From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 7942221C91271 for ; Fri, 28 Jul 2017 08:25:34 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id E10A42E0C9B; Fri, 28 Jul 2017 15:27:38 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com E10A42E0C9B Authentication-Results: ext-mx05.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx05.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=lersek@redhat.com Received: from lacos-laptop-7.usersys.redhat.com (ovpn-116-27.phx2.redhat.com [10.3.116.27]) by smtp.corp.redhat.com (Postfix) with ESMTP id A7BB75D9C1; Fri, 28 Jul 2017 15:27:31 +0000 (UTC) To: Ard Biesheuvel , Brijesh Singh Cc: "edk2-devel@lists.01.org" , Tom Lendacky , Jordan Justen , Jason Wang , "Michael S . Tsirkin" , Gerd Hoffmann References: <1500502151-13508-1-git-send-email-brijesh.singh@amd.com> <841bec5f-6f6e-8b1f-25ba-0fd37a915b72@redhat.com> <4e2fc623-3656-eea7-09a8-b5c6d2f694e1@amd.com> <4071596d-32c9-e6d9-8c93-0d43d28e9b5a@redhat.com> <6517a7f8-5564-35e1-dc27-1b85a23c815e@amd.com> <9C4ABF62-4018-4014-A3C4-0A8B3B3CE1C2@linaro.org> <2bbe4119-ed19-d594-741b-cb92cd4f93f2@amd.com> From: Laszlo Ersek Message-ID: <1c01798c-9708-ba67-69b1-ce6e8069dafc@redhat.com> Date: Fri, 28 Jul 2017 17:27:30 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Fri, 28 Jul 2017 15:27:39 +0000 (UTC) Subject: Re: [RFC v1 0/3] Add VIRTIO_F_IOMMU_PLATFORM support X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jul 2017 15:25:34 -0000 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 07/28/17 10:39, Ard Biesheuvel wrote: > On 27 July 2017 at 23:10, Brijesh Singh wrote: >> >> >> On 07/27/2017 04:31 PM, Ard Biesheuvel wrote: >>> >>> >>>> On 27 Jul 2017, at 21:55, Brijesh Singh wrote: >>>> >>>> >>>> >>>> On 07/27/2017 02:00 PM, Brijesh Singh wrote: >>>> >>>>>>> This distribution of operations seems wrong. The key point is that >>>>>>> AllocateBuffer() *need not* result in a buffer that is immediately >>>>>>> usable, and that client code is required to call Map() >>>>>>> *unconditionally*, even if BusMasterCommonBuffer is the desired >>>>>>> operation. Therefore, the right distribution of operations is: >>>>>>> >>>>>>> - IoMmuAllocateBuffer() allocates pages and does not touch the >>>>>>> encryption mask.. >>>>>>> >>>>>>> - IoMmuFreeBuffer() deallocates pages and does not touch the >>>>>>> encryption >>>>>>> mask. >>>>>>> >>>>> Actually one of main reason why we cleared and restored the memory >>>>> encryption mask >>>>> during allocate/free is because we also consume the IOMMU protocol in >>>>> QemuFwCfgLib >>>>> as a method to allocate and free a DMA buffer. I am certainly open to >>>>> suggestions. >>>>> [1] >>>>> https://github.com/tianocore/edk2/blob/master/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c#L159 >>>>> [2] >>>>> https://github.com/tianocore/edk2/blob/master/OvmfPkg/Library/QemuFwCfgLib/QemuFwCfgDxe.c#L197 >>>>>>> >>>>>>> - IoMmuMap() does not allocate pages when BusMasterCommonBuffer is >>>>>>> requested, and it allocates pages (bounce buffer) otherwise. >>>>>>> >>>>> I am trying to wrap my head around how we can support >>>>> BusMasterCommonBuffer >>>>> when buffer was not allocated by us. Changing the memory encryption mask >>>>> in >>>>> a page table will not update the contents. Also since the memory >>>>> encryption >>>>> mask works on PAGE_SIZE hence changing the encryption mask on not our >>>>> allocated >>>>> buffer could mess things up (e.g if NumberOfBytes is not PAGE_SIZE >>>>> aligned). >>>> >>>> >>>> I may be missing something in my understanding. Here is a flow I have in >>>> my >>>> mind, please correct me. >>>> >>>> OvmfPkg/VirtIoBlk.c: >>>> >>>> VirtioBlkInit() >>>> .... >>>> .... >>>> VirtioRingInit >>>> Virtio->AllocateSharedPages(RingSize, &Ring->Base) >>>> PciIo->AllocatePages(RingSize, &RingAddress) >>>> Virtio->MapSharedPages(...,BusMasterCommonBuffer, Ring->Base, >>>> RingSize, &RingDeviceAddress) >>>> ..... >>>> ..... >>>> >>>> This case is straight forward and we can easily maps. No need for bounce >>>> buffering. >>>> >>>> VirtioBlkReadBlocks(..., BufferSize, Buffer,) >>>> ...... >>>> ...... >>>> SynchronousRequest(..., BufferSize, Buffer) >>>> .... >>>> Virtio->MapSharedPages(..., BusMasterCommonBuffer, Buffer, >>>> BufferSize, &DeviceAddress) >>>> VirtioAppendDesc(DeviceAddress, BufferSize, ...) >>>> VirtioFlush (...) >>>> In the above case, "Buffer" was not allocated by us hence we will not >>>> able to change the >>>> memory encryption attributes. Am I missing something in the flow ? >>>> >>> >>> >>> Common buffer mappings may only be created from buffers that were >>> allocated by AllocateBuffer(). In fact, that is its main purpose >> >> >> Yes, that part is well understood. If the buffer was allocated by us (e.g >> vring, request/status >> structure etc) then those should be mapped as "BusMasterCommonBuffer". Brijesh, thanks for the clarification. Previously I replied (at length) to your paragraph that said "trying to wrap my head around...", and it wasn't clear what you meant by "allocated by us". In my previous response, I assumed that you meant a distinction between "allocated in Map()" vs. "allocated in AllocateBuffer()". I stand by my earlier answer for that (assumed) distinction, but now I see that you meant something else. >> >> But I am trying to figure out, how to map a data buffers before issuing a >> virtio request. e.g when >> VirtioBlkReadBlocks() is called, "Buffer" pointer is not a DMA address hence >> we need to map it. >> I think it should be mapped using "BusMasterWrite" not >> "BusMasterCommonBuffer" before adding into vring. >> > > If the transfer is strictly unidirectional, then that should work. If > the transfer goes both ways, you may need to map/unmap for read and > then map/unmap for write > You (Brijesh and Ard) are both right. This question depends on the outermost interface that the specific virtio driver provides. In this case, VirtioBlkReadBlocks() implements EFI_BLOCK_IO_PROTOCOL.ReadBlocks(). The buffer is owned by an independent agent, and it is guaranteed by the ReadBlocks() interface that the transfer is unidirectional. So a standalone Map() call with BusMasterWrite is appropriate, followed by a standalone Unmap() call *before* VirtioBlkReadBlocks() returns. In this sense, my earlier request to "*always* use AllocateBuffer + Map" was too strict. However, in the *general* case, the recommendation remains the same. For the virtio-net driver for example, the interfaces are not synchronous. E.g., while EFI_BLOCK_IO_PROTOCOL.WriteBlocks() is synchronous, EFI_SIMPLE_NETWORK_PROTOCOL.Transmit() is not. So, although in VirtioNetTransmit() we might be tempted to use BusMasterRead, that's not right, because ExitBootServices() could be called before the SNP client collects the buffer with VirtioNetGetStatus(). The ExitBootServices() callback will have to Unmap() the area without freeing it, and that's only possible if BusMasterCommonBuffer is used in VirtioNetTransmit() to begin with. This means that we'll have to save the client's data -- after updating it according to HeaderSize -- with AllocateBuffer() in VirtioNetTransmit(), Map() *that* as BusMasterCommonBuffer, and undo both steps in VirtioNetGetStatus(). And, in the exit-boot-services callback, it has to be Unmap()ped only, but not freed. Basically it depends upon whether you can complete the entire operation synchronously, before the outermost protocol interface returns. I recommend that we work on the IoMmuDxe and QemuFwCfgLib updates first. (And, my apologies again for not catching these issues immediately; as I said, this is my first time doing non-1:1 DMA.) Thanks, Laszlo