From patchwork Thu Mar 28 06:33:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: "Chen, Jiqian" X-Patchwork-Id: 13608029 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 5C0B5C54E64 for ; Thu, 28 Mar 2024 06:34:42 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.698786.1090903 (Exim 4.92) (envelope-from ) id 1rpjLH-000517-N9; Thu, 28 Mar 2024 06:34:27 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 698786.1090903; Thu, 28 Mar 2024 06:34:27 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rpjLH-000510-KZ; Thu, 28 Mar 2024 06:34:27 +0000 Received: by outflank-mailman (input) for mailman id 698786; Thu, 28 Mar 2024 06:34:26 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1rpjLG-00050u-GH for xen-devel@lists.xenproject.org; Thu, 28 Mar 2024 06:34:26 +0000 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on20631.outbound.protection.outlook.com [2a01:111:f400:7e88::631]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id 37865e79-eccd-11ee-afe3-a90da7624cb6; Thu, 28 Mar 2024 07:34:25 +0100 (CET) Received: from CH0P223CA0006.NAMP223.PROD.OUTLOOK.COM (2603:10b6:610:116::24) by SJ0PR12MB6759.namprd12.prod.outlook.com (2603:10b6:a03:44b::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.33; Thu, 28 Mar 2024 06:34:21 +0000 Received: from CH1PEPF0000A345.namprd04.prod.outlook.com (2603:10b6:610:116:cafe::1) by CH0P223CA0006.outlook.office365.com (2603:10b6:610:116::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.13 via Frontend Transport; Thu, 28 Mar 2024 06:34:21 +0000 Received: from SATLEXMB04.amd.com (165.204.84.17) by CH1PEPF0000A345.mail.protection.outlook.com (10.167.244.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7409.10 via Frontend Transport; Thu, 28 Mar 2024 06:34:20 +0000 Received: from cjq-desktop.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Thu, 28 Mar 2024 01:34:16 -0500 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 37865e79-eccd-11ee-afe3-a90da7624cb6 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Obi6HYe6xYXEAyGS/bEm3dJqMMjQjoQMQong9WYW5t34LAiT2hlUMXnSNZwcxd5mPI9lP7HxWyTk1RC3qJxEkAbEGbabqaOf6s/G+bZOrPuHCL02KKKurgkb0dIBhTV8vDTF0yx2hQPYYx1PyEr3u6SNbleuUa8jDa4KDXn20dSXgZn+gkOjHtnf24WuyTzlzjw5Zc5ccLMXvjny5ng1fEdZCACALmRRBgcP2H6ByaeORqpzF/LQ43njr4euc9Vzc2h0ngxbV+eZsI3WI2kTZmdEV5I3tLchqiWtLni26akwkCrkm+scCrUGKFQFxR5YpgROHTM0LgS1HSdvqFO1sA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=NSM04TcpoTnGMGbyK//oTfjXT4lhbQc9K4dNvFxakco=; b=FTHDkHk37rPrPCpyS8MUOcPt6DSt6QUBGTJdaBBluH818G3IGL380cuIbgbKDmLahAkyIEfaam/WgnYQtagV0VTn+jGbaZ90jS3/vE1v9h/0QY0qmtyVQmlKAd7dUhEhWwveAFMEKTpN54LRw7vreEXumeoSOzR/TsAJmXigWNUi6NeN/c36CtR4nMNVf+mOgwFuTZLvw79oDXbd41aSXT5A7QCu49UVpBZynmyCxwT4giEpwZMieFezH1fSYrnqKfHu5I2UDbBn/ab3fRnx4O/dcv+gzDxoCpjLHrgaYfJvhQY9cxyGDwzL7FTxlh/cbKkqYxaMsE7XOK7qV89+6A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NSM04TcpoTnGMGbyK//oTfjXT4lhbQc9K4dNvFxakco=; b=zUt6VUyrE/+e2hmv8M03r4lts4/esMEaVD6Itdx/fNzsiC6tPlZjBgPsuDaRiZjFV2Q6cldfiasOy3yp/ttcqNfjOok/fthOrWq5rDpldLaarC5mLkqjgH3+6sIHtljVmBpfb+q7M4jie/haeJ4YnEWEK8o/nAdARHlJKpMFHGw= X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C From: Jiqian Chen To: CC: Jan Beulich , Andrew Cooper , =?utf-8?q?Roger_Pau_Monn=C3=A9?= , Wei Liu , George Dunlap , Julien Grall , Stefano Stabellini , Anthony PERARD , "Juergen Gross" , "Daniel P . Smith" , Stewart Hildebrand , Huang Rui , Jiqian Chen Subject: [RFC XEN PATCH v6 0/5] Support device passthrough when dom0 is PVH on Xen Date: Thu, 28 Mar 2024 14:33:57 +0800 Message-ID: <20240328063402.354496-1-Jiqian.Chen@amd.