[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Yv4/s6lX6Nq+40tu@nvidia.com>
Date: Thu, 18 Aug 2022 10:33:39 -0300
From: Jason Gunthorpe <jgg@...dia.com>
To: Lu Baolu <baolu.lu@...ux.intel.com>
Cc: Joerg Roedel <joro@...tes.org>,
Christoph Hellwig <hch@...radead.org>,
Bjorn Helgaas <bhelgaas@...gle.com>,
Kevin Tian <kevin.tian@...el.com>,
Ashok Raj <ashok.raj@...el.com>, Will Deacon <will@...nel.org>,
Robin Murphy <robin.murphy@....com>,
Jean-Philippe Brucker <jean-philippe@...aro.com>,
Dave Jiang <dave.jiang@...el.com>,
Vinod Koul <vkoul@...nel.org>,
Eric Auger <eric.auger@...hat.com>,
Liu Yi L <yi.l.liu@...el.com>,
Jacob jun Pan <jacob.jun.pan@...el.com>,
Zhangfei Gao <zhangfei.gao@...aro.org>,
Zhu Tony <tony.zhu@...el.com>, iommu@...ts.linux.dev,
linux-pci@...r.kernel.org, linux-kernel@...r.kernel.org,
Jean-Philippe Brucker <jean-philippe@...aro.org>
Subject: Re: [PATCH v11 05/13] iommu: Add attach/detach_dev_pasid iommu
interface
On Wed, Aug 17, 2022 at 09:20:16AM +0800, Lu Baolu wrote:
> +static int __iommu_set_group_pasid(struct iommu_domain *domain,
> + struct iommu_group *group, ioasid_t pasid)
> +{
> + struct iommu_domain *ops_domain;
> + struct group_device *device;
> + int ret = 0;
> +
> + if (domain == group->blocking_domain)
> + ops_domain = xa_load(&group->pasid_array, pasid);
> + else
> + ops_domain = domain;
This seems weird, why isn't this just always
domain->ops->set_dev_pasid()?
> + if (curr) {
> + ret = xa_err(curr) ? : -EBUSY;
> + goto out_unlock;
> + }
> +
> + ret = __iommu_set_group_pasid(domain, group, pasid);
> + if (ret) {
> + __iommu_set_group_pasid(group->blocking_domain, group, pasid);
> + xa_erase(&group->pasid_array, pasid);
I was looking at this trying to figure out why we are having
attach/detach semantics vs set and this error handling seems to be the
reason
Lets add a comment because it is subtle thing:
Setting a PASID to a blocking domain cannot fail, so we can always
safely error unwind a failure to attach a domain back to the original
group configuration of the PASID being unused.
> +/*
> + * iommu_detach_device_pasid() - Detach the domain from pasid of device
> + * @domain: the iommu domain.
> + * @dev: the attached device.
> + * @pasid: the pasid of the device.
> + *
> + * The @domain must have been attached to @pasid of the @dev with
> + * iommu_attach_device_pasid().
> + */
> +void iommu_detach_device_pasid(struct iommu_domain *domain, struct device *dev,
> + ioasid_t pasid)
Don't pass domain here?
> +/*
> + * iommu_get_domain_for_dev_pasid() - Retrieve domain for @pasid of @dev
> + * @dev: the queried device
> + * @pasid: the pasid of the device
> + *
> + * This is a variant of iommu_get_domain_for_dev(). It returns the existing
> + * domain attached to pasid of a device. It's only for internal use of the
> + * IOMMU subsystem. The caller must take care to avoid any possible
> + * use-after-free case.
How exactly does the caller manage that?
> + *
> + * Return: attached domain on success, NULL otherwise.
> + */
> +struct iommu_domain *
> +iommu_get_domain_for_dev_pasid(struct device *dev, ioasid_t pasid)
> +{
> + struct iommu_domain *domain;
> + struct iommu_group *group;
> +
> + if (!pasid_valid(pasid))
> + return NULL;
Why bother? If the pasid is not valid then it definitely won't be in the xarray.
But otherwise this overall thing seems fine to me
Jason
Powered by blists - more mailing lists