Hi Nikhil,
On 18.11.19 14:26, Devshatwar, Nikhil wrote:
HI Jan,
Current Jailhouse implementation has support for partitioning the SPI
interrupts on a GICv3.
However, the LPI interrupts managed by the GIC ITS cannot be partitioned.
Is this something we would need a GICv4 for?
Typical usage of LPI are for connecting PCIe devices on arm64 platforms
where the endpoint sends MSI interrupts.
Kernel drivers for GIC assumes full ownership of the ITS module.
Means, it also touches registers it does not own? Or are there
conceptually shared resources in the ITS that everyone needs to access
when programmed own parts of it?
To enable partitioning of PCI devices/functions (from same or different
PCI controller) across VMs,
One of the key important feature that will be needed is the ITS
virtualization.
Since the GIC ITS does not support per VM tables, one option would be to
use emulation of the ITS module.
Here is the proposal for such an approach.
·GIC kernel driver allocates separate ITS table in its VM address space
·When Jailhouse is enabled, Hypervisor allocates a new ITS table and
copies the descriptors from root cell
·All accesses to the ITS registers are trapped and emulated in the Jailhouse
·Any attempt from a VM trying to setup the descriptor for a certain
device needs to be policed against VM ownership
·Jailhouse validates and updates the physical ITS table descriptors to
match the VM maintained tables
This will be similar to the approach taken for SMMU stage1 emulation
developed by Pratyush Yadav.
What so you think about adding this support in the Jailhouse?
Would you be willing to accept patches for the ITS emulation?
Well, we do want assignment of PCI devices to different cells when this
is feasible, and we do want not only DMA partitioning but also safe &
secure interrupt handling. OTW: Yes, we need something that enables that.
And when the hardware does not (yet) support us in enforcing the
partitions during runtime, we need to emulate that in software. It's
just the question how complex that emulation needs to become, for Linux
or for "educated" guests.
BTW, those accesses to the ITS will not be on the interrupt handling
path, will they? Only for the setup and maybe affinity adjustment?
Jan
--
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux
--
You received this message because you are subscribed to the Google Groups
"Jailhouse" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/jailhouse-dev/81a7f9d2-d6b5-0eac-9bb9-1fa14a56df40%40siemens.com.
