From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id DFED6A2F6B for ; Tue, 8 Oct 2019 07:07:50 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 267F01BFFB; Tue, 8 Oct 2019 07:07:50 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by dpdk.org (Postfix) with ESMTP id 3B4EB1BFEE for ; Tue, 8 Oct 2019 07:07:49 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id x984xeeP001665; Mon, 7 Oct 2019 22:07:47 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=pfpt0818; bh=q90CckPhg/X6VnhqRx20Ec14YeR/LkF8azsDvkaSVYQ=; b=eDFc6nRyFGAL0n3eWXwzuNr8osmHcyFRSjB9cgDh1hH7FALqBq+ih2p1HPpTeXpOn9Lx j7bwSXle2z6ItPNElwj1qAmcnlrjB6ntRoF/bfjwnKhTORcDK51vil8zRsy67y6qvL+h zAyRFXvOsQmZ6UynL0c+QTsT5o8gRFL6r8LTlCxvMSg1m/QCFo13aihv3NndY3KnA4bn e5k5i1fZ6KWONPFLfu7O9MmjODz/fwcP0txYjx3GVCRz+DckfpGONxv0XfHSItDAyjEB OW7xNo/uyD0bG72WMKRwkuXfZljcc9ZKOiigTXIryqXx4qW+rOM5f/l3z3ftELDWWI15 nw== Received: from sc-exch01.marvell.com ([199.233.58.181]) by mx0a-0016f401.pphosted.com with ESMTP id 2vg3n8kwyx-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 07 Oct 2019 22:07:47 -0700 Received: from SC-EXCH04.marvell.com (10.93.176.84) by SC-EXCH01.marvell.com (10.93.176.81) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Mon, 7 Oct 2019 22:07:46 -0700 Received: from NAM02-BL2-obe.outbound.protection.outlook.com (104.47.38.58) by SC-EXCH04.marvell.com (10.93.176.84) with Microsoft SMTP Server (TLS) id 15.0.1367.3 via Frontend Transport; Mon, 7 Oct 2019 22:07:46 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=n521aZYYhJHGZCAOnn7h3VFzYFzKT6xg/i3Ngbsc9SrOvuKCtpJqk3kocbbm3OI/YwnlXsbi+ONr2IkRkqSdxjc2rah9+ahSvGwtGrOt1WlCZd3wZYe/fmW6w8NMcdroaaZUNuf8aV/xBLxNNxSdTuA0x2tIky1cIkJWygUDiSHuexX4OSsTIfzzGGnwNJDxhkkUfNsypxJeWYOUgUMUs2efxLaDI6fpbZ57fjAD++fX6Wn/n/MRDdQaQ+H4kWXjyobCbEqpmd5ye3lECk3pmz2Rd3gkJYFnPcfp6FJm6tMxpUJ4VsmkLy+tCQ3PLqU+ldYn+SUu+zgaZA9GkEjcbg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=q90CckPhg/X6VnhqRx20Ec14YeR/LkF8azsDvkaSVYQ=; b=MCMugqr6DqpKdpN7PnHEN0ub+ZotnrrFlW3MXD93cmX0mgTQk8AexEqGJbCfq+dvx606JZpI/cko4hmtv9dl9dYJxJuiyH8mKh7b+H5x7RdH04J7IJ+xkWUjyitpamBMwS3vp/nisFUmMaSZSXV8v0HNxd7ocDtpT7suNL2o3k75oDxowpa2mYIUnkVBKfG9Sa+pVXiUkSTjemEJkxfcpT9XHA/0nkF/O5yKLOQZLglO/O+x+rX2mNb2ijytoxxGuDf9L4YZlFhdDX8qgC2RaL4o0SBy9R8TP/l4mnSRJwz2Q/oo4T2bsP1rAssOToNRce56qKIk25MOZ8IDdKyY+A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=marvell.com; dmarc=pass action=none header.from=marvell.com; dkim=pass header.d=marvell.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.onmicrosoft.com; s=selector2-marvell-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=q90CckPhg/X6VnhqRx20Ec14YeR/LkF8azsDvkaSVYQ=; b=M+RheulG9m1tWHNytRz5KFO7mowYNY+Ogw2SK5M5PtOgZu1aV2RYN/y8d5SPbxYxbyBpz4zvyxrStDIjX3nj/fJYXDWTStfHKAsZd88yIjWpWbAKxo0i18cwF4otzak437F1O8Pau2Fm/BW5gIogOKR4FdH1jSgiXEC6s48E8N4= Received: from MWHPR18MB1645.namprd18.prod.outlook.com (10.173.241.137) by MWHPR18MB1405.namprd18.prod.outlook.com (10.175.4.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2327.24; Tue, 8 Oct 2019 05:07:44 +0000 Received: from MWHPR18MB1645.namprd18.prod.outlook.com ([fe80::b4fd:71ce:2bc4:7afb]) by MWHPR18MB1645.namprd18.prod.outlook.com ([fe80::b4fd:71ce:2bc4:7afb%3]) with mapi id 15.20.2327.026; Tue, 8 Oct 2019 05:07:44 +0000 From: Vamsi Krishna Attunuru To: Jerin Jacob Kollanukkaran , Thomas Monjalon CC: "dev@dpdk.org" Thread-Topic: [dpdk-dev] [PATCH v1 1/1] kernel/linux: introduce vfio_pf kernel module Thread-Index: AQHVZLbiijua7vdVa0SllwL3rLSKbKdQYwaw Date: Tue, 8 Oct 2019 05:07:44 +0000 Message-ID: References: <20190906091230.13923-1-vattunuru@marvell.com> <1612178.XsdEgM4R2a@xps> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [2405:204:6081:8c9f:e0a6:9100:f50:6e78] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: a402fadb-f804-4e20-c083-08d74bad7442 x-ms-traffictypediagnostic: MWHPR18MB1405: x-ms-exchange-purlcount: 2 x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-forefront-prvs: 01842C458A x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(346002)(376002)(366004)(396003)(136003)(189003)(199004)(13464003)(446003)(9686003)(55016002)(76116006)(6306002)(52536014)(476003)(66476007)(66446008)(66946007)(66556008)(64756008)(11346002)(229853002)(486006)(25786009)(81156014)(33656002)(71190400001)(81166006)(8936002)(71200400001)(6116002)(8676002)(6246003)(6436002)(7696005)(46003)(76176011)(53546011)(6506007)(86362001)(110136005)(2906002)(102836004)(186003)(316002)(74316002)(7736002)(305945005)(99286004)(966005)(478600001)(256004)(14444005)(5024004)(5660300002)(14454004)(4326008); DIR:OUT; SFP:1101; SCL:1; SRVR:MWHPR18MB1405; H:MWHPR18MB1645.namprd18.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; received-spf: None (protection.outlook.com: marvell.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: nO7oUdmdSEE26Nw7s4l2/Mu+K/L0ALMWOjV9dirnQrKFyhHqnHJNMeCAEqHauKi6nVyH3pV8LLmWWRVRInOZuhsMHe7p/2srHQXBF+6QBKrlS82LkVUy5RTHRoti6On0s4J+/Ty1+4om4xcvzHxyrpi2QJoUoBBaQoY672mTJjxRF4vjPCMvkWNkRdNvWS96lyQX36CD8DpIFAUIvEgu6mcOgcP7Nqs3NYbgf0Kewiibp2GY6LYTntYRdKOpzMMedVAMAYTVasjAdoygv8arjhNrTcQJAZweO+aTT6PByOP9dwKhky983bcqaRgykXLjKuhONRHS74083iw8IFT/1ZT9mxxToNtrWD4NnBKdGIbJUN16pnZrAIM+vHZTWJq/geXERBl32J7r7CsSOf3nyeuRJ+BgBPe5Yn0KP61AimV1/sVPvXSYtI3yr4UYID9cTNWFNqVmhKg3UN4hCj7T9g== Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: a402fadb-f804-4e20-c083-08d74bad7442 X-MS-Exchange-CrossTenant-originalarrivaltime: 08 Oct 2019 05:07:44.5872 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 70e1fb47-1155-421d-87fc-2e58f638b6e0 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: o4Sd6ZwBCWirexvZ9opXvxbj+3nYjF6G9rZ9kh34U1AAgUBBfS6BiuydVKnhXZIMQTFadLd3srvME6qwpAyMyw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR18MB1405 X-OriginatorOrg: marvell.com X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,1.0.8 definitions=2019-10-08_01:2019-10-07,2019-10-08 signatures=0 Subject: Re: [dpdk-dev] [PATCH v1 1/1] kernel/linux: introduce vfio_pf kernel module X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" > -----Original Message----- > From: Jerin Jacob Kollanukkaran > Sent: Friday, September 6, 2019 6:58 PM > To: Thomas Monjalon ; Vamsi Krishna Attunuru > > Cc: dev@dpdk.org > Subject: RE: [dpdk-dev] [PATCH v1 1/1] kernel/linux: introduce vfio_pf ke= rnel > module >=20 > > -----Original Message----- > > From: Thomas Monjalon > > Sent: Friday, September 6, 2019 3:15 PM > > To: Vamsi Krishna Attunuru > > Cc: dev@dpdk.org; Jerin Jacob Kollanukkaran > > Subject: Re: [dpdk-dev] [PATCH v1 1/1] kernel/linux: introduce vfio_pf > > kernel module > > > > 06/09/2019 11:12, vattunuru@marvell.com: > > > From: Vamsi Attunuru > > > > > > The DPDK use case such as VF representer or OVS offload etc would > > > call for PF and VF PCIe devices to bind vfio-pci module to enable > > > IOMMU protection. > > > > > > In addition to vSwitch use case, unlike, other PCI class of devices, > > > Network class of PCIe devices would have additional responsibility > > > on the PF devices such as promiscuous mode support etc. > > > > > > The above use cases demand VFIO needs bound to PF and its VF devices. > > > This is use case is not