Using Restricted DMA for virtio-pci
Michael S. Tsirkin
mst at redhat.com
Mon Mar 31 08:48:42 AEDT 2025
On Sun, Mar 30, 2025 at 10:27:58PM +0100, David Woodhouse wrote:
> On 30 March 2025 18:06:47 BST, "Michael S. Tsirkin" <mst at redhat.com> wrote:
> >> It's basically just allowing us to expose through PCI, what I believe
> >> we can already do for virtio in DT.
> >
> >I am not saying I am against this extension.
> >The idea to restrict DMA has a lot of merit outside pkvm.
> >For example, with a physical devices, limiting its DMA
> >to a fixed range can be good for security at a cost of
> >an extra data copy.
> >
> >So I am not saying we have to block this specific hack.
> >
> >what worries me fundamentally is I am not sure it works well
> >e.g. for physical virtio cards.
>
> Not sure why it doesn't work for physical cards. They don't need to be bus-mastering; they just take data from a buffer in their own RAM.
I mean, it kind of does, it is just that CPU pulling data over the PCI bus
stalls it so is very expensive. It is not by chance people switched to
DMA almost exclusively.
> >Attempts to pass data between devices will now also require
> >extra data copies.
>
> Yes. I think that's acceptable, but if we really cared we could perhaps extend the capability to refer to a range inside a given BAR on a specific *device*? Or maybe just *function*, and allow sharing of SWIOTLB buffer within a multi-function device?
Fundamentally, this is what dmabuf does.
> I think it's overkill though.
>
> >Did you think about adding an swiotlb mode to virtio-iommu at all?
> >Much easier than parsing page tables.
>
> Often the guests which need this will have a real IOMMU for the true
> pass-through devices.
Not sure I understand. You mean with things like stage 2 passthrough?
> Adding a virtio-iommu into the mix (or any other
> system-wide way of doing something different for certain devices) is
> problematic.
OK... but the issue isn't specific to no DMA devices, is it?
> The on-device buffer keeps it nice and simple,
I am not saying it is not.
It's just a little boutique.
> and even allows us to
> do device support for operating systems like Windows where it's a lot
> harder to do anything generic in the core OS.
Well we do need virtio iommu windows support sooner or later, anyway.
--
MST
More information about the Linuxppc-dev
mailing list