Linux Plumbers Conference 2021

Session

VFIO/IOMMU/PCI MC

Sep 23, 2021, 7:00 AM

Description

The VFIO/IOMMU/PCI micro-conference focuses on coordination between the PCI devices, the IOMMUs they are connected to and the VFIO layer used to manage them (for userspace access and device passthrough) with related kernel interfaces and userspace APIs to be designed in-sync and in a clean way for all three sub-systems, and on the kernel code that enables these new system features that often require coordination between the VFIO, IOMMU and PCI sub-systems.

Contribution list Timetable

98. Page-Based Hardware Attributes (PBHA) on arm64

Will Deacon

9/23/21, 7:00 AM

Version 8.2 of the Armv8 architecture introduced some mysterious bits to the PTE entries used by the CPU and SMMU which result in IMPLEMENTATION DEFINED behaviours. These bits are known as Page-Based Hardware Attributes (PBHA) and their opaque nature has resulted in them being disabled upstream.

This session will include a quick reminder of the arm64 MMU, before introducing the concept of...

267. PCI Data Object Exchange (DOE), Component Measurement and Authentication (CMA) / SPDM 1.1 - Mediating access and related issues

Jonathan Cameron (Huawei Technologies R&D (UK)), Dan Williams (Intel Open Source Technology Center)

9/23/21, 7:35 AM

DOE (PCI ECN) provides a standard mailbox definition, so far used for query / response type protocols. There can be multiple instances of a DOE on each PCI function, and each instance can support multiple protocols. Currently we have published definitions of the Discovery, CMA, IDE (available from the PCI SIG) and CDAT protocols (available from UEFI forum). Some of these protocols are intended...

226. Shared Virtual Addressing (SVA) for in-kernel users

Jacob Pan

9/23/21, 8:30 AM

Sharing virtual addresses between DMA and the user process is undoubtedly beneficial. It improves security by limiting DMA to the process virtual address space; The programming model is simplified by eliminating the need for explicit map/unmap operations with behind the scene IO page fault handling. Potential performance gains come after that.

However, applying the same logic to kernel-SVA...

250. Status of Dynamic MSIx and IMS opens

Ashok Raj, Megha Dey

9/23/21, 9:05 AM

Current MSIx allows one chance to allocate all required interrupt resources. The rework in progress introduces a new API to allow adding new interrupt resources on demand. We will run through some of the options. VFIO usage isn't correct in its usage today. Quick review on proposed VFIO changes for MSI and MSIx to make sure there is proper feedback to VM's

IMS has some unresolved opens.
-...

99. Unified I/O page table management for passthrough devices, in-kernel API discussion between IOMMU core and /dev/iommu

Kevin Tian (Intel), Baolu Lu

9/23/21, 9:45 AM

When a device is passed through to user space, DMAs from this device are untrusted by the kernel. I/O page tables must be enabled in the IOMMU so each assigned device can only access the I/O virtual address space that is created by respective device passthrough frameworks (VFIO, vDPA, etc.).

Until now I/O page tables are considered as a device attribute, thus managed through VFIO/vDPA...

251. Brain storm some of the features support in Linux for PCIe

Ashok Raj

9/23/21, 10:35 AM

Certain PCIe features aren't handled well in Linux, for instance, hotplug doesn't seem to care about MRL status. There are other implications on features as the following:

• MPS/MRRS
• 10b, 14b tag support

Both need to be enabled to the entire path from the root port to the device. If a new device is hotplugged, how are MPS, 10b tag enabled throughout the path?

Linux lacks support...

27. VFIO/IOMMU/PCI MC

The [PCI interconnect][1] specification, the devices that implement it, and the system IOMMUs that provide memory and access control to them are nowadays a de-facto standard for connecting high speed components, incorporating more and more features such as:

• Address Translation Service (ATS)/Page Request Interface (PRI)
• [Single-root I/O Virtualization (SR-IOV)][2]/Process Address...

112. PCI Component Measurement Architecture / SPDM 1.1

The PCI ECN defining CMA adds the ability (using a DOE mailbox) to establish the identity and verify the component configuration and firmware / executables.

This is done using the protocols defined in the DMTF SPDM 1.1 specification: https://www.dmtf.org/sites/default/files/standards/documents/DSP0274_1.1.1.pdf which is also used for the same purpose on other buses such as USB, but we are...

111. PCI Data Object Exchange - Mediating access and related issues

DOE (PCI ECN) provides a standard mailbox definition, so far used for query / response type protocols. There can be multiple instances of a DOE on each PCI function, and each instance can support multiple protocols. Currently we have published definitions of the Discovery, CMA, IDE (available from the PCI SIG) and CDAT protocols (available from UEFI forum). Some of these protocols are...