| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 Feb 2022 14:10:19 +0000
From: Robin Murphy <robin.murphy@....com>
To: Jason Gunthorpe <jgg@...dia.com>
Cc: Lu Baolu <baolu.lu@...ux.intel.com>,
Joerg Roedel <joro@...tes.org>,
Alex Williamson <alex.williamson@...hat.com>,
Christoph Hellwig <hch@...radead.org>,
Kevin Tian <kevin.tian@...el.com>,
Ashok Raj <ashok.raj@...el.com>, kvm@...r.kernel.org,
rafael@...nel.org, David Airlie <airlied@...ux.ie>,
linux-pci@...r.kernel.org,
Thierry Reding <thierry.reding@...il.com>,
Diana Craciun <diana.craciun@....nxp.com>,
Dmitry Osipenko <digetx@...il.com>,
Will Deacon <will@...nel.org>,
Stuart Yoder <stuyoder@...il.com>,
Jonathan Hunter <jonathanh@...dia.com>,
Chaitanya Kulkarni <kch@...dia.com>,
Bjorn Helgaas <bhelgaas@...gle.com>,
Dan Williams <dan.j.williams@...el.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Cornelia Huck <cohuck@...hat.com>,
linux-kernel@...r.kernel.org, Li Yang <leoyang.li@....com>,
iommu@...ts.linux-foundation.org,
Jacob jun Pan <jacob.jun.pan@...el.com>,
Daniel Vetter <daniel@...ll.ch>
Subject: Re: [PATCH v1 1/8] iommu: Add iommu_group_replace_domain()
On 2022-02-14 12:45, Jason Gunthorpe wrote:
> On Mon, Feb 14, 2022 at 12:09:36PM +0000, Robin Murphy wrote:
>> On 2022-01-06 02:20, Lu Baolu wrote:
>>> Expose an interface to replace the domain of an iommu group for frameworks
>>> like vfio which claims the ownership of the whole iommu group.
>>
>> But if the underlying point is the new expectation that
>> iommu_{attach,detach}_device() operate on the device's whole group where
>> relevant, why should we invent some special mechanism for VFIO to be
>> needlessly inconsistent?
>>
>> I said before that it's trivial for VFIO to resolve a suitable device if it
>> needs to; by now I've actually written the patch ;)
>>
>> https://gitlab.arm.com/linux-arm/linux-rm/-/commit/9f37d8c17c9b606abc96e1f1001c0b97c8b93ed5
>
> Er, how does locking work there? What keeps busdev from being
> concurrently unplugged?
Same thing that prevents the bus pointer from suddenly becoming invalid
in the current code, I guess :)
But yes, holding a group reference alone can't prevent the group itself
from changing, and the finer points of locking still need working out -
there's a reason you got a link to a WIP branch in my tree rather than a
proper patch in your inbox (TBH at the moment that one represents about
a 5:1 ratio of time spent on the reasoning behind the commit message vs.
the implementation itself).
> How can iommu_group_get() be safely called on
> this pointer?
VFIO hardly needs to retrieve the iommu_group from a device which it
derived from the iommu_group it holds in the first place. What matters
is being able to call *other* device-based IOMMU API interfaces in the
long term. And once a robust solution for that is in place, it should
inevitably work for a device-based attach interface too.
> All of the above only works normally inside a probe/remove context
> where the driver core is blocking concurrent unplug and descruction.
>
> I think I said this last time you brought it up that lifetime was the
> challenge with this idea.
Indeed, but it's a challenge that needs tackling, because the bus-based
interfaces need to go away. So either we figure it out now and let this
attach interface rework benefit immediately, or I spend three times as
long solving it on my own and end up deleting
iommu_group_replace_domain() in about 6 months' time anyway.
Thanks,
Robin.
Powered by blists - more mailing lists