[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <BN9PR11MB5276CE65DBB24EF838825B628C39A@BN9PR11MB5276.namprd11.prod.outlook.com>
Date: Wed, 19 Jul 2023 05:39:30 +0000
From: "Tian, Kevin" <kevin.tian@...el.com>
To: Baolu Lu <baolu.lu@...ux.intel.com>,
Jacob Pan <jacob.jun.pan@...ux.intel.com>,
LKML <linux-kernel@...r.kernel.org>,
"iommu@...ts.linux.dev" <iommu@...ts.linux.dev>,
Joerg Roedel <joro@...tes.org>,
Jean-Philippe Brucker <jean-philippe@...aro.com>,
"Robin Murphy" <robin.murphy@....com>
CC: Jason Gunthorpe <jgg@...dia.com>, Will Deacon <will@...nel.org>,
"Liu, Yi L" <yi.l.liu@...el.com>,
"Yu, Fenghua" <fenghua.yu@...el.com>,
"Luck, Tony" <tony.luck@...el.com>
Subject: RE: [PATCH v10 5/7] iommu/vt-d: Make prq draining code generic
> From: Baolu Lu <baolu.lu@...ux.intel.com>
> Sent: Friday, July 14, 2023 1:47 PM
>
> On 2023/7/14 11:49, Tian, Kevin wrote:
> >> From: Baolu Lu <baolu.lu@...ux.intel.com>
> >> Sent: Friday, July 14, 2023 11:28 AM
> >>
> >> On 2023/7/13 15:49, Tian, Kevin wrote:
> >>>> From: Jacob Pan <jacob.jun.pan@...ux.intel.com>
> >>>> Sent: Thursday, July 13, 2023 12:34 AM
> >>>>
> >>>> - /* Domain type specific cleanup: */
> >>>> domain = iommu_get_domain_for_dev_pasid(dev, pasid, 0);
> >>>> - if (domain) {
> >>>> - switch (domain->type) {
> >>>> - case IOMMU_DOMAIN_SVA:
> >>>> - intel_svm_remove_dev_pasid(dev, pasid);
> >>>> - break;
> >>>> - default:
> >>>> - /* should never reach here */
> >>>> - WARN_ON(1);
> >>>> - break;
> >>>> - }
> >>>> + if (!domain)
> >>>> + goto out_tear_down;
> >>>
> >>> WARN_ON()
> >>
> >> Why?
> >>
> >> My understanding is that remve_device_pasid could be call in any context
> >> including no domain attached.
> >>
> >
> > oh I'm not aware of that. Can you elaborate the usage which uses a pasid
> > w/o domain? pasid needs to point to a page table. Presumably every
> > page table should be wrapped by a iommu domain...
>
> A case I can think of is error rewinding. A domain is being attached to
> multiple pasids. When one of them is failed, remove_device_pasid should
> be called on all pasids so that they are parked at a determinant state.
Can you elaborate what is the association among those pasid's so failing
one would lead to failing all?
Just like a domain can be attached to multiple devices. I don't think there
is an unwinding policy forcing to detach all devices just because there is
a failure attaching the domain to a new one.
>
> On the other hand, I don't want the remove_device_pasid to be the
> counterpart of attach_dev_pasid. remove_device_pasid simply denotes:
>
> - The pasid will be parked in blocking state;
> - If any domain that has been attached to this pasid, stop reference to
> it any more. Otherwise, there might be use-after-free issues.
>
> Hence, remove_device_pasid should never fail.
>
It should never fail. But could warn if there is a condition which shouldn't
be hit. 😊
Powered by blists - more mailing lists