lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20251027134430.00007e46@linux.microsoft.com>
Date: Mon, 27 Oct 2025 13:44:30 -0700
From: Jacob Pan <jacob.pan@...ux.microsoft.com>
To: Vipin Sharma <vipinsh@...gle.com>
Cc: bhelgaas@...gle.com, alex.williamson@...hat.com,
 pasha.tatashin@...een.com, dmatlack@...gle.com, jgg@...pe.ca,
 graf@...zon.com, pratyush@...nel.org, gregkh@...uxfoundation.org,
 chrisl@...nel.org, rppt@...nel.org, skhawaja@...gle.com, parav@...dia.com,
 saeedm@...dia.com, kevin.tian@...el.com, jrhilke@...gle.com,
 david@...hat.com, jgowans@...zon.com, dwmw2@...radead.org,
 epetron@...zon.de, junaids@...gle.com, linux-kernel@...r.kernel.org,
 linux-pci@...r.kernel.org, kvm@...r.kernel.org,
 linux-kselftest@...r.kernel.org, Jacob Pan <jacob.pan@...ux.microsoft.com>
Subject: Re: [RFC PATCH 06/21] vfio/pci: Accept live update preservation
 request for VFIO cdev

On Fri, 17 Oct 2025 17:06:58 -0700
Vipin Sharma <vipinsh@...gle.com> wrote:

> Return true in can_preserve() callback of live update file handler, if
> VFIO can preserve the passed VFIO cdev file. Return -EOPNOTSUPP from
> prepare() callback for now to fail any attempt to preserve VFIO cdev
> in live update.
> 
> The VFIO cdev opened check ensures that the file is actually used for
> VFIO cdev and not for VFIO device FD which can be obtained from the
> VFIO group.
> 
> Returning true from can_preserve() tells Live Update Orchestrator that
> VFIO can try to preserve the given file during live update. Actual
> preservation logic will be added in future patches, therefore, for
> now, prepare call will fail.
> 
> Signed-off-by: Vipin Sharma <vipinsh@...gle.com>
> ---
>  drivers/vfio/pci/vfio_pci_liveupdate.c | 16 +++++++++++++++-
>  drivers/vfio/vfio_main.c               |  3 ++-
>  include/linux/vfio.h                   |  2 ++
>  3 files changed, 19 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/vfio/pci/vfio_pci_liveupdate.c
> b/drivers/vfio/pci/vfio_pci_liveupdate.c index
> 088f7698a72c..2ce2c11cb51c 100644 ---
> a/drivers/vfio/pci/vfio_pci_liveupdate.c +++
> b/drivers/vfio/pci/vfio_pci_liveupdate.c @@ -8,10 +8,17 @@
>   */
>  
>  #include <linux/liveupdate.h>
> +#include <linux/vfio.h>
>  #include <linux/errno.h>
>  
>  #include "vfio_pci_priv.h"
>  
> +static int vfio_pci_liveupdate_prepare(struct
> liveupdate_file_handler *handler,
> +				       struct file *file, u64 *data)
> +{
> +	return -EOPNOTSUPP;
> +}
> +
>  static int vfio_pci_liveupdate_retrieve(struct
> liveupdate_file_handler *handler, u64 data, struct file **file)
>  {
> @@ -21,10 +28,17 @@ static int vfio_pci_liveupdate_retrieve(struct
> liveupdate_file_handler *handler, static bool
> vfio_pci_liveupdate_can_preserve(struct liveupdate_file_handler
> *handler, struct file *file) {
> -	return -EOPNOTSUPP;
> +	struct vfio_device *device = vfio_device_from_file(file);
> +
> +	if (!device)
> +		return false;
> +
> +	guard(mutex)(&device->dev_set->lock);
> +	return vfio_device_cdev_opened(device);
IIUC, vfio_device_cdev_opened(device) will only return true after
vfio_df_ioctl_bind_iommufd(). Where it does:
	device->cdev_opened = true;

Does this imply that devices not bound to an iommufd cannot be
preserved?

If so, I am confused about your cover letter step #15
> 15. It makes usual bind iommufd and attach page table calls.

Does it mean after restoration, we have to bind iommufd again?

I have a separate question regarding noiommu devices. I’m currently
working on adding noiommu mode support for VFIO cdev under iommufd.
From my understanding, these devices should naturally be included in
your patchset, provided that I ensure the noiommu cdev follows the same
open/bind process. Is that correct?

>  }
>  
>  static const struct liveupdate_file_ops vfio_pci_luo_fops = {
> +	.prepare = vfio_pci_liveupdate_prepare,
>  	.retrieve = vfio_pci_liveupdate_retrieve,
>  	.can_preserve = vfio_pci_liveupdate_can_preserve,
>  	.owner = THIS_MODULE,
> diff --git a/drivers/vfio/vfio_main.c b/drivers/vfio/vfio_main.c
> index 38c8e9350a60..4cb47c1564f4 100644
> --- a/drivers/vfio/vfio_main.c
> +++ b/drivers/vfio/vfio_main.c
> @@ -1386,7 +1386,7 @@ const struct file_operations vfio_device_fops =
> { #endif
>  };
>  
> -static struct vfio_device *vfio_device_from_file(struct file *file)
> +struct vfio_device *vfio_device_from_file(struct file *file)
>  {
>  	struct vfio_device_file *df = file->private_data;
>  
> @@ -1394,6 +1394,7 @@ static struct vfio_device
> *vfio_device_from_file(struct file *file) return NULL;
>  	return df->device;
>  }
> +EXPORT_SYMBOL_GPL(vfio_device_from_file);
>  
>  /**
>   * vfio_file_is_valid - True if the file is valid vfio file
> diff --git a/include/linux/vfio.h b/include/linux/vfio.h
> index eb563f538dee..2443d24aa237 100644
> --- a/include/linux/vfio.h
> +++ b/include/linux/vfio.h
> @@ -385,4 +385,6 @@ int vfio_virqfd_enable(void *opaque, int
> (*handler)(void *, void *), void vfio_virqfd_disable(struct virqfd
> **pvirqfd); void vfio_virqfd_flush_thread(struct virqfd **pvirqfd);
>  
> +struct vfio_device *vfio_device_from_file(struct file *file);
> +
>  #endif /* VFIO_H */

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