Message ID | 20220203110651.17419-1-roger.pau@citrix.com (mailing list archive) |
---|---|
State | Superseded |
Headers | show |
Series | tools/libxl: don't allow IOMMU usage with PoD | expand |
On 03.02.2022 12:06, Roger Pau Monne wrote: > Prevent libxl from creating guests that attempts to use PoD together > with an IOMMU, even if no devices are actually assigned. > > While the hypervisor could support using PoD together with an IOMMU as > long as no devices are assigned, such usage seems doubtful. There's no > guarantee the guest has ballooned down enough memory for PoD to no > longer be active, and thus a later assignment of a PCI device to such > domain could fail. That's not a precise description of the constraint: The guest ballooning down enough only means entries == cache, but for device assignment we need entries == 0 (and a guarantee that no new entries can appear, but I think this is already the case once a guest was launched). (FWIW the wording in code comment and log message read fine to me.) Jan
On Thu, Feb 03, 2022 at 12:55:56PM +0100, Jan Beulich wrote: > On 03.02.2022 12:06, Roger Pau Monne wrote: > > Prevent libxl from creating guests that attempts to use PoD together > > with an IOMMU, even if no devices are actually assigned. > > > > While the hypervisor could support using PoD together with an IOMMU as > > long as no devices are assigned, such usage seems doubtful. There's no > > guarantee the guest has ballooned down enough memory for PoD to no > > longer be active, and thus a later assignment of a PCI device to such > > domain could fail. > > That's not a precise description of the constraint: The guest ballooning > down enough only means entries == cache, but for device assignment we > need entries == 0 (and a guarantee that no new entries can appear, but I > think this is already the case once a guest was launched). Would you be OK with: "While the hypervisor could support using PoD together with an IOMMU as long as no devices are assigned, such usage seems doubtful. There's no guarantee the guest has PoD no longer be active, and thus a later assignment of a PCI device to such domain could fail." By "PoD no longer be active" meaning cache == entries == 0. Thanks, Roger.
On 03.02.2022 14:50, Roger Pau Monné wrote: > On Thu, Feb 03, 2022 at 12:55:56PM +0100, Jan Beulich wrote: >> On 03.02.2022 12:06, Roger Pau Monne wrote: >>> Prevent libxl from creating guests that attempts to use PoD together >>> with an IOMMU, even if no devices are actually assigned. >>> >>> While the hypervisor could support using PoD together with an IOMMU as >>> long as no devices are assigned, such usage seems doubtful. There's no >>> guarantee the guest has ballooned down enough memory for PoD to no >>> longer be active, and thus a later assignment of a PCI device to such >>> domain could fail. >> >> That's not a precise description of the constraint: The guest ballooning >> down enough only means entries == cache, but for device assignment we >> need entries == 0 (and a guarantee that no new entries can appear, but I >> think this is already the case once a guest was launched). > > Would you be OK with: > > "While the hypervisor could support using PoD together with an IOMMU as > long as no devices are assigned, such usage seems doubtful. There's no > guarantee the guest has PoD no longer be active, and thus a later > assignment of a PCI device to such domain could fail." Yes, thanks, this sounds better (to me at least). Jan
diff --git a/tools/libs/light/libxl_create.c b/tools/libs/light/libxl_create.c index d7a40d7550..7499922088 100644 --- a/tools/libs/light/libxl_create.c +++ b/tools/libs/light/libxl_create.c @@ -1160,17 +1160,16 @@ int libxl__domain_config_setdefault(libxl__gc *gc, pod_enabled = (d_config->c_info.type != LIBXL_DOMAIN_TYPE_PV) && (d_config->b_info.target_memkb < d_config->b_info.max_memkb); - /* We cannot have PoD and PCI device assignment at the same time - * for HVM guest. It was reported that IOMMU cannot work with PoD - * enabled because it needs to populated entire page table for - * guest. To stay on the safe side, we disable PCI device - * assignment when PoD is enabled. + /* We don't support having PoD and an IOMMU at the same time for HVM + * guests. An active IOMMU cannot work with PoD because it needs a fully + * populated page-table. Prevent PoD usage if the domain has an IOMMU + * assigned, even if not active. */ if (d_config->c_info.type != LIBXL_DOMAIN_TYPE_PV && - d_config->num_pcidevs && pod_enabled) { + d_config->c_info.passthrough != LIBXL_PASSTHROUGH_DISABLED && + pod_enabled) { ret = ERROR_INVAL; - LOGD(ERROR, domid, - "PCI device assignment for HVM guest failed due to PoD enabled"); + LOGD(ERROR, domid, "IOMMU not supported together with PoD"); goto error_out; }
Prevent libxl from creating guests that attempts to use PoD together with an IOMMU, even if no devices are actually assigned. While the hypervisor could support using PoD together with an IOMMU as long as no devices are assigned, such usage seems doubtful. There's no guarantee the guest has ballooned down enough memory for PoD to no longer be active, and thus a later assignment of a PCI device to such domain could fail. Preventing the usage of PoD together with an IOMMU at guest creation avoids having to add checks for active PoD entries in the device assignment paths. Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> --- Cc: Jan Beulich <jbeulich@suse.com> --- tools/libs/light/libxl_create.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-)