With the introduction of the new object and its infrastructure, update the
doc and the vIOMMU graph to reflect that.
Reviewed-by: Jason Gunthorpe
Signed-off-by: Nicolin Chen
---
Documentation/userspace-api/iommufd.rst | 41 +++--
1 file changed, 32 insertions(+), 9 deletions(-)
diff --git a/Documentation/userspace-api/iommufd.rst
b/Documentation/userspace-api/iommufd.rst
index 92d16efad5b0..3c27cc92c2cb 100644
--- a/Documentation/userspace-api/iommufd.rst
+++ b/Documentation/userspace-api/iommufd.rst
@@ -94,6 +94,19 @@ Following IOMMUFD objects are exposed to userspace:
backed by corresponding vIOMMU objects, in which case a guest OS would do
the "dispatch" naturally instead of VMM trappings.
+ - IOMMUFD_OBJ_VDEVICE, representing a virtual device for an IOMMUFD_OBJ_DEVICE
+ against an IOMMUFD_OBJ_VIOMMU. This virtual device holds the device's
virtual
+ information or attributes (related to the vIOMMU) in a VM. An immediate
vDATA
+ example can be the virtual ID of the device on a vIOMMU, which is a unique
ID
+ that VMM assigns to the device for a translation channel/port of the vIOMMU,
+ e.g. vSID of ARM SMMUv3, vDeviceID of AMD IOMMU, and vID of Intel VT-d to a
+ Context Table. Potential use cases of some advanced security information can
+ be forwarded via this object too, such as security level or realm
information
+ in a Confidential Compute Architecture. A VMM should create a vDEVICE object
+ to forward all the device information in a VM, when it connects a device to
a
+ vIOMMU, which is a separate ioctl call from attaching the same device to an
+ HWPT_PAGING that the vIOMMU holds.
+
All user-visible objects are destroyed via the IOMMU_DESTROY uAPI.
The diagrams below show relationships between user-visible objects and kernel
@@ -133,16 +146,16 @@ creating the objects and links::
|| || |__|
___
- | iommufd (with vIOMMU)|
+ | iommufd (with vIOMMU/vDEVICE)|
| |
- | [5] |
- |_ |
- | | | |
- | ||vIOMMU | |
- | || | |
- | || | |
- | | [1] | | [4] [2]|
- | | __ | | _ |
+ | [5][6]|
+ |_ _ |
+ | | || | |
+ | ||vIOMMU |<---| vDEVICE |<||
+ | || ||_| ||
+ | || |||
+ | | [1] | | [4] | [2]|
+ | | __ | | _ _|__ |
| || || [3] || | || |
| || IOAS |<---|(HWPT_PAGING)|<---| HWPT_NESTED |<--| DEVICE | |
| ||__||_||_| || |
@@ -215,6 +228,15 @@ creating the objects and links::
the vIOMMU object and the HWPT_PAGING, then this vIOMMU object can be used
as a nesting parent object to allocate an HWPT_NESTED object described
above.
+6. IOMMUFD_OBJ_VDEVICE can be only manually created via the IOMMU_VDEVICE_ALLOC
+ uAPI, provided a viommu_id for an iommufd_viommu object and a dev_id for an
+ iommufd_device object. The vDEVICE object will be the binding between these
+ two parent objects. Another @virt_id will be also set via the uAPI providing
+ the iommufd core an index to store the vDEVICE object to a vDEVICE array per
+ vIOMMU. If necessary, the IOMMU driver may choose to implement a
vdevce_alloc
+ op to init its HW for virtualization feature related to a vDEVICE.
Successful
+ completion of this operation sets up the linkages between vIOMMU and device.
+
A device can only bind to an iommufd due to DMA ownership claim and attach to
at
most one IOAS object (no support of PASID yet).
@@ -228,6 +250,7 @@ User visible objects are backed by following datastructures:
- iommufd_hwpt_paging for IOMMUFD_OBJ_HWPT_PAGING.
- iommufd_hwpt_nested for IOMMUFD_OBJ_HWPT_NESTED.
- iommufd_viommu for IOMMUFD_OBJ_VIOMMU.
+- iommufd_vdevice for IOMMUFD_OBJ_VDEVICE
Several term
