From: Gerald Schaefer <gerald.schaefer-tA70FqPdS9bQT0dZR+AlfA@public.gmane.org>
To: Joerg Roedel <joro-zLv9SwRftAIdnm+yROfE0A@public.gmane.org>
Cc: kvm-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-pci-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Sebastian Ott
<sebott-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>,
iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Martin Schwidefsky
<schwidefsky-tA70FqPdS9bQT0dZR+AlfA@public.gmane.org>,
Gerald Schaefer
<gerald.schaefer-tA70FqPdS9bQT0dZR+AlfA@public.gmane.org>
Subject: Re: [RFC PATCH 0/1] iommu: Detach device from domain when removed from group
Date: Mon, 3 Aug 2015 14:25:35 +0200 [thread overview]
Message-ID: <20150803142535.583677b7@thinkpad> (raw)
In-Reply-To: <1438106156-51847-1-git-send-email-gerald.schaefer-tA70FqPdS9bQT0dZR+AlfA@public.gmane.org>
On Tue, 28 Jul 2015 19:55:55 +0200
Gerald Schaefer <gerald.schaefer-tA70FqPdS9bQT0dZR+AlfA@public.gmane.org> wrote:
> Hi,
>
> during IOMMU API function testing on s390 I hit the following scenario:
>
> After binding a device to vfio-pci, the user completes the VFIO_SET_IOMMU
> ioctl and stops, see the sample C program below. Now the device is manually
> removed via "echo 1 > /sys/bus/pci/devices/.../remove".
>
> Although the SET_IOMMU ioctl triggered the attach_dev callback in the
> underlying IOMMU API, removing the device in this way won't trigger the
> detach_dev callback, neither during remove nor when the user program
> continues with closing group/container.
>
> On s390, this eventually leads to a kernel panic when binding the device
> again to its non-vfio PCI driver, because of the missing arch-specific
> cleanup in detach_dev. On x86, the detach_dev callback will also not be
> called directly, but there is a notifier that will catch
> BUS_NOTIFY_REMOVED_DEVICE and eventually do the cleanup. Other
> architectures w/o the notifier probably have at least some kind of memory
> leak in this scenario, so a general fix would be nice.
>
> My first approach was to try and fix this in VFIO code, but Alex Williamson
> pointed me to some asymmetry in the IOMMU code: iommu_group_add_device()
> will invoke the attach_dev callback, but iommu_group_remove_device() won't
> trigger detach_dev. Fixing this asymmetry would fix the issue for me, but
> is this the correct fix? Any thoughts?
Ping.
The suggested fix may be completely wrong, but not having detach_dev called
seems like like a serious issue, any feedback would be greatly appreciated.
>
> Regards,
> Gerald
>
>
> Here is the sample C program to trigger the ioctl:
>
> #include <stdio.h>
> #include <fcntl.h>
> #include <linux/vfio.h>
>
> int main(void)
> {
> int container, group, rc;
>
> container = open("/dev/vfio/vfio", O_RDWR);
> if (container < 0) {
> perror("open /dev/vfio/vfio\n");
> return -1;
> }
>
> group = open("/dev/vfio/0", O_RDWR);
> if (group < 0) {
> perror("open /dev/vfio/0\n");
> return -1;
> }
>
> rc = ioctl(group, VFIO_GROUP_SET_CONTAINER, &container);
> if (rc) {
> perror("ioctl VFIO_GROUP_SET_CONTAINER\n");
> return -1;
> }
>
> rc = ioctl(container, VFIO_SET_IOMMU, VFIO_TYPE1_IOMMU);
> if (rc) {
> perror("ioctl VFIO_SET_IOMMU\n");
> return -1;
> }
>
> printf("Try device remove...\n");
> getchar();
>
> close(group);
> close(container);
> return 0;
> }
>
> Gerald Schaefer (1):
> iommu: Detach device from domain when removed from group
>
> drivers/iommu/iommu.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
WARNING: multiple messages have this Message-ID (diff)
From: Gerald Schaefer <gerald.schaefer@de.ibm.com>
To: Joerg Roedel <joro@8bytes.org>
Cc: Gerald Schaefer <gerald.schaefer@de.ibm.com>,
Alex Williamson <alex.williamson@redhat.com>,
iommu@lists.linux-foundation.org, linux-kernel@vger.kernel.org,
kvm@vger.kernel.org, linux-pci@vger.kernel.org,
Sebastian Ott <sebott@linux.vnet.ibm.com>,
Martin Schwidefsky <schwidefsky@de.ibm.com>
Subject: Re: [RFC PATCH 0/1] iommu: Detach device from domain when removed from group
Date: Mon, 3 Aug 2015 14:25:35 +0200 [thread overview]
Message-ID: <20150803142535.583677b7@thinkpad> (raw)
In-Reply-To: <1438106156-51847-1-git-send-email-gerald.schaefer@de.ibm.com>
On Tue, 28 Jul 2015 19:55:55 +0200
Gerald Schaefer <gerald.schaefer@de.ibm.com> wrote:
> Hi,
>
> during IOMMU API function testing on s390 I hit the following scenario:
>
> After binding a device to vfio-pci, the user completes the VFIO_SET_IOMMU
> ioctl and stops, see the sample C program below. Now the device is manually
> removed via "echo 1 > /sys/bus/pci/devices/.../remove".
