diff options
| author | Alexey Kardashevskiy <aik@ozlabs.ru> | 2013-08-05 20:52:36 +0400 |
|---|---|---|
| committer | Alex Williamson <alex.williamson@redhat.com> | 2013-08-05 20:52:36 +0400 |
| commit | 6cdd97821322352b94bb92f271b4466ad38a2468 (patch) | |
| tree | a79a322ca2ae87302f7ba85c0a286e7ec6b76bb6 /security | |
| parent | c095ba7224d8edc71dcef0d655911399a8bd4a3f (diff) | |
| download | linux-6cdd97821322352b94bb92f271b4466ad38a2468.tar.xz | |
vfio: add external user support
VFIO is designed to be used via ioctls on file descriptors
returned by VFIO.
However in some situations support for an external user is required.
The first user is KVM on PPC64 (SPAPR TCE protocol) which is going to
use the existing VFIO groups for exclusive access in real/virtual mode
on a host to avoid passing map/unmap requests to the user space which
would made things pretty slow.
The protocol includes:
1. do normal VFIO init operation:
- opening a new container;
- attaching group(s) to it;
- setting an IOMMU driver for a container.
When IOMMU is set for a container, all groups in it are
considered ready to use by an external user.
2. User space passes a group fd to an external user.
The external user calls vfio_group_get_external_user()
to verify that:
- the group is initialized;
- IOMMU is set for it.
If both checks passed, vfio_group_get_external_user()
increments the container user counter to prevent
the VFIO group from disposal before KVM exits.
3. The external user calls vfio_external_user_iommu_id()
to know an IOMMU ID. PPC64 KVM uses it to link logical bus
number (LIOBN) with IOMMU ID.
4. When the external KVM finishes, it calls
vfio_group_put_external_user() to release the VFIO group.
This call decrements the container user counter.
Everything gets released.
The "vfio: Limit group opens" patch is also required for the consistency.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions