Re: [virtio-comment] Re: [PATCH 09/11] transport-pci: Describe PCI MMR dev config registers

["Michael S. Tsirkin" <mst@redhat.com>]

On Mon, Apr 10, 2023 at 03:20:52PM +0800, Jason Wang wrote:
> On Mon, Apr 10, 2023 at 2:40âPM Michael S. Tsirkin <mst@redhat.com> wrote:
> >
> > On Mon, Apr 10, 2023 at 02:20:16PM +0800, Jason Wang wrote:
> > > On Mon, Apr 10, 2023 at 2:15âPM Michael S. Tsirkin <mst@redhat.com> wrote:
> > > >
> > > > On Mon, Apr 10, 2023 at 09:33:32AM +0800, Jason Wang wrote:
> > > > > This is fine for vDPA but not for virtio if the design can only work
> > > > > for some specific setups (OSes/archs).
> > > > >
> > > > > Thanks
> > > >
> > > > Well virtio legacy has a long history of documenting existing hacks :)
> > >
> > > Exactly, so the legacy behaviour is not (or can't be) defined by the
> > > spec but the codes.
> >
> > I mean driver behaviour derives from the code but we do document it in
> > the spec to help people build devices.
> >
> >
> > > > But yes, VIRTIO_F_ORDER_PLATFORM has to be documented.
> > > > And we have to decide what to do about ACCESS_PLATFORM since
> > > > there's a security problem if device allows not acking it.
> > > > Two options:
> > > > - relax the rules a bit and say device will assume ACCESS_PLATFORM
> > > >   is acked anyway
> > >
> > > This will break legacy drivers which assume physical addresses.
> >
> > not that they are not already broken.
> 
> I may miss something, the whole point is to allow legacy drivers to
> run otherwise a modern device is sufficient?

yes and if legacy drivers don't work in a given setup then we
should not worry.

> >
> > > > - a new flag that is insecure (so useful for sec but useless for dpdk) but optional
> > >
> > > This looks like a new "hack" for the legacy hacks.
> >
> > it's not just for legacy.
> 
> We have the ACCESS_PLATFORM feature bit, what is the useage for this new flag?


ACCESS_PLATFORM is also a security boundary. so devices must fail
negotiation if it's not there. this new one won't be.


> >
> > > And what about ORDER_PLATFORM, I don't think we can modify legacy drivers...
> > >
> > > Thanks
> >
> > You play some tricks with shadow VQ I guess.
> 
> Do we really want to add a new feature in the virtio spec that can
> only work with the datapath mediation?
> 
> Thanks

As long as a feature is useful and can't be supported otherwise
we are out of options. Keeping field practice things out of the
spec helps no one.

> >
> > --
> > MST
> >