| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 30 Jul 2020 14:17:25 -0600
From: Alex Williamson <alex.williamson@...hat.com>
To: "Tian, Kevin" <kevin.tian@...el.com>
Cc: Lu Baolu <baolu.lu@...ux.intel.com>,
Joerg Roedel <joro@...tes.org>,
Robin Murphy <robin.murphy@....com>,
Jean-Philippe Brucker <jean-philippe@...aro.org>,
Cornelia Huck <cohuck@...hat.com>,
"Raj, Ashok" <ashok.raj@...el.com>,
"Jiang, Dave" <dave.jiang@...el.com>,
"Liu, Yi L" <yi.l.liu@...el.com>,
"iommu@...ts.linux-foundation.org" <iommu@...ts.linux-foundation.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"kvm@...r.kernel.org" <kvm@...r.kernel.org>
Subject: Re: [PATCH v3 3/4] iommu: Add iommu_aux_get_domain_for_dev()
On Wed, 29 Jul 2020 23:49:20 +0000
"Tian, Kevin" <kevin.tian@...el.com> wrote:
> > From: Alex Williamson <alex.williamson@...hat.com>
> > Sent: Thursday, July 30, 2020 4:25 AM
> >
> > On Tue, 14 Jul 2020 13:57:02 +0800
> > Lu Baolu <baolu.lu@...ux.intel.com> wrote:
> >
> > > The device driver needs an API to get its aux-domain. A typical usage
> > > scenario is:
> > >
> > > unsigned long pasid;
> > > struct iommu_domain *domain;
> > > struct device *dev = mdev_dev(mdev);
> > > struct device *iommu_device = vfio_mdev_get_iommu_device(dev);
> > >
> > > domain = iommu_aux_get_domain_for_dev(dev);
> > > if (!domain)
> > > return -ENODEV;
> > >
> > > pasid = iommu_aux_get_pasid(domain, iommu_device);
> > > if (pasid <= 0)
> > > return -EINVAL;
> > >
> > > /* Program the device context */
> > > ....
> > >
> > > This adds an API for such use case.
> > >
> > > Suggested-by: Alex Williamson <alex.williamson@...hat.com>
> > > Signed-off-by: Lu Baolu <baolu.lu@...ux.intel.com>
> > > ---
> > > drivers/iommu/iommu.c | 18 ++++++++++++++++++
> > > include/linux/iommu.h | 7 +++++++
> > > 2 files changed, 25 insertions(+)
> > >
> > > diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
> > > index cad5a19ebf22..434bf42b6b9b 100644
> > > --- a/drivers/iommu/iommu.c
> > > +++ b/drivers/iommu/iommu.c
> > > @@ -2817,6 +2817,24 @@ void iommu_aux_detach_group(struct
> > iommu_domain *domain,
> > > }
> > > EXPORT_SYMBOL_GPL(iommu_aux_detach_group);
> > >
> > > +struct iommu_domain *iommu_aux_get_domain_for_dev(struct device
> > *dev)
> > > +{
> > > + struct iommu_domain *domain = NULL;
> > > + struct iommu_group *group;
> > > +
> > > + group = iommu_group_get(dev);
> > > + if (!group)
> > > + return NULL;
> > > +
> > > + if (group->aux_domain_attached)
> > > + domain = group->domain;
> >
> > Why wouldn't the aux domain flag be on the domain itself rather than
> > the group? Then if we wanted sanity checking in patch 1/ we'd only
> > need to test the flag on the object we're provided.
> >
> > If we had such a flag, we could create an iommu_domain_is_aux()
> > function and then simply use iommu_get_domain_for_dev() and test that
> > it's an aux domain in the example use case. It seems like that would
>
> IOMMU layer manages domains per parent device. Here given a
Is this the IOMMU layer or the VT-d driver? I don't see any notion of
managing domains relative to a parent in the IOMMU layer. Please point
to something more specific if I'm wrong here.
> dev (of mdev), we need a way to find its associated domain under its
> parent device. And we cannot simply use iommu_get_domain_for_dev
> on the parent device of the mdev, as it will give us the primary domain
> of parent device.
Not the parent device of the mdev, but the mdev_dev(mdev) device.
Isn't that what this series is enabling, being able to return the
domain from the group that contains the mdev_dev? We shouldn't need to
leave breadcrumbs on the group to know about the domain, the domain
itself should be the source of knowledge, or provide a mechanism/ops to
learn that knowledge. Thanks,
Alex
> > resolve the jump from a domain to an aux-domain just as well as adding
> > this separate iommu_aux_get_domain_for_dev() interface. The is_aux
> > test might also be useful in other cases too. Thanks,
> >
> > Alex
> >
> > > +
> > > + iommu_group_put(group);
> > > +
> > > + return domain;
> > > +}
> > > +EXPORT_SYMBOL_GPL(iommu_aux_get_domain_for_dev);
> > > +
> > > /**
> > > * iommu_sva_bind_device() - Bind a process address space to a device
> > > * @dev: the device
> > > diff --git a/include/linux/iommu.h b/include/linux/iommu.h
> > > index 9506551139ab..cda6cef7579e 100644
> > > --- a/include/linux/iommu.h
> > > +++ b/include/linux/iommu.h
> > > @@ -639,6 +639,7 @@ int iommu_aux_attach_group(struct
> > iommu_domain *domain,
> > > struct iommu_group *group, struct device *dev);
> > > void iommu_aux_detach_group(struct iommu_domain *domain,
> > > struct iommu_group *group, struct device *dev);
> > > +struct iommu_domain *iommu_aux_get_domain_for_dev(struct device
> > *dev);
> > >
> > > struct iommu_sva *iommu_sva_bind_device(struct device *dev,
> > > struct mm_struct *mm,
> > > @@ -1040,6 +1041,12 @@ iommu_aux_detach_group(struct
> > iommu_domain *domain,
> > > {
> > > }
> > >
> > > +static inline struct iommu_domain *
> > > +iommu_aux_get_domain_for_dev(struct device *dev)
> > > +{
> > > + return NULL;
> > > +}
> > > +
> > > static inline struct iommu_sva *
> > > iommu_sva_bind_device(struct device *dev, struct mm_struct *mm, void
> > *drvdata)
> > > {
>
Powered by blists - more mailing lists