Re: [virtio-dev] Re: [PATCH 0/5] virtio: introduce SUSPEND bit and vq state

["Zhu, Lingshan" <lingshan.zhu@intel.com>]

On 9/21/2023 7:28 PM, Parav Pandit wrote:
> > From: Zhu, Lingshan <lingshan.zhu@intel.com>
> > Sent: Thursday, September 21, 2023 3:25 PM
> >
> > On 9/21/2023 5:26 PM, Parav Pandit wrote:
> > > > From: Zhu, Lingshan <lingshan.zhu@intel.com>
> > > > Sent: Thursday, September 21, 2023 2:49 PM TDISP devices can not be
> > > > migrated for now, and the TDISP spec make clear examples of attacking
> > > > models, your admin vq LM on the PF exactly match the model.
> > > I gave hint yesterday to you to consult Ravi at Intel who showed TDISP
> > migration using a dedicated TVM using similar mechanism as admin command.
> > > But you sadly ignored...
> > >
> > > So let me make another attempt to explain,
> > >
> > > When in future TDISP device migration to be supported, the admin command
> > will be done through a dedicated PF or a VF that resides in another trust
> > domain, for example another TVM.
> > > Such admin virtio device will not be located in the hypervisor.
> > > Thereby, it will be secure.
> > > The admin commands pave the road to make this happen. Only thing changes
> > is delegation of admin commands to another admin device instead of a PF.
> > if you plan to do it in future, then lets discuss in the future.
> >
> > And TDISP can be migrated in future does not mean admin vq LM is secure, I
> > have repeated for so many times of the attacking model. and I will not repeat
> > again.
> > > There are other solutions too that will arise.
> > > I have seen another one too, may be DPU.
> > >
> > > In all the 2 approaches, TDISP is migratable and spec will evolve as multiple
> > vendors including Intel, AMD and others showed the path towards it without
> > mediation.
> > > Virtio will be able to leverage that as well using admin commands.
> > >
> > > I want to emphasize again, do not keep repeating AQ in your comments.
> > > It is admin commands in proposal [1].
> > we are discussing LM, right? Can TDISP help you here? TDISP spec gives
> > examples of attacking models, and your admin vq matches it, I gave you quote
> > of the spec yesterday.
> >
> > This thread is about live migration anyway, not TDISP.
> > > As Michael also requested, I kindly request to co-operate on doing join
> > technical work, shared ideas, knowledge and improve the spec.
> > > [1]
> > > https://lore.kernel.org/virtio-comment/20230909142911.524407-7-parav@n
> > > vidia.com/T/#mf15b68617f772770c6bf79f70e8ddc6fea834cfa
> > see other threads, I propose to reuse the basic facilities of live migration in
> > admin vq.
> I donât see a point in repeating anything anymore with your constant repetitions and ignorance to ideas.
>
> I am happy to collaborate to driver virtio spec when you can give thoughts with an open mind to address two use cases to converge and discuss.
>
> 1. virtio device migration using mediation approach
As Jason and I have told you many times, basic and fundamental of 
virtualization is trap and emulate,
and this series work for trap and emulate.

And for mediation, do you see any troubles?

Can't vDPA migrate devices by this solution?
> 2. virtio member passthrough device migration
if you want, you can build admin vq LM on the basic facilities. But 
still admin vq LM will not work for nested.