From: Jason Gunthorpe via iommu <iommu@lists.linux-foundation.org>
To: Joao Martins <joao.m.martins@oracle.com>
Cc: Kevin Tian <kevin.tian@intel.com>,
Ashok Raj <ashok.raj@intel.com>, Will Deacon <will@kernel.org>,
linux-kernel@vger.kernel.org,
Christoph Hellwig <hch@infradead.org>,
iommu@lists.linux-foundation.org,
Jacob jun Pan <jacob.jun.pan@intel.com>,
Robin Murphy <robin.murphy@arm.com>
Subject: Re: [PATCH 01/12] iommu/vt-d: Use iommu_get_domain_for_dev() in debugfs
Date: Wed, 1 Jun 2022 09:33:21 -0300 [thread overview]
Message-ID: <20220601123321.GQ1343366@nvidia.com> (raw)
In-Reply-To: <135e22b8-14cc-446f-98b6-9ee059236641@oracle.com>
On Wed, Jun 01, 2022 at 01:18:52PM +0100, Joao Martins wrote:
> > So having safe racy reading in the kernel is probably best, and so RCU
> > would be good here too.
>
> Reading dirties ought to be similar to map/unmap but slightly simpler as
> I supposedly don't need to care about the pte changing under the hood (or
> so I initially thought). I was wrestling at some point if test-and-clear
> was enough or whether I switch back cmpxchg to detect the pte has changed
> and only mark dirty based on the old value[*]. The latter would align with
> how map/unmap performs the pte updates.
test-and-clear should be fine, but this all needs to be done under a
RCU context while the page tables themsevles are freed by RCU. Then
you can safely chase the page table pointers down to each level
without fear of UAF.
> I am not sure yet on dynamic demote/promote of page sizes if it changes this.
For this kind of primitive the caller must provide the locking, just
like map/unmap.
Effectively you can consider the iommu_domain has having externally
provided range-locks over the IOVA space. map/unmap/demote/promote
must run serially over intersecting IOVA ranges.
In terms of iommufd this means we always have to hold a lock related
to the area (which is the IOVA range) before issuing any iommu call on
the domain.
Jason
_______________________________________________
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu
WARNING: multiple messages have this Message-ID (diff)
From: Jason Gunthorpe <jgg@nvidia.com>
To: Joao Martins <joao.m.martins@oracle.com>
Cc: Robin Murphy <robin.murphy@arm.com>,
Baolu Lu <baolu.lu@linux.intel.com>,
Joerg Roedel <joro@8bytes.org>, Kevin Tian <kevin.tian@intel.com>,
Ashok Raj <ashok.raj@intel.com>,
Christoph Hellwig <hch@infradead.org>,
Will Deacon <will@kernel.org>, Liu Yi L <yi.l.liu@intel.com>,
Jacob jun Pan <jacob.jun.pan@intel.com>,
iommu@lists.linux-foundation.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 01/12] iommu/vt-d: Use iommu_get_domain_for_dev() in debugfs
Date: Wed, 1 Jun 2022 09:33:21 -0300 [thread overview]
Message-ID: <20220601123321.GQ1343366@nvidia.com> (raw)
In-Reply-To: <135e22b8-14cc-446f-98b6-9ee059236641@oracle.com>
On Wed, Jun 01, 2022 at 01:18:52PM +0100, Joao Martins wrote:
> > So having safe racy reading in the kernel is probably best, and so RCU
> > would be good here too.
>
> Reading dirties ought to be similar to map/unmap but slightly simpler as
> I supposedly don't need to care about the pte changing under the hood (or
> so I initially thought). I was wrestling at some point if test-and-clear
> was enough or whether I switch back cmpxchg to detect the pte has changed
> and only mark dirty based on the old value[*]. The latter would align with
> how map/unmap performs the pte updates.
test-and-clear should be fine, but this all needs to be done under a
RCU context while the page tables themsevles are freed by RCU. Then
you can safely chase the page table pointers down to each level
without fear of UAF.
> I am not sure yet on dynamic demote/promote of page sizes if it changes this.
For this kind of primitive the caller must provide the locking, just
like map/unmap.
