On 05/09/2018 08:44 AM, Stephen Bates wrote:
> RDMA VFs lend themselves to NVMEoF w/device-assignment.... need a way to
> put NVME 'resources' into an assignable/manageable object for
> which is really a 'DMA security domain' and less an 'IOMMU grouping
Ha, I like your term "DMA Security Domain" which sounds about right for what we
are discussing with p2pdma and ACS disablement ;-). The problem is that ACS is, in some
ways, too big of hammer for what we want here in the sense that it is either on or off for
the bridge or MF EP we enable/disable it for. ACS can't filter the TLPs by address or
ID though PCI-SIG are having some discussions on extending ACS. That's a long term
solution and won't be applicable to us for some time.
NVMe SSDs that support SR-IOV are coming to market but we can't assume all NVMe SSDs
with support SR-IOV. That will probably be a pretty high end-feature...
Sure, we could provide unsecure enablement for development and kick-the-tires
device-assignment started that way (no ACS, no intr-remapping, etc.), but for secure
VF's for both p2p EPs is the best security model.
So, we should have a design goal for the secure configuration.
workarounds/unsecure modes to deal with near-term what-we-have-to-work-with can be
employed, but they shoudn't be