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH1PEPF0000A345:EE_|SJ0PR12MB6759:EE_ X-MS-Office365-Filtering-Correlation-Id: 818e980f-39c8-403e-9cfc-08dc4ef119d6 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: t1n17FDPaarOyYe3kHLH2NhtgSjPybFQHhtlafcYFs68I3PHxjXyfkARuSJ/IbycBfUTDQUsviP4jRa+t8DAuL+NB1hcnDGCPIveiz2TGd93ni5+yQIoy/XRcVV5GE45+H7b9F0nhIg+52u0w7i+P9rjWKbLoxPFUqHh5vT6HAwlTYmFeO8jLx33gYUaj36scA/GEjbpHchEFKY2ukU3BbI6GvYTP+jnRja3uqdmExJqCepSlc7ez1bnVGVREjhjYG1Pv3L3u5dsIJt3vx2/GjORxj0hASng9oObwiSILS5oskGgB3SKhpHIAZp5Z/ytyJde4lBoOESkLXFKIHA5UDxY/O91hY23NObGh7jaeFcwTFVDOW+WgwKOUTDa7c9JM67rhU9/7LVyl4iketA5/0eJ8q88kqUuJ097AY5fUbRvkNP7QBsjemfNIYIJiK3g1dbMot3jla/nHzyuWajWr0mtL56G8LCgFRNuvFEP/Eo/UviQJi9NNUwp1Kj9UCOd+9mHDUkGutUD1srUdt3A30XQ9SPm58LRmsSOfJP9IoymV40Z4LWx0NUPZfPw+fnrqLUHXacAOXRn9lACevQ+ss0hQ3mHc4kA6PsOcore9Q3T9cK5pEOVxUAgkTb9YOz0Ipbc4uhZAIrIflJDWsreRHHY3mwmSoH4ZTM/DET0UvRBJxIjujBpN6rqfU1ODCXtmDzAexKZw5TZNwcMtWJ2tQ== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(1800799015)(36860700004)(376005)(7416005)(82310400014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Mar 2024 06:34:20.6722 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 818e980f-39c8-403e-9cfc-08dc4ef119d6 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CH1PEPF0000A345.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR12MB6759 Hi All, This is v6 series to support passthrough when dom0 is PVH v5->v6 changes: * patch#1: Add Reviewed-by Stefano and Stewart. Rebase code and change old function vpci_remove_device, vpci_add_handlers to vpci_deassign_device, vpci_assign_device * patch#2: Add Reviewed-by Stefano * patch#3: Remove unnecessary "ASSERT(!has_pirq(currd));" * patch#4: Fix some coding style issues below directory tools * patch#5: Modified some variable names and code logic to make code easier to be understood, which to use gsi by default and be compatible with older kernel versions to continue to use irq v4->v5 changes: * patch#1: add pci_lock wrap function vpci_reset_device_state * patch#2: move the check of self map_pirq to physdev.c, and change to check if the caller has PIRQ flag, and just break for PHYSDEVOP_(un)map_pirq in hvm_physdev_op * patch#3: return -EOPNOTSUPP instead, and use ASSERT(!has_pirq(currd)); * patch#4: is the patch#5 in v4 because patch#5 in v5 has some dependency on it. And add the handling of errno and add the Reviewed-by Stefano * patch#5: is the patch#4 in v4. New implementation to add new hypercall XEN_DOMCTL_gsi_permission to grant gsi v3->v4 changes: * patch#1: change the comment of PHYSDEVOP_pci_device_state_reset; move printings behind pcidevs_unlock * patch#2: add check to prevent PVH self map * patch#3: new patch, The implementation of adding PHYSDEVOP_setup_gsi for PVH is treated as a separate patch * patch#4: new patch to solve the map_pirq problem of PVH dom0. use gsi to grant irq permission in XEN_DOMCTL_irq_permission. * patch#5: to be compatible with previous kernel versions, when there is no gsi sysfs, still use irq v4 link: https://lore.kernel.org/xen-devel/20240105070920.350113-1-Jiqian.Chen@amd.com/T/#t v2->v3 changes: * patch#1: move the content out of pci_reset_device_state and delete pci_reset_device_state; add xsm_resource_setup_pci check for PHYSDEVOP_pci_device_state_reset; add description for PHYSDEVOP_pci_device_state_reset; * patch#2: du to changes in the implementation of the second patch on kernel side(that it will do setup_gsi and map_pirq when assigning a device to passthrough), add PHYSDEVOP_setup_gsi for PVH dom0, and we need to support self mapping. * patch#3: du to changes in the implementation of the second patch on kernel side(that