Effectively you can consider the iommu_domain has having externally
provided range-locks over the IOVA space. map/unmap/demote/promote
must run serially over intersecting IOVA ranges.
In terms of iommufd this means we always have to hold a lock related
to the area (which is the IOVA range) before issuing any iommu call on
the domain.
Jason
next prev parent reply other threads:[~2022-06-01 12:33 UTC|newest]
Thread overview: 110+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-27 6:30 [PATCH 00/12] iommu/vt-d: Optimize the use of locks Lu Baolu
2022-05-27 6:30 ` Lu Baolu
2022-05-27 6:30 ` [PATCH 01/12] iommu/vt-d: Use iommu_get_domain_for_dev() in debugfs Lu Baolu
2022-05-27 6:30 ` Lu Baolu
2022-05-27 14:59 ` Jason Gunthorpe via iommu
2022-05-27 14:59 ` Jason Gunthorpe
2022-05-29 5:14 ` Baolu Lu
2022-05-29 5:14 ` Baolu Lu
2022-05-30 12:14 ` Jason Gunthorpe via iommu
2022-05-30 12:14 ` Jason Gunthorpe
2022-05-31 3:02 ` Baolu Lu
2022-05-31 3:02 ` Baolu Lu
2022-05-31 13:10 ` Jason Gunthorpe via iommu
2022-05-31 13:10 ` Jason Gunthorpe
2022-05-31 14:11 ` Baolu Lu
2022-05-31 14:11 ` Baolu Lu
2022-05-31 14:53 ` Jason Gunthorpe via iommu
2022-05-31 14:53 ` Jason Gunthorpe
2022-05-31 15:01 ` Robin Murphy
2022-05-31 15:01 ` Robin Murphy
2022-05-31 15:13 ` Jason Gunthorpe via iommu
2022-05-31 15:13 ` Jason Gunthorpe
2022-05-31 16:01 ` Robin Murphy
2022-05-31 16:01 ` Robin Murphy
2022-05-31 16:21 ` Jason Gunthorpe via iommu
2022-05-31 16:21 ` Jason Gunthorpe
2022-05-31 18:07 ` Robin Murphy
2022-05-31 18:07 ` Robin Murphy
2022-05-31 18:51 ` Jason Gunthorpe via iommu
2022-05-31 18:51 ` Jason Gunthorpe
2022-05-31 21:22 ` Robin Murphy
2022-05-31 21:22 ` Robin Murphy
2022-05-31 23:10 ` Jason Gunthorpe via iommu
2022-05-31 23:10 ` Jason Gunthorpe
2022-06-01 8:53 ` Tian, Kevin
2022-06-01 8:53 ` Tian, Kevin
2022-06-01 12:18 ` Joao Martins
2022-06-01 12:18 ` Joao Martins
2022-06-01 12:33 ` Jason Gunthorpe via iommu [this message]
2022-06-01 12:33 ` Jason Gunthorpe
2022-06-01 13:52 ` Joao Martins
2022-06-01 13:52 ` Joao Martins
2022-06-01 14:22 ` Jason Gunthorpe via iommu
2022-06-01 14:22 ` Jason Gunthorpe
2022-06-01 6:39 ` Baolu Lu
2022-06-01 6:39 ` Baolu Lu
2022-05-31 13:52 ` Robin Murphy
2022-05-31 13:52 ` Robin Murphy
2022-05-31 15:59 ` Jason Gunthorpe via iommu
2022-05-31 15:59 ` Jason Gunthorpe
2022-05-31 16:42 ` Robin Murphy
2022-05-31 16:42 ` Robin Murphy
2022-06-01 5:47 ` Baolu Lu
2022-06-01 5:47 ` Baolu Lu
2022-06-01 5:33 ` Baolu Lu
2022-06-01 5:33 ` Baolu Lu
2022-05-27 6:30 ` [PATCH 02/12] iommu/vt-d: Remove for_each_device_domain() Lu Baolu
2022-05-27 6:30 ` Lu Baolu
2022-05-27 15:00 ` Jason Gunthorpe via iommu
