On Wed, Nov 08, 2023 at 08:53:00AM +0000, Tian, Kevin wrote:
There are many events related to object in guest memory or controlled by the guest, eg C_BAD_CD and C_BAD_STE. These should be relayed or the emulation is not working well.
so that's the category of unrecoverable faults?
I haven't looked exhaustively but I do have the impression that the only recoverable fault is the 'page not present' one.
btw I can understand C_BAD_CD given it's walked by the physical SMMU in nested configuration. But presumably STE is created by the smmu driver itself then why would there be an error to be relayed for guest STE?
If the guest programs a bad STE it should still generate a C_BAD_STE even if the mediation SW could theoretically sanitize it (but sanitize it to what? BLOCKED?). Since we have to forward things like C_BAD_CD and others we may as well just drop an invalid STE and forward the event like real HW.
but I didn't get the last piece. If those domains are created by kernel drivers why would they require a uAPI for userspace to specify fault capable?
Not to userspace, but a kapi to request a fault capable domain and to supply the fault handler. Eg:
iommu_domain_alloc_faultable(dev, handler);
Does it affect SVA too?
Inside the driver the SVA should be constructed out of the same fault handling infrastructure, but a SVA domain allocation should have a different allocation function.
Jason