From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 3E485A0613 for ; Wed, 25 Sep 2019 06:07:20 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 2407D2BE1; Wed, 25 Sep 2019 06:07:19 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by dpdk.org (Postfix) with ESMTP id ABFD82B91 for ; Wed, 25 Sep 2019 06:07:17 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id x8P46vi6004077; Tue, 24 Sep 2019 21:07:16 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=pfpt0818; bh=c3yV///Ef4o7t1bBrmX5QXe2dYJRj6NE5yAnb6J/Pxg=; b=syZtSTrWt04f74XlyUqUX2cIr0GvCOj8RKF6rsEgShLKP19BZPGcCJdUWWhvoHzyF1j4 /gU7NXuG6zqNypNokeJIznLxgAcOhKGeNH2hkCMc2j+8912xtncP7Sa5h/if8MJVon2Q JaQ93vfAfP3ozxI58ibmb95Ccgvz46ujtgpc5xi7/QlqsFXQ0ldeiSk1NpHLdgpoFBwa 7K0MWMx2I4S+Fkk8+v96sW5jBr7c5TO5u2wHii6VcmRNiMUV/Nl5HIVH08ptcQb8tBG0 Zu11SbgqJWH73P9OlRzpMx4Dz/KOz6fRq00/iAjIEMIWZKdHKGYxvpOECG9BP80og2v9 zw== Received: from sc-exch03.marvell.com ([199.233.58.183]) by mx0b-0016f401.pphosted.com with ESMTP id 2v80x2r01x-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 24 Sep 2019 21:07:16 -0700 Received: from SC-EXCH04.marvell.com (10.93.176.84) by SC-EXCH03.marvell.com (10.93.176.83) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Tue, 24 Sep 2019 21:06:26 -0700 Received: from NAM04-BN3-obe.outbound.protection.outlook.com (104.47.46.55) by SC-EXCH04.marvell.com (10.93.176.84) with Microsoft SMTP Server (TLS) id 15.0.1367.3 via Frontend Transport; Tue, 24 Sep 2019 21:06:25 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cvrH+nWF/JVV4tuBmhWpN6WaDNC4CLvWT3hHc0C7ysNxj5kKq4mkeV2GoEN9zFP6szwRRnszlz8HyzSW9fbFcsKsNW9pB7rE0xV6D+Zi6iG0T5S4UK1QrCuzUmROpNcfJPO/TkJ1nE1I9GWurX2mjof6X8Ayj+kuKewB/dnZgHQyU0gC7Yk6aOhNmsPoIrJ2Jl9mTeXJ7BtoI1zcYn7YJvOCklr6KvhWZHsRPAMqmS76WgntFs5UjSRNYxTP0oKbwjgocJUAruF764I043PU+km19Q4CBoVpRGSO2W5k6KuRCXRHYT3JGj5VaelP4UhQE1nfwsLUEg+5XpkW6oJLPA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=c3yV///Ef4o7t1bBrmX5QXe2dYJRj6NE5yAnb6J/Pxg=; b=I75KAz4y3dl05UMmjmp/DwpDFYf6vttVt1+D0apFPAI/4HI9ic5xZrn3XbUhDg6RSZlnVx90o7B62/yyRl6Q+8+jIFXt9gzR7BbCQNHOo82lAajl/tR+3ZamjmKy0+h0E3Ae1E5jCDhch0cFWxyHs2BLuob3a4v1QcheArvj4pshWRxfIjkUAsuuD93838zML2YSCduOS30KBB0WZk86eP+sudt66YONLnSuSCaR7C0PJr0QPZpdiRxlGJ3zHG2Mk0fzOlseBebXARZdjGGU6kUBZWZsyzxGmjJO6bL+Q/DKq7rZX6cNtcGYy/Osy1WHKqJeSZNXhlwmj51cjG4P4A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=marvell.com; dmarc=pass action=none header.from=marvell.com; dkim=pass header.d=marvell.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.onmicrosoft.com; s=selector2-marvell-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=c3yV///Ef4o7t1bBrmX5QXe2dYJRj6NE5yAnb6J/Pxg=; b=wB/9xwf0q/tzVaODPMcIx5AvhGpJELbw7kmffZq13sZLx8ucTy37Xh2HTN2/c/83fKY1sXskULt02GKl6xVK+t4NTOn04UTSccuXRRl3zAFW8gApnG47AkBU7C3fdlX+v5QTmEoEJin6PX4uqYjHB9LHYIlH0jVVS8pGhjK62Vc= Received: from MWHPR18MB1645.namprd18.prod.outlook.com (10.173.241.137) by MWHSPR00MB2530.namprd18.prod.outlook.com (10.173.126.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2284.25; Wed, 25 Sep 2019 04:06:24 +0000 Received: from MWHPR18MB1645.namprd18.prod.outlook.com ([fe80::e0e3:ce2c:587a:d607]) by MWHPR18MB1645.namprd18.prod.outlook.com ([fe80::e0e3:ce2c:587a:d607%7]) with mapi id 15.20.2284.023; Wed, 25 Sep 2019 04:06:24 +0000 From: Vamsi Krishna Attunuru To: Jerin Jacob Kollanukkaran , Thomas Monjalon CC: "dev@dpdk.org" Thread-Topic: [dpdk-dev] [PATCH v1 1/1] kernel/linux: introduce vfio_pf kernel module Thread-Index: AQHVZLbiijua7vdVa0SllwL3rLSKbKc74kmw Date: Wed, 25 Sep 2019 04:06:24 +0000 Message-ID: References: <20190906091230.13923-1-vattunuru@marvell.com> <1612178.XsdEgM4R2a@xps> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [14.140.231.66] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: c84e843f-4475-4898-af28-08d7416dbb30 x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(5600167)(711020)(4605104)(1401327)(4534185)(7168020)(4627221)(201703031133081)(201702281549075)(8990200)(2017052603328)(7193020); SRVR:MWHSPR00MB2530; x-ms-traffictypediagnostic: MWHSPR00MB2530: x-ms-exchange-purlcount: 2 x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-forefront-prvs: 01713B2841 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(366004)(136003)(39860400002)(396003)(346002)(376002)(13464003)(199004)(189003)(486006)(33656002)(446003)(14454004)(256004)(14444005)(55016002)(6306002)(9686003)(26005)(25786009)(476003)(7736002)(478600001)(66066001)(6506007)(110136005)(99286004)(316002)(102836004)(6436002)(53546011)(55236004)(186003)(5024004)(11346002)(966005)(6116002)(76176011)(74316002)(3846002)(305945005)(7696005)(81166006)(66446008)(64756008)(66946007)(66476007)(66556008)(81156014)(76116006)(8936002)(6246003)(4326008)(2906002)(71200400001)(229853002)(52536014)(8676002)(71190400001)(86362001)(5660300002); DIR:OUT; SFP:1101; SCL:1; SRVR:MWHSPR00MB2530; H:MWHPR18MB1645.namprd18.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: marvell.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: Nl/NiG6+0PCshl1YHZa7UHN/q1n683P8H13jyn60NEjeZ7w2e9/8itG/62ERe1pSIy1SVJZhVByuC9qPQ3naR4tNhW7qLvzdc6dM8OSqPjWTnxdnCJGWs4yu7ioM+mKZoxqyl6VDH76BjYLbj45eSxXR0Q1X9HU/dmdQyYnr05dC+0gqV9a+F3YmXsnNsVPotfA1rGqbmYlcObQ2bfe5r59J4bKlvdz8OE9pQflD66wQeN1NCo4z1bi7nXMs8jzm+AJ0HxbnnvUK63ACc0uoEWct6HDse9jYT5jESVmDYVWxv9kcaDWja0FqKekp7bQPUjB4s+crv5C3jgIdFAWbHeaoLu6G49hORqg3SHSG9rBiCUl67i3SUqVwfIpLLXeczGQtMefRrvZyDqfDMUKorF06B+JMxujiP5EcnAYsRi12maMlLBvqA/hHT91mYr5rAnqUi5k8DxgkBP3p0cg5XA== Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: c84e843f-4475-4898-af28-08d7416dbb30 X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Sep 2019 04:06:24.3005 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 70e1fb47-1155-421d-87fc-2e58f638b6e0 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 21Csr1mIh3uDHRylUX97NNCwCqwW6/azWnAI6CNw5pE5dnARBd2YhV36MK0m5GKNxXOc0VMAiYnipaOZd4mdLA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHSPR00MB2530 X-OriginatorOrg: marvell.com X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,1.0.8 definitions=2019-09-25_02:2019-09-23,2019-09-25 signatures=0 Subject: Re: [dpdk-dev] [PATCH v1 1/1] kernel/linux: introduce vfio_pf kernel module X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Hi, We would like to have these support in 19.11. Please let us know if there a= re any comments or suggestions, we can discuss and address accordingly. -----Original Message----- From: Jerin Jacob Kollanukkaran =20 Sent: Friday, September 6, 2019 6:58 PM To: Thomas Monjalon ; Vamsi Krishna Attunuru Cc: dev@dpdk.org Subject: RE: [dpdk-dev] [PATCH v1 1/1] kernel/linux: introduce vfio_pf kern= el module > -----Original Message----- > From: Thomas Monjalon > Sent: Friday, September 6, 2019 3:15 PM > To: Vamsi Krishna Attunuru > Cc: dev@dpdk.org; Jerin Jacob Kollanukkaran > Subject: Re: [dpdk-dev] [PATCH v1 1/1] kernel/linux: introduce vfio_pf=20 > kernel module >=20 > 06/09/2019 11:12, vattunuru@marvell.com: > > From: Vamsi Attunuru > > > > The DPDK use case such as VF representer or OVS offload etc would=20 > > call for PF and VF PCIe devices to bind vfio-pci module to enable=20 > > IOMMU protection. > > > > In