2022-05-27 15:00 ` Jason Gunthorpe
2022-06-01 8:53 ` Tian, Kevin
2022-06-01 8:53 ` Tian, Kevin
2022-05-27 6:30 ` [PATCH 03/12] iommu/vt-d: Remove clearing translation data in disable_dmar_iommu() Lu Baolu
2022-05-27 6:30 ` Lu Baolu
2022-05-27 15:01 ` Jason Gunthorpe via iommu
2022-05-27 15:01 ` Jason Gunthorpe
2022-05-29 5:22 ` Baolu Lu
2022-05-29 5:22 ` Baolu Lu
2022-05-27 6:30 ` [PATCH 04/12] iommu/vt-d: Use pci_get_domain_bus_and_slot() in pgtable_walk() Lu Baolu
2022-05-27 6:30 ` Lu Baolu
2022-05-27 15:01 ` Jason Gunthorpe via iommu
2022-05-27 15:01 ` Jason Gunthorpe
2022-06-01 8:56 ` Tian, Kevin
2022-06-01 8:56 ` Tian, Kevin
2022-05-27 6:30 ` [PATCH 05/12] iommu/vt-d: Unncessary spinlock for root table alloc and free Lu Baolu
2022-05-27 6:30 ` Lu Baolu
2022-06-01 9:05 ` Tian, Kevin
2022-06-01 9:05 ` Tian, Kevin
2022-05-27 6:30 ` [PATCH 06/12] iommu/vt-d: Acquiring lock in domain ID allocation helpers Lu Baolu
2022-05-27 6:30 ` Lu Baolu
2022-06-01 9:09 ` Tian, Kevin
2022-06-01 9:09 ` Tian, Kevin
2022-06-01 10:38 ` Baolu Lu
2022-06-01 10:38 ` Baolu Lu
2022-05-27 6:30 ` [PATCH 07/12] iommu/vt-d: Acquiring lock in pasid manipulation helpers Lu Baolu
2022-05-27 6:30 ` Lu Baolu
2022-06-01 9:18 ` Tian, Kevin
2022-06-01 9:18 ` Tian, Kevin
2022-06-01 10:48 ` Baolu Lu
2022-06-01 10:48 ` Baolu Lu
2022-05-27 6:30 ` [PATCH 08/12] iommu/vt-d: Replace spin_lock_irqsave() with spin_lock() Lu Baolu
2022-05-27 6:30 ` Lu Baolu
2022-05-27 6:30 ` [PATCH 09/12] iommu/vt-d: Check device list of domain in domain free path Lu Baolu
2022-05-27 6:30 ` Lu Baolu
2022-05-27 15:05 ` Jason Gunthorpe via iommu
2022-05-27 15:05 ` Jason Gunthorpe
2022-06-01 9:28 ` Tian, Kevin
2022-06-01 9:28 ` Tian, Kevin
2022-06-01 11:02 ` Baolu Lu
2022-06-01 11:02 ` Baolu Lu
2022-06-02 6:29 ` Tian, Kevin
2022-06-02 6:29 ` Tian, Kevin
2022-06-06 1:34 ` Baolu Lu
2022-06-06 1:34 ` Baolu Lu
2022-05-27 6:30 ` [PATCH 10/12] iommu/vt-d: Fold __dmar_remove_one_dev_info() into its caller Lu Baolu
2022-05-27 6:30 ` Lu Baolu
2022-05-27 6:30 ` [PATCH 11/12] iommu/vt-d: Use device_domain_lock accurately Lu Baolu
2022-05-27 6:30 ` Lu Baolu
2022-05-27 6:30 ` [PATCH 12/12] iommu/vt-d: Convert device_domain_lock into per-domain mutex Lu Baolu
2022-05-27 6:30 ` Lu Baolu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220601123321.GQ1343366@nvidia.com \
--to=iommu@lists.linux-foundation.org \
--cc=ashok.raj@intel.com \
--cc=hch@infradead.org \
--cc=jacob.jun.pan@intel.com \
--cc=jgg@nvidia.com \
--cc=joao.m.martins@oracle.com \
--cc=kevin.tian@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=robin.murphy@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.