[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v9 7/8] xen/arm: enable dom0 to use PCI devices with pci-passthrough=no

  • To: Julien Grall <julien@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Mykyta Poturai <Mykyta_Poturai@xxxxxxxx>
  • Date: Mon, 28 Apr 2025 14:28:48 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=unOwEfd28qiN6Jt4Zc1O3QUcdvMaQ7KLkAs5W77BYJk=; b=Br4lyyC2A7FTic9T0qsLwLQVWdh9Lj20RR6RN8Bq3LJX7zT1tLU4OXMXscV2okHyqwQza4KPJDaxBK3WqRWx1pyVHLWvl1+7ZmFK7qBdmruknjEyTbfuToPVPyt1mC7eswSVQFO7elKCo2qegXdYLMev18kJsrqmjn6w6cuggoSxAo1tZeKCrlZRJDwumXGYI6hVZ42Ul78sWVhuwLHvcuTL7wQSb+mfj2Sj3WLAPbdHLTtwDfTsUP5Bz0Nmp3sgXHb8ao0tzOci+CkwLhelh0mggV40OuVTSODteukdfpeIjsxJOEXXLiPn2uy3eXzVEWQdNatriMk3YriilKlOhA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=mVjwlBX69q0RCqOF52AYmHlIeaGZuLF8K7EdXVHWjNtT8oUmSiAtEFS7VzMZiifbinPEEvLl2u4+qbTUH9Ar5fNFlIfJv6g7/rEYHcunjRD4s8NQ/vOHtI4BLnCCIU1NAngionIuQcg/pvIj4SrK69rWeCm3ww4jpYCdcX/Kz2PleoSiWvW2FeNKgtDIWL1xKrgfem2swlOz7jfxEnAgKHWnFyPVbbl1W2gzrpyhLIHV+pdN4S7Uy4nZ0CBQvuKc2iP7Haz6HcQDuFxYg95g1JhBynvEJZQReTzmjNHdsxBOrEBhLV9B/KFRBgW5dV190i98bzmkNg5DIeKVbaP9yw==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com;
  • Cc: Stewart Hildebrand <stewart.hildebrand@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Mon, 28 Apr 2025 14:29:15 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHblOXdxbIbbkNtn0WSg/9tW2OJ47O5DGKAgAA8u4CAAAbVAIAAGfaA
  • Thread-topic: [PATCH v9 7/8] xen/arm: enable dom0 to use PCI devices with pci-passthrough=no
On 28.04.25 15:55, Julien Grall wrote:
> Hi,
> 
> On 28/04/2025 13:31, Mykyta Poturai wrote:
>> On 28.04.25 11:54, Julien Grall wrote:
>>> Hi Mykyta,
>>>
>>> On 14/03/2025 13:34, Mykyta Poturai wrote:
>>>> From: Stewart Hildebrand <stewart.hildebrand@xxxxxxx>
>>>>
>>>> Enable the use of IOMMU + PCI in dom0 without having to specify
>>>> "pci-passthrough=yes". We rely on dom0 to initialize the PCI controller
>>>> and perform a PHYSDEVOP_pci_device_add call to add each device to SMMU.
>>>
>>> It would be good to explain why Xen cannot initialize the PCI
>>> controller. Asking, because the reason is the PCI controller is too
>>> complex, then you will likely need the same approach for PCI 
>>> passthrough...
>>
>> I think the main reason for this is complexity and the possibility of
>> additional dependencies: there could be external clocks or reset pins
>> that the PCI host depends on for working correctly. I will add this to
>> the commit message. Regarding PCI passthrough, it is already using the
>> same approach (at least on Arm). There are patches for enabling Xen on
>> Arm to perform bus enumeration by itself by Luca Fancellu, but I haven't
>> yet got to test them in a meaningful way.
> 
> Can you provide a link to the series? I would like to make sure we have 
> a coherent approach. In particular, it is not clear to me how Dom0 and 
> Xen will be able to coordinate the access to the PCI controller. Are we 
> going to have a mediator?
> 

Here is a link to my WIP branch
https://github.com/Deedone/xen/tree/pci_passthrough_wip
Although it is slightly outdated due to recent review activity, I will 
updated it soon with all of the recent changes.

Luca's commits begin from c68a5cbb1a7d17907551159c99ab5c87ce0dedf9

I wasn't able to find them sent to any mailing lists, but I plan to also 
send them after the base case with Dom0 enumeration stabilizes.

There is no mediator, Dom0 configures the host controller, enumerates 
child devices, and then gives complete access to some of them to Xen. 
Xen only does "logical" operations with child devices and does not 
change any of the host controller base settings. To ensure that Dom0 
will not mess with the child devices, tools bind them to the stub 
driver. Theoretically, Dom0 can bind to those devices again and break 
something, but it can also do a lot of other breaking stuff so I don't 
think there is a good reason to invent some forms of protection from it.

After some time with pci-scan changes merged it should become possible 
to make Xen do the enumeration, and only give Dom0 the virtual PCI bus, 
which would prevent it from accessing non-owned devices.

-- 
Mykyta

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.