| Message ID | cover.1701268753.git.robin.murphy@arm.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | dma-mapping: Clean up arch_setup_dma_ops() | expand |
On Wed, Nov 29, 2023 at 05:42:57PM +0000, Robin Murphy wrote: > Hi all, > > Prompted by Jason's proposal[1], here's a first step towards truly > unpicking the dma_configure vs. IOMMU mess. As I commented before, we > have an awful lot of accumulated cruft and technical debt here making > things more complicated than they need to be, and we already have hacks > on top of hacks trying to work around it, so polishing those hacks even > further is really not a desirable direction of travel. And I do know > they're hacks, because I wrote most of them and still remember enough of > the context of the time ;) I quite like this, I was also looking at getting rid of those other parameters. I wanted to take smaller steps because it is all pretty hairy. One thing that still concerns me is if the FW data restricts the valid IOVA window that really should be reflected into the reserved ranges and not just dumped into the struct device for use by the DMA API. Or, perhaps, viof/iommufd should be using the struct device data to generate some additional reserved ranges? Either way, I would like to see the dma_iommu and the rest of the subsystem agree on what the valid IOVA ranges actually are. Jason
On 29/11/2023 8:36 pm, Jason Gunthorpe wrote: > On Wed, Nov 29, 2023 at 05:42:57PM +0000, Robin Murphy wrote: >> Hi all, >> >> Prompted by Jason's proposal[1], here's a first step towards truly >> unpicking the dma_configure vs. IOMMU mess. As I commented before, we >> have an awful lot of accumulated cruft and technical debt here making >> things more complicated than they need to be, and we already have hacks >> on top of hacks trying to work around it, so polishing those hacks even >> further is really not a desirable direction of travel. And I do know >> they're hacks, because I wrote most of them and still remember enough of >> the context of the time ;) > > I quite like this, I was also looking at getting rid of those other > parameters. > > I wanted to take smaller steps because it is all pretty hairy. > > One thing that still concerns me is if the FW data restricts the valid > IOVA window that really should be reflected into the reserved ranges > and not just dumped into the struct device for use by the DMA API. > > Or, perhaps, viof/iommufd should be using the struct device data to > generate some additional reserved ranges? > > Either way, I would like to see the dma_iommu and the rest of the > subsystem agree on what the valid IOVA ranges actually are. Note that there is some intentional divergence where iommu-dma reserves IOVAs matching PCI outbound windows because it knows it wants to avoid clashing with potential peer-to-peer addresses and doesn't want to have to get into the details of ACS redirect etc., but we don't expose those as generic reserved regions because they're firmly a property of the PCI host bridge, not of the IOMMU group (and more practically, because we did do so briefly and it made QEMU unhappy). I think there may also have been some degree of conclusion that it's not the IOMMU API's place to get in the way of other domain users trying to do weird P2P stuff if they really want to. Another issue is that the generic dma_range_map strictly represents device-specific constraints which may not always be desirable or appropriate to apply to a whole group. There wasn't really a conscious decision as such, but it kind of works out as why we still only consider PCI's bridge->dma_ranges (which comes from the same underlying data), since we can at least assume every device behind a bridge accesses memory through that bridge and so inherits its restrictions. However I don't recall any conscious decision for inbound windows to only be considered for DMA domain reservations rather than for proper reserved regions - pretty sure that's just a case of that code being added in the place where it seemed to fit best at the time (because hey it's more host bridge windows and we already have a thing for host bridge windows...) Thanks, Robin.