adds a new sysfs for gsi instead of a new syscall), so read gsi number from the sysfs of gsi. v3 link: https://lore.kernel.org/xen-devel/20231210164009.1551147-1-Jiqian.Chen@amd.com/T/#t v2 link: https://lore.kernel.org/xen-devel/20231124104136.3263722-1-Jiqian.Chen@amd.com/T/#t Below is the description of v2 cover letter: This series of patches are the v2 of the implementation of passthrough when dom0 is PVH on Xen. We sent the v1 to upstream before, but the v1 had so many problems and we got lots of suggestions. I will introduce all issues that these patches try to fix and the differences between v1 and v2. Issues we encountered: 1. pci_stub failed to write bar for a passthrough device. Problem: when we run “sudo xl pci-assignable-add ” to assign a device, pci_stub will call “pcistub_init_device() -> pci_restore_state() -> pci_restore_config_space() -> pci_restore_config_space_range() -> pci_restore_config_dword() -> pci_write_config_dword()”, the pci config write will trigger an io interrupt to bar_write() in the xen, but the bar->enabled was set before, the write is not allowed now, and then when bar->Qemu config the passthrough device in xen_pt_realize(), it gets invalid bar values. Reason: the reason is that we don't tell vPCI that the device has been reset, so the current cached state in pdev->vpci is all out of date and is different from the real device state. Solution: to solve this problem, the first patch of kernel(xen/pci: Add xen_reset_device_state function) and the fist patch of xen(xen/vpci: Clear all vpci status of device) add a new hypercall to reset the state stored in vPCI when the state of real device has changed. Thank Roger for the suggestion of this v2, and it is different from v1 (https://lore.kernel.org/xen-devel/20230312075455.450187-3-ray.huang@amd.com/), v1 simply allow domU to write pci bar, it does not comply with the design principles of vPCI. 2. failed to do PHYSDEVOP_map_pirq when dom0 is PVH Problem: HVM domU will do PHYSDEVOP_map_pirq for a passthrough device by using gsi. See xen_pt_realize->xc_physdev_map_pirq and pci_add_dm_done->xc_physdev_map_pirq. Then xc_physdev_map_pirq will call into Xen, but in hvm_physdev_op(), PHYSDEVOP_map_pirq is not allowed. Reason: In hvm_physdev_op(), the variable "currd" is PVH dom0 and PVH has no X86_EMU_USE_PIRQ flag, it will fail at has_pirq check. Solution: I think we may need to allow PHYSDEVOP_map_pirq when "currd" is dom0 (at present dom0 is PVH). The second patch of xen(x86/pvh: Open PHYSDEVOP_map_pirq for PVH dom0) allow PVH dom0 do PHYSDEVOP_map_pirq. This v2 patch is better than v1, v1 simply remove the has_pirq check(xen https://lore.kernel.org/xen-devel/20230312075455.450187-4-ray.huang@amd.com/). 3. the gsi of a passthrough device doesn't be unmasked 3.1 failed to check the permission of pirq 3.2 the gsi of passthrough device was not registered in PVH dom0 Problem: 3.1 callback function pci_add_dm_done() will be called when qemu config a passthrough device for domU. This function will call xc_domain_irq_permission()-> pirq_access_permitted() to check if the gsi has corresponding mappings in dom0. But it didn’t, so failed. See XEN_DOMCTL_irq_permission->pirq_access_permitted, "current" is PVH dom0 and it return irq is 0. 