addition to vSwitch use case, unlike, other PCI class of devices,=20 > > Network class of PCIe devices would have additional responsibility=20 > > on the PF devices such as promiscuous mode support etc. > > > > The above use cases demand VFIO needs bound to PF and its VF devices. > > This is use case is not supported in Linux kernel, due to a security=20 > > issue where it is possible to have DoS in case if VF attached to=20 > > guest over vfio-pci and netdev kernel driver runs on it and which=20 > > something VF representer would like to enable it. > > > > Since we can not differentiate, the vfio-pci bounded VF devices runs=20 > > DPDK application or netdev driver in guest, we can not introduce any=20 > > scheme to fix DoS case and therefore not have proper support of this=20 > > in the upstream kernel. > > > > The igb_uio enables such PF and VF binding support for non-iommu=20 > > devices to make VF representer or OVS offload run on non-iommu=20 > > devices with DoS vulnerability for netdev driver as VF. > > > > This kernel module, facilitate to enable SRIOV on PF devices,=20 > > therefore, to run both PF and VF devices in VFIO mode knowing its=20 > > impacts like igb_uio driver functions of non-iommu devices. > > > > Signed-off-by: Vamsi Attunuru > > Signed-off-by: Jerin Jacob >=20 > Sorry I fail to properly understand the explanation above. > Please try to split in shorter sentences. >=20 > About the request to add an out-of-tree Linux kernel driver, I guess=20 > Jerin is well aware that we don't want such anymore. Yes. I am aware of it. I don't like the out of tree modules either. But, Th= is case, I suggested Vamsi to have out of tree module. Let me describe the issue and let us discuss how to tackle the problem: # Linux kernel wont allow VFIO PF to have SRIOV enable. Patches and on going discussion are here: https://patchwork.kernel.org/patch/10522381/ https://lwn.net/Articles/748526/ Based on my understanding the reason for NOT allowing the VFIO PF to have S= RIOV enable is genuine from kernel point of View but not from DPDK point of= view. Here is the sequence to describe the problem 1) Consider Linux kernel allowed VFIO PCI SRIOV enable 2) PF bound to vfio-pci 3) using SRIOV infrastructure of vfio-pci PF driver, VFs are created 4) DPDK application bound to PF and VF, No issue here. 5) Assume DPDK application bound to PF and VF bound To netdev kernel driver= . Now, there is a genuine concern From kernel point of view that, DPDK PF = can intercept, VF mailbox message or so and deny the Kernel request Or what= if DPDK PF application crashes? To avoid the case (5), (3) is not allowed in stock kernel. Which makes sense IMO. Now, From DPDK PoV, step 5 is valid as we have Rte_flow's VF action etc use= d to enable such case. Where, user can program the PF's rte_flow to steer Some traffic to VF, wher= e VF can be, DPDK application or Linux kernel netdev driver. This patch enables the step (3) to enable step (5) from DPDK PoV. i.e DPDK = needs to allow PF to bind to DPDK with VFs. Why this issue now: - igb_uio kernel driver is used as enabling step (3) See store_max_vfs() ke= rnel/linux/igb_uio/igb_uio.c This is fine for non-iommu device, IOMMU devi= ces needs VFIO. - We would like support VFIO for IOMMU protection And enable step (5) as DP= DK supports form the spec level. i.e need to fix feature disparity between iommu vs non-iommu based devices. Note: We may not need a brand new kernel module, we could move this logic to igb= _uio if maintenance is concern. =20 =20 =20 -=20 =20 >=20