On Fri, Dec 01, 2023 at 01:07:36PM +0000, Robin Murphy wrote: > On 29/11/2023 8:36 pm, Jason Gunthorpe wrote: > > On Wed, Nov 29, 2023 at 05:42:57PM +0000, Robin Murphy wrote: > > > Hi all, > > > > > > Prompted by Jason's proposal[1], here's a first step towards truly > > > unpicking the dma_configure vs. IOMMU mess. As I commented before, we > > > have an awful lot of accumulated cruft and technical debt here making > > > things more complicated than they need to be, and we already have hacks > > > on top of hacks trying to work around it, so polishing those hacks even > > > further is really not a desirable direction of travel. And I do know > > > they're hacks, because I wrote most of them and still remember enough of > > > the context of the time ;) > > > > I quite like this, I was also looking at getting rid of those other > > parameters. > > > > I wanted to take smaller steps because it is all pretty hairy. > > > > One thing that still concerns me is if the FW data restricts the valid > > IOVA window that really should be reflected into the reserved ranges > > and not just dumped into the struct device for use by the DMA API. > > > > Or, perhaps, viof/iommufd should be using the struct device data to > > generate some additional reserved ranges? > > > > Either way, I would like to see the dma_iommu and the rest of the > > subsystem agree on what the valid IOVA ranges actually are. > > Note that there is some intentional divergence where iommu-dma reserves > IOVAs matching PCI outbound windows because it knows it wants to avoid > clashing with potential peer-to-peer addresses and doesn't want to have to > get into the details of ACS redirect etc., but we don't expose those as > generic reserved regions because they're firmly a property of the PCI host > bridge, not of the IOMMU group (and more practically, because we did do so > briefly and it made QEMU unhappy). I think there may also have been some > degree of conclusion that it's not the IOMMU API's place to get in the way > of other domain users trying to do weird P2P stuff if they really want to. I'm not sure this is the fully correct conclusion - eg if today we take a NIC device on a non-ACS topology and run DPDK through VFIO it has a chance of failure because some IOVA simply cannot be used by DPDK for DMA at all. qemu and kvm are a different situation that want different things. Eg it would want to identity map the PCI BAR spaces to the IOVA they are claiming. It should still somehow carve out any other IOVA that is unusable due to guest-invisible ACS and reflect it through FW tables into the VM. I'm starting to see people build non-ACS systems and want it to work with VFIO and I'm a little worried we have been too loose here. > bridge and so inherits its restrictions. However I don't recall any > conscious decision for inbound windows to only be considered for DMA domain > reservations rather than for proper reserved regions - pretty sure that's > just a case of that code being added in the place where it seemed to fit > best at the time (because hey it's more host bridge windows and we already > have a thing for host bridge windows...) Yeah, and I don't think anyone actually cared much.. At least as a step it would be nice if the DMA API only restrictions can come out as a special type of reserved region. Then the caller could decide if they want to follow them or not. iommufd could provide an opt-in API to DPDK that matches DMA API's safe IOVA allocator. Jason
Hi all, Prompted by Jason's proposal[1], here's a first step towards truly unpicking the dma_configure vs. IOMMU mess. As I commented before, we have an awful lot of accumulated cruft and technical debt here making things more complicated than they need to be, and we already have hacks on top of hacks trying to work around it, so polishing those hacks even further is really not a desirable direction of travel. And I do know they're hacks, because I wrote most of them and still remember enough of the context of the time ;) I'm taking a methodical bottom-up approach here, so step 1 is cleaning *all* the out-of-date stuff from arch_setup_dma_ops() and simplifying that interface, which gets it right out of the way for the next step of pulling apart {of,acpi}_dma_configure(). This part is really a dma-mapping series, but I'm not sure yet if would need to target the IOMMU tree - nothing here should strictly depend on the pending IOMMU change, but the follow-up patches might. Still working on those, so hopefully I'll know soon... Thanks, Robin. [1] https://lore.kernel.org/linux-iommu/0-v1-720585788a7d+811b-iommu_fwspec_p1_jgg@nvidia.com/ Robin Murphy (7): OF: Retire dma-ranges mask workaround OF: Simplify DMA range calculations ACPI/IORT: Handle memory address size limits as limits dma-mapping: Add helpers for dma_range_map bounds iommu/dma: Make limit checks self-contained iommu/dma: Centralise iommu_setup_dma_ops() dma-mapping: Simplify arch_setup_dma_ops() arch/arc/mm/dma.c | 3 +-- arch/arm/mm/dma-mapping-nommu.c | 3 +-- arch/arm/mm/dma-mapping.c | 12 ++++++---- arch/arm64/mm/dma-mapping.c | 5 +--- arch/loongarch/kernel/dma.c | 9 ++----- arch/mips/mm/dma-noncoherent.c | 3 +-- arch/riscv/mm/dma-noncoherent.c | 3 +-- drivers/acpi/arm64/dma.c | 17 ++++--------- drivers/acpi/arm64/iort.c | 18 +++++++------- drivers/acpi/scan.c | 3 +-- drivers/hv/hv_common.c | 6 +---- drivers/iommu/amd/iommu.c | 8 ------- drivers/iommu/dma-iommu.c | 35 ++++++++++----------------- drivers/iommu/dma-iommu.h | 6 +++++ drivers/iommu/intel/iommu.c | 7 ------ drivers/iommu/iommu.c | 2 ++ drivers/iommu/s390-iommu.c | 6 ----- drivers/iommu/virtio-iommu.c | 10 -------- drivers/of/device.c | 42 ++++++--------------------------- include/linux/acpi_iort.h | 4 ++-- include/linux/dma-direct.h | 18 ++++++++++++++ include/linux/dma-map-ops.h | 6 ++--- include/linux/iommu.h | 7 ------ 23 files changed, 78 insertions(+), 155 deletions(-)