Hi Jason,
On Fri, 15 May 2026 15:23:22 -0300
Jason Gunthorpe <[email protected]> wrote:
> On Mon, May 11, 2026 at 07:02:57PM -0700, Mukesh R wrote:
> > +static struct iommu_domain *hv_iommu_domain_alloc_paging(struct
> > device *dev) +{
> > + struct hv_domain *hvdom;
> > + int rc;
> > +
> > + if (hv_l1vh_partition() && !hv_curr_thread_is_vmm()) {
> > + pr_err("Hyper-V: l1vh iommu does not support host
> > devices\n");
> > + return NULL;
> > + }
> > +
> > + hvdom = kzalloc(sizeof(struct hv_domain), GFP_KERNEL);
> > + if (hvdom == NULL)
> > + return NULL;
> > +
> > + spin_lock_init(&hvdom->mappings_lock);
> > + hvdom->mappings_tree = RB_ROOT_CACHED;
> > +
> > + /* Called under iommu group mutex, so single threaded */
> > + if (++unique_id == HV_DEVICE_DOMAIN_ID_S2_NULL) /* ie,
> > UINTMAX */
> > + goto out_err;
> > +
> > + hvdom->domid_num = unique_id;
> > + hvdom->partid = hv_get_current_partid();
> > + hvdom->iommu_dom.geometry = default_geometry;
> > + hvdom->iommu_dom.pgsize_bitmap = HV_IOMMU_PGSIZES;
> > +
> > + /* For guests, by default we do direct attaches, so no
> > domain in hyp */
> > + if (hv_dom_owner_is_vmm(hvdom) && !hv_no_attdev)
> > + hvdom->attached_dom = true;
>
> What are you thinking sending something like this?!?!?
>
> The function is called *alloc domain PAGING*, it does not, and can not
> allocate weird "special" domains that are not PAGING domains. I just
> spent a long time removing all this kind of crazyness from drivers.
>
> There is alot of other things I don't like in this patch, but this is
> too much.
>
> You have to drop this "direct attach" idea from the first iteration,
> Linux can't do it without alot more work, you should start with the
> basic paging domain mode.
>
Just wondering what work is needed to support this "direct attach"? I
felt this issue is due to trying to cram two distinct domain types
(paging domain & direct attach) into the VFIO container model where
only unmanaged paging domain is supported.
I am thinking if we were to switch to iommufd and let user(vmm) have
direct control of HWPT, vmm will be able to selectively use a
different domain type to handle direct attach. IMHO, it is essentially
the same as attaching nest parent domain without nested domain
immediately attached. The unprivileged guest may attach nested domain
directly with Hyper-V if nested translation is needed.
I understand nest parent is still a paging domain today and it is
expected to work with nested domain. So maybe we can make iommufd
accept nest parent w/o paging? i.e. no map/unmap and do not call
iopt_table_add_domain()? or maybe a new object?
From this driver POV, it will allocate a 2nd stage only domain with
different domain ops (w/o map/unmap) for "direct attach" thus avoid this
hack.
Thanks,
Jacob