supported in Linux kernel, due to a security > > > issue where it is possible to have DoS in case if VF attached to > > > guest over vfio-pci and netdev kernel driver runs on it and which > > > something VF representer would like to enable it. > > > > > > Since we can not differentiate, the vfio-pci bounded VF devices runs > > > DPDK application or netdev driver in guest, we can not introduce any > > > scheme to fix DoS case and therefore not have proper support of this > > > in the upstream kernel. > > > > > > The igb_uio enables such PF and VF binding support for non-iommu > > > devices to make VF representer or OVS offload run on non-iommu > > > devices with DoS vulnerability for netdev driver as VF. > > > > > > This kernel module, facilitate to enable SRIOV on PF devices, > > > therefore, to run both PF and VF devices in VFIO mode knowing its > > > impacts like igb_uio driver functions of non-iommu devices. > > > > > > Signed-off-by: Vamsi Attunuru > > > Signed-off-by: Jerin Jacob > > > > Sorry I fail to properly understand the explanation above. > > Please try to split in shorter sentences. > > > > About the request to add an out-of-tree Linux kernel driver, I guess > > Jerin is well aware that we don't want such anymore. >=20 > Yes. I am aware of it. I don't like the out of tree modules either. But, = This > case, I suggested Vamsi to have out of tree module. >=20 > Let me describe the issue and let us discuss how to tackle the problem: >=20 > # Linux kernel wont allow VFIO PF to have SRIOV enable. >=20 > Patches and on going discussion are here: > https://patchwork.kernel.org/patch/10522381/ > https://lwn.net/Articles/748526/ >=20 > Based on my understanding the reason for NOT allowing the VFIO PF to have > SRIOV enable is genuine from kernel point of View but not from DPDK point > of view. >=20 > Here is the sequence to describe the problem > 1) Consider Linux kernel allowed VFIO PCI SRIOV enable > 2) PF bound to vfio-pci > 3) using SRIOV infrastructure of vfio-pci PF driver, VFs are created > 4) DPDK application bound to PF and VF, No issue here. > 5) Assume DPDK application bound to PF and VF bound To netdev kernel > driver. Now, there is a genuine concern From kernel point of view that, = DPDK > PF can intercept, VF mailbox message or so and deny the Kernel request Or > what if DPDK PF application crashes? >=20 > To avoid the case (5), (3) is not allowed in stock kernel. > Which makes sense IMO. >=20 > Now, From DPDK PoV, step 5 is valid as we have Rte_flow's VF action etc > used to enable such case. > Where, user can program the PF's rte_flow to steer Some traffic to VF, wh= ere > VF can be, DPDK application or Linux kernel netdev driver. >=20 > This patch enables the step (3) to enable step (5) from DPDK PoV. i.e DPD= K > needs to allow PF to bind to DPDK with VFs. >=20 > Why this issue now: > - igb_uio kernel driver is used as enabling step (3) See store_max_vfs() > kernel/linux/igb_uio/igb_uio.c This is fine for non-iommu device, IOMMU > devices needs VFIO. > - We would like support VFIO for IOMMU protection And enable step (5) as > DPDK supports form the spec level. > i.e need to fix feature disparity between iommu vs non-iommu based > devices. >=20 > Note: > We may not need a brand new kernel module, we could move this logic to > igb_uio if maintenance is concern. >=20 @All, we are expecting to merge this in 19.11 release and if any one have c= omments please respond. >=20 >=20 >=20 >=20 >=20 >=20 >=20 >=20 >=20 >=20 >=20 >=20 >=20 >=20 >=20 >=20 > - >=20 >=20 >=20 >=20 >=20 >=20 >=20 > >