[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <8499f0ab-9701-2ca2-ac7a-842c36c54f8a@arm.com>
Date: Mon, 15 Nov 2021 15:37:18 +0000
From: Robin Murphy <robin.murphy@....com>
To: Jason Gunthorpe <jgg@...dia.com>,
Christoph Hellwig <hch@...radead.org>
Cc: Kevin Tian <kevin.tian@...el.com>,
Chaitanya Kulkarni <kch@...dia.com>,
Ashok Raj <ashok.raj@...el.com>, kvm@...r.kernel.org,
rafael@...nel.org, Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Cornelia Huck <cohuck@...hat.com>,
Will Deacon <will@...nel.org>, linux-kernel@...r.kernel.org,
iommu@...ts.linux-foundation.org,
Alex Williamson <alex.williamson@...hat.com>,
Jacob jun Pan <jacob.jun.pan@...el.com>,
linux-pci@...r.kernel.org, Bjorn Helgaas <bhelgaas@...gle.com>,
Diana Craciun <diana.craciun@....nxp.com>
Subject: Re: [PATCH 02/11] driver core: Set DMA ownership during driver
bind/unbind
On 2021-11-15 13:24, Jason Gunthorpe via iommu wrote:
> On Mon, Nov 15, 2021 at 05:19:02AM -0800, Christoph Hellwig wrote:
>> On Mon, Nov 15, 2021 at 10:05:43AM +0800, Lu Baolu wrote:
>>> @@ -566,6 +567,12 @@ static int really_probe(struct device *dev, struct device_driver *drv)
>>> goto done;
>>> }
>>>
>>> + if (!drv->suppress_auto_claim_dma_owner) {
>>> + ret = iommu_device_set_dma_owner(dev, DMA_OWNER_KERNEL, NULL);
>>> + if (ret)
>>> + return ret;
>>> + }
>>
>> I'd expect this to go into iommu_setup_dma_ops (and its arm and s390
>> equivalents), as that is what claims an IOMMU for in-kernel usage
>
> If iommu_device_set_dma_owner(dev_a) fails changes dynamically
> depending on what iommu_device_set_dma_owner(dev_b, DMA_OWNER_USER)
> have been done.
>
> The whole point here is that doing a
> iommu_device_set_dma_owner(dev_b, DMA_OWNER_USER)
> needs to revoke kernel usage from a whole bunch of other devices in
> the same group.
>
> revoking kernel usage means it needs to ensure that no driver is bound
> and prevent future drivers from being bound.
>
> iommu_setup_dma_ops() is something done once early on in boot, not at
> every driver probe, so I don't see how it can help??
Note that there's some annoying inconsistency across architectures, and
with the {acpi,of}_dma_configure() code in general. I guess Christoph
might be thinking of the case where iommu_setup_dma_ops() *does* end up
being called off the back of the bus->dma_configure() hook a few lines
below the context above.
iommu_setup_dma_ops() itself is indeed not the appropriate place for
this (the fact that it can be called as late as driver probe is subtly
broken and still on my list to fix...) but
bus->dma_configure() definitely is. Only a handful of buses care about
IOMMUs, and possibly even fewer of them support VFIO, so I'm in full
agreement with Greg and Christoph that this absolutely warrants being
scoped per-bus. I mean, we literally already have infrastructure to
prevent drivers binding if the IOMMU/DMA configuration is broken or not
ready yet; why would we want a totally different mechanism to prevent
driver binding when the only difference is that that configuration *is*
ready and working to the point that someone's already claimed it for
other purposes?
Robin.
Powered by blists - more mailing lists