From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by dpdk.org (Postfix) with ESMTP id 8EA0ADE0 for ; Thu, 31 Aug 2017 11:10:15 +0200 (CEST) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C8940806C1; Thu, 31 Aug 2017 09:10:14 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com C8940806C1 Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=maxime.coquelin@redhat.com Received: from [10.36.112.32] (ovpn-112-32.ams2.redhat.com [10.36.112.32]) by smtp.corp.redhat.com (Postfix) with ESMTPS id CCF50B32A3; Thu, 31 Aug 2017 09:10:09 +0000 (UTC) To: dev@dpdk.org, Yuanhan Liu Cc: mst@redhat.com, vkaplans@redhat.com, jasowang@redhat.com, jfreiman@redhat.com References: <20170704094922.11405-1-maxime.coquelin@redhat.com> From: Maxime Coquelin Message-ID: <285244a0-9959-6401-6b61-cbd7b559530e@redhat.com> Date: Thu, 31 Aug 2017 11:10:07 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: <20170704094922.11405-1-maxime.coquelin@redhat.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Thu, 31 Aug 2017 09:10:14 +0000 (UTC) Subject: Re: [dpdk-dev] [RFC 00/19] Vhost-user: Implement device IOTLB support X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Aug 2017 09:10:15 -0000 Hi, On 07/04/2017 11:49 AM, Maxime Coquelin wrote: > This first RFC, which targets v17.11, adds support for > VIRTIO_F_IOMMU_PLATFORM feature, by implementing device IOTLB in the > vhost-user backend. It improves the guest safety by enabling the > possibility to isolate the Virtio device. > > It makes possible to use Virtio PMD in guest with using VFIO driver > without enable_unsafe_noiommu_mode parameter set, so that the DPDK > application on guest can only access memory its has been allowed to, > and preventing malicious/buggy DPDK application in guest to make > vhost-user backend write random guest memory. Note that Virtio-net > Kernel driver also support IOMMU. > > The series depends on Qemu's "vhost-user: Specify and implement > device IOTLB support" [0], available upstream and which will be part > of Qemu v2.10 release. > > Performance-wise, even if this RFC has still room for optimizations, > no performance degradation is noticed with static mappings (i.e. DPDK > on guest) with PVP benchmark: > Traffic Generator: Moongen (lua-trafficgen) > Acceptable Loss: 0.005% > Validation run time: 1 min > Guest DPDK version/commit: v17.05 > QEMU version/commit: master (6db174aed1fd) > Virtio features: default > CPU: Intel(R) Xeon(R) CPU E5-2667 v4 @ 3.20GHz > NIC: 2 x X710 > Page size: 1G host/1G guest > Results (bidirectional, total of the two flows): > - base: 18.8Mpps > - base + IOTLB series, IOMMU OFF: 18.8Mpps > - base + IOTLB series, IOMMU ON: 18.8Mpps It seems that I did a mistake when benchmarking with IOMMU on. Actually, with this RFC, the result is 14.5Mpps, which is a noticeable performance degradation. Next revision fixing this issue is coming soon, performance is recovered to 18.8Mpps. Cheers, Maxime