPKg==
  • Authentication-results-original: citrix.com; dkim=none (message not signed) header.d=none;citrix.com; dmarc=none action=none header.from=arm.com;
  • Cc: Oleksandr Andrushchenko <Oleksandr_Andrushchenko@xxxxxxxx>, Rahul Singh <Rahul.Singh@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Andre Przywara <Andre.Przywara@xxxxxxx>, Ian Jackson <iwj@xxxxxxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>
  • Delivery-date: Mon, 11 Oct 2021 17:13:26 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Nodisclaimer: true
  • Original-authentication-results: citrix.com; dkim=none (message not signed) header.d=none;citrix.com; dmarc=none action=none header.from=arm.com;
  • Thread-index: AQHXutl5d8zkP9bsD0GXT4+5QPGclKvNtfkAgAAGc4CAABOEAIAABXoAgAAEuYCAAAVHAIAAJiWAgAAK0IA=
  • Thread-topic: [PATCH v5 01/11] xen/arm: xc_domain_ioport_permission(..) not supported on ARM.
Hi Roger,

> On 11 Oct 2021, at 17:32, Roger Pau Monné <roger.pau@xxxxxxxxxx> wrote:
> 
> On Mon, Oct 11, 2021 at 02:16:19PM +0000, Bertrand Marquis wrote:
>> Hi Roger,
>> 
>>> On 11 Oct 2021, at 14:57, Roger Pau Monné <roger.pau@xxxxxxxxxx> wrote:
>>> 
>>> On Mon, Oct 11, 2021 at 01:40:30PM +0000, Bertrand Marquis wrote:
>>>> Hi Roger,
>>>> 
>>>> + Oleksandr to have a better PCI expert then me.
>>>> 
>>>>> On 11 Oct 2021, at 14:20, Roger Pau Monné <roger.pau@xxxxxxxxxx> wrote:
>>>>> 
>>>>> On Mon, Oct 11, 2021 at 12:11:04PM +0000, Bertrand Marquis wrote:
>>>>>> Hi Roger,
>>>>>> 
>>>>>>> On 11 Oct 2021, at 12:47, Roger Pau Monné <roger.pau@xxxxxxxxxx> wrote:
>>>>>>> 
>>>>>>> On Wed, Oct 06, 2021 at 06:40:27PM +0100, Rahul Singh wrote:
>>>>>>>> ARM architecture does not implement I/O ports. Ignore this call on ARM
>>>>>>>> to avoid the overhead of making a hypercall just for Xen to return
>>>>>>>> -ENOSYS.
>>>>>>> 
>>>>>>> What is the cal trace of this function actually on Arm?
>>>>>>> 
>>>>>>> AFAICT libxl will only call xc_domain_ioport_permission if there are
>>>>>>> IO ports explicitly defined in the guest configuration, or if any of
>>>>>>> the BARs of the PCI device is in the IO space, which is not possible
>>>>>>> on Arm.
>>>>>> 
>>>>>> PCI devices BARs can be in the IO space as the PCI devices are not
>>>>>> Arm specific. There is not ioports on arm so to be used those can be
>>>>>> in some cases remapped and accessed as MMIOs or are not possible
>>>>>> to use at all.
>>>>>> 
>>>>>> But the IO space does appear when BARs are listed even on Arm.
>>>>> 
>>>>> Urg, I wonder whether those devices with IO BARs will work correctly
>>>>> under Arm then.
>>>>> 
>>>>> How do you know whether the BAR has been remapped from IO space into
>>>>> MMIO?
>>>> 
>>>> We cannot, I think the platform will define if this is the case and where.
>>>> @oleksandr: I remember that this was discussed during some of our
>>>> meetings but I have no idea of the details here, can you help ?
>>>> 
>>>>> 
>>>>> IMO instead of faking a successful return value from
>>>>> xc_domain_ioport_permission we should avoid the call completely in the
>>>>> first place, specially if we need to instead issue a call to
>>>>> xc_domain_iomem_permission.
>>>> 
>>>> At the end we will never have to issue this because this will never be a 
>>>> matter
>>>> of “iomem” permission as there would not be any way to cut on something 
>>>> under
>>>> the page. If this is to be supported one day, it will probably have to be 
>>>> fully emulated
>>>> to keep the isolation.
>>> 
>>> So you have a set of memory pages that map accesses from
>>> MMIO into IO space but it's not possible to isolate specific IO port
>>> regions as they are all contiguous in the same page(s).
>> 
>> Exact.
>> 
>>> 
>>>> Right now on arm you can just make the more simple assumption that ioports 
>>>> are
>>>> just not supported.
>>> 
>>> Would it make sense in the future to provide a memory region to guests
>>> in order to use for IO port accesses, and call
>>> xc_domain_ioport_permission to set which ports would be allowed?
>> 
>> Right now we do not plan to support this at all and we will have to
>> figure this out if we do this one day.
>> 
>>> 
>>> I think the commit message needs to at least be expanded in order to
>>> contain the information provided here. It might also be helpful to
>>> figure out whether we would have to handle IO port accesses in the
>>> future on Arm, or if it's fine to just ignore them.
>> 
>> All our investigations and tests have been done without supporting it
>> without any issues so this is not a critical feature (most devices can
>> be operated without using the I/O ports).
> 
> IMO we should let the users know they attempted to use a device with
> BARs in the IO space, and that those BARs won't be accessible which
> could make the device not function as expected.
> 
> Do you think it would be reasonable to attempt the hypercall on Arm
> also, and in case of error (on Arm) just print a warning message and
> continue operations as normal?

I think this would lead to a warning printed on lots of devices where in
fact there would be no issues.

If this is an issue for a device driver because it cannot operate without
I/O ports, this will be raised by the driver inside the guest.

So in the current state I think the way to do it is right.

Regards
Bertrand

> 
> Thanks, Roger.

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.