3.2 it's possible for a gsi (iow: vIO-APIC pin) to never get registered on PVH dom0, because the devices of PVH are using MSI(-X) interrupts. However, the IO-APIC pin must be configured for it to be able to be mapped into a domU. Reason: After searching codes, I find "map_pirq" and "register_gsi" will be done in function vioapic_write_redirent->vioapic_hwdom_map_gsi when the gsi(aka ioapic's pin) is unmasked in PVH dom0. So the two problems can be concluded to that the gsi of a passthrough device doesn't be unmasked. Solution: to solve these problems, the second patch of kernel(xen/pvh: Unmask irq for passthrough device in PVH dom0) call the unmask_irq() when we assign a device to be passthrough. So that passthrough devices can have the mapping of gsi on PVH dom0 and gsi can be registered. This v2 patch is different from the v1( kernel https://lore.kernel.org/xen-devel/20230312120157.452859-5-ray.huang@amd.com/, kernel https://lore.kernel.org/xen-devel/20230312120157.452859-5-ray.huang@amd.com/ and xen https://lore.kernel.org/xen-devel/20230312075455.450187-5-ray.huang@amd.com/), v1 performed "map_pirq" and "register_gsi" on all pci devices on PVH dom0, which is unnecessary and may cause multiple registration. 4. failed to map pirq for gsi Problem: qemu will call xc_physdev_map_pirq() to map a passthrough device’s gsi to pirq in function xen_pt_realize(). But failed. Reason: According to the implement of xc_physdev_map_pirq(), it needs gsi instead of irq, but qemu pass irq to it and treat irq as gsi, it is got from file /sys/bus/pci/devices/xxxx:xx:xx.x/irq in function xen_host_pci_device_get(). But actually the gsi number is not equal with irq. On PVH dom0, when it allocates irq for a gsi in function acpi_register_gsi_ioapic(), allocation is dynamic, and follow the principle of applying first, distributing first. And if you debug the kernel codes(see function __irq_alloc_descs), you will find the irq number is allocated from small to large by order, but the applying gsi number is not, gsi 38 may come before gsi 28, that causes gsi 38 get a smaller irq number than gsi 28, and then gsi != irq. Solution: we can record the relation between gsi and irq, then when userspace(qemu) want to use gsi, we can do a translation. The third patch of kernel(xen/privcmd: Add new syscall to get gsi from irq) records all the relations in acpi_register_gsi_xen_pvh() when dom0 initialize pci devices, and provide a syscall for userspace to get the gsi from irq. The third patch of xen(tools: Add new function to get gsi from irq) add a new function xc_physdev_gsi_from_irq() to call the new syscall added on kernel side. And then userspace can use that function to get gsi. Then xc_physdev_map_pirq() will success. This v2 patch is the same as v1( kernel https://lore.kernel.org/xen-devel/20230312120157.452859-6-ray.huang@amd.com/ and xen https://lore.kernel.org/xen-devel/20230312075455.450187-6-ray.huang@amd.com/) About the v2 patch of qemu, just change an included head file, other are similar to the v1 ( qemu https://lore.kernel.org/xen-devel/20230312092244.451465-19-ray.huang@amd.com/), just call xc_physdev_gsi_from_irq() to get gsi from irq. Jiqian Chen (5): xen/vpci: Clear all vpci status of device x86/pvh: Allow (un)map_pirq when dom0 is PVH x86/pvh: Add PHYSDEVOP_setup_gsi for PVH dom0 libxl: Use gsi instead of irq for mapping pirq domctl: Add XEN_DOMCTL_gsi_permission to grant gsi tools/include/xenctrl.h | 5 +++ tools/libs/ctrl/xc_domain.c | 15 ++++++++ tools/libs/light/libxl_pci.c | 68 +++++++++++++++++++++++++++++------- xen/arch/x86/domctl.c | 31 ++++++++++++++++ xen/arch/x86/hvm/hypercall.c | 8 +++++ xen/arch/x86/physdev.c | 24 +++++++++++++ xen/drivers/pci/physdev.c | 36 +++++++++++++++++++ xen/drivers/vpci/vpci.c | 10 ++++++ xen/include/public/domctl.h | 9 +++++ xen/include/public/physdev.h | 7 ++++ xen/include/xen/vpci.h | 6 ++++ xen/xsm/flask/hooks.c | 1 + 12 files changed, 208 insertions(+), 12 deletions(-)