>
> Although the SET_IOMMU ioctl triggered the attach_dev callback in the
> underlying IOMMU API, removing the device in this way won't trigger the
> detach_dev callback, neither during remove nor when the user program
> continues with closing group/container.
>
> On s390, this eventually leads to a kernel panic when binding the device
> again to its non-vfio PCI driver, because of the missing arch-specific
> cleanup in detach_dev. On x86, the detach_dev callback will also not be
> called directly, but there is a notifier that will catch
> BUS_NOTIFY_REMOVED_DEVICE and eventually do the cleanup. Other
> architectures w/o the notifier probably have at least some kind of memory
> leak in this scenario, so a general fix would be nice.
>
> My first approach was to try and fix this in VFIO code, but Alex Williamson
> pointed me to some asymmetry in the IOMMU code: iommu_group_add_device()
> will invoke the attach_dev callback, but iommu_group_remove_device() won't
> trigger detach_dev. Fixing this asymmetry would fix the issue for me, but
> is this the correct fix? Any thoughts?
Ping.
The suggested fix may be completely wrong, but not having detach_dev called
seems like like a serious issue, any feedback would be greatly appreciated.
>
> Regards,
> Gerald
>
>
> Here is the sample C program to trigger the ioctl:
>
> #include <stdio.h>
> #include <fcntl.h>
> #include <linux/vfio.h>
>
> int main(void)
> {
> int container, group, rc;
>
> container = open("/dev/vfio/vfio", O_RDWR);
> if (container < 0) {
> perror("open /dev/vfio/vfio\n");
> return -1;
> }
>
> group = open("/dev/vfio/0", O_RDWR);
> if (group < 0) {
> perror("open /dev/vfio/0\n");
> return -1;
> }
>
> rc = ioctl(group, VFIO_GROUP_SET_CONTAINER, &container);
> if (rc) {
> perror("ioctl VFIO_GROUP_SET_CONTAINER\n");
> return -1;
> }
>
> rc = ioctl(container, VFIO_SET_IOMMU, VFIO_TYPE1_IOMMU);
> if (rc) {
> perror("ioctl VFIO_SET_IOMMU\n");
> return -1;
> }
>
> printf("Try device remove...\n");
> getchar();
>
> close(group);
> close(container);
> return 0;
> }
>
> Gerald Schaefer (1):
> iommu: Detach device from domain when removed from group
>
> drivers/iommu/iommu.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
next prev parent reply other threads:[~2015-08-03 12:25 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-28 17:55 [RFC PATCH 0/1] iommu: Detach device from domain when removed from group Gerald Schaefer
2015-07-28 17:55 ` Gerald Schaefer
[not found] ` <1438106156-51847-1-git-send-email-gerald.schaefer-tA70FqPdS9bQT0dZR+AlfA@public.gmane.org>
2015-07-28 17:55 ` [RFC PATCH 1/1] " Gerald Schaefer
2015-07-28 17:55 ` Gerald Schaefer
2015-08-03 12:25 ` Gerald Schaefer [this message]
2015-08-03 12:25 ` [RFC PATCH 0/1] " Gerald Schaefer
2015-08-03 15:48 ` Joerg Roedel
[not found] ` <20150803154855.GI14980-zLv9SwRftAIdnm+yROfE0A@public.gmane.org>
2015-08-03 17:04 ` Gerald Schaefer
2015-08-03 17:04 ` Gerald Schaefer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150803142535.583677b7@thinkpad \
--to=gerald.schaefer-ta70fqpds9bqt0dzr+alfa@public.gmane.org \
--cc=iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
--cc=joro-zLv9SwRftAIdnm+yROfE0A@public.gmane.org \
--cc=kvm-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-pci-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=schwidefsky-tA70FqPdS9bQT0dZR+AlfA@public.gmane.org \
--cc=sebott-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.