From: Jason Gunthorpe <jgg@nvidia.com>
To: Nicolin Chen <nicolinc@nvidia.com>
Cc: kevin.tian@intel.com, corbet@lwn.net, will@kernel.org,
bagasdotme@gmail.com, robin.murphy@arm.com, joro@8bytes.org,
thierry.reding@gmail.com, vdumpa@nvidia.com,
jonathanh@nvidia.com, shuah@kernel.org, jsnitsel@redhat.com,
nathan@kernel.org, peterz@infradead.org, yi.l.liu@intel.com,
mshavit@google.com, praan@google.com, zhangzekun11@huawei.com,
iommu@lists.linux.dev, linux-doc@vger.kernel.org,
linux-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
linux-tegra@vger.kernel.org, linux-kselftest@vger.kernel.org,
patches@lists.linux.dev, mochs@nvidia.com,
alok.a.tiwari@oracle.com, vasant.hegde@amd.com,
dwmw2@infradead.org, baolu.lu@linux.intel.com
Subject: Re: [PATCH v6 23/25] iommu/tegra241-cmdqv: Do not statically map LVCMDQs
Date: Mon, 16 Jun 2025 12:44:14 -0300 [thread overview]
Message-ID: <20250616154414.GL1174925@nvidia.com> (raw)
In-Reply-To: <c10eec6d48fd25579755973d28ba4a79a21bf721.1749884998.git.nicolinc@nvidia.com>
On Sat, Jun 14, 2025 at 12:14:48AM -0700, Nicolin Chen wrote:
> To simplify the mappings from global VCMDQs to VINTFs' LVCMDQs, the design
> chose to do static allocations and mappings in the global reset function.
>
> However, with the user-owned VINTF support, it exposes a security concern:
> if user space VM only wants one LVCMDQ for a VINTF, statically mapping two
> or more LVCMDQs creates a hidden VCMDQ that user space could DoS attack by
> writing random stuff to overwhelm the kernel with unhandleable IRQs.
>
> Thus, to support the user-owned VINTF feature, a LVCMDQ mapping has to be
> done dynamically.
>
> HW allows pre-assigning global VCMDQs in the CMDQ_ALLOC registers, without
> finalizing the mappings by keeping CMDQV_CMDQ_ALLOCATED=0. So, add a pair
> of map/unmap helper that simply sets/clears that bit.
>
> For kernel-owned VINTF0, move LVCMDQ mappings to tegra241_vintf_hw_init(),
> and the unmappings to tegra241_vintf_hw_deinit().
>
> For user-owned VINTFs that will be added, the mappings/unmappings will be
> on demand upon an LVCMDQ allocation from the user space.
>
> However, the dynamic LVCMDQ mapping/unmapping can complicate the timing of
> calling tegra241_vcmdq_hw_init/deinit(), which write LVCMDQ address space,
> i.e. requiring LVCMDQ to be mapped. Highlight that with a note to the top
> of either of them.
>
> Acked-by: Pranjal Shrivastava <praan@google.com>
> Signed-off-by: Nicolin Chen <nicolinc@nvidia.com>
> ---
> .../iommu/arm/arm-smmu-v3/tegra241-cmdqv.c | 37 +++++++++++++++++--
> 1 file changed, 33 insertions(+), 4 deletions(-)
Reviewed-by: Jason Gunthorpe <jgg@nvidia.com>
Jason
next prev parent reply other threads:[~2025-06-16 18:29 UTC|newest]
Thread overview: 77+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-14 7:14 [PATCH v6 00/25] iommufd: Add vIOMMU infrastructure (Part-4 HW QUEUE) Nicolin Chen
2025-06-14 7:14 ` [PATCH v6 01/25] iommu: Add iommu_copy_struct_to_user helper Nicolin Chen
2025-06-14 7:14 ` [PATCH v6 02/25] iommu: Pass in a driver-level user data structure to viommu_init op Nicolin Chen
2025-06-14 7:14 ` [PATCH v6 03/25] iommufd/viommu: Allow driver-specific user data for a vIOMMU object Nicolin Chen
2025-06-14 7:14 ` [PATCH v6 04/25] iommufd/selftest: Support user_data in mock_viommu_alloc Nicolin Chen
2025-06-14 7:14 ` [PATCH v6 05/25] iommufd/selftest: Add coverage for viommu data Nicolin Chen
2025-06-14 7:14 ` [PATCH v6 06/25] iommufd/access: Allow access->ops to be NULL for internal use Nicolin Chen
2025-06-16 6:25 ` Baolu Lu
2025-06-16 13:33 ` Jason Gunthorpe
2025-06-17 2:21 ` Nicolin Chen
2025-06-19 9:14 ` Pranjal Shrivastava
2025-06-25 3:38 ` Tian, Kevin
2025-06-25 16:37 ` Nicolin Chen
2025-06-25 17:33 ` Nicolin Chen
2025-06-14 7:14 ` [PATCH v6 07/25] iommufd/access: Add internal APIs for HW queue to use Nicolin Chen
2025-06-16 13:37 ` Jason Gunthorpe
2025-06-17 2:25 ` Nicolin Chen
2025-06-17 4:23 ` Baolu Lu
2025-06-17 11:55 ` Jason Gunthorpe
2025-06-19 9:49 ` Pranjal Shrivastava
2025-06-19 9:42 ` Pranjal Shrivastava
2025-06-14 7:14 ` [PATCH v6 08/25] iommufd/viommu: Add driver-defined vDEVICE support Nicolin Chen
2025-06-16 6:26 ` Baolu Lu
2025-06-19 10:26 ` Pranjal Shrivastava
2025-06-19 11:44 ` Jason Gunthorpe
2025-06-21 4:51 ` Nicolin Chen
2025-06-14 7:14 ` [PATCH v6 09/25] iommufd/viommu: Introduce IOMMUFD_OBJ_HW_QUEUE and its related struct Nicolin Chen
2025-06-16 13:47 ` Jason Gunthorpe
2025-06-17 2:29 ` Nicolin Chen
2025-06-14 7:14 ` [PATCH v6 10/25] iommufd/viommu: Add IOMMUFD_CMD_HW_QUEUE_ALLOC ioctl Nicolin Chen
2025-06-16 6:12 ` Baolu Lu
2025-06-16 6:47 ` Nicolin Chen
2025-06-16 6:54 ` Baolu Lu
2025-06-16 7:04 ` Nicolin Chen
2025-06-16 7:09 ` Baolu Lu
2025-06-25 3:43 ` Tian, Kevin
2025-06-25 16:06 ` Nicolin Chen
2025-06-16 7:11 ` Baolu Lu
2025-06-16 13:58 ` Jason Gunthorpe
2025-06-25 3:45 ` Tian, Kevin
2025-06-25 23:06 ` Nicolin Chen
2025-06-14 7:14 ` [PATCH v6 11/25] iommufd/driver: Add iommufd_hw_queue_depend/undepend() helpers Nicolin Chen
2025-06-16 14:06 ` Jason Gunthorpe
2025-06-14 7:14 ` [PATCH v6 12/25] iommufd/selftest: Add coverage for IOMMUFD_CMD_HW_QUEUE_ALLOC Nicolin Chen
2025-06-14 7:14 ` [PATCH v6 13/25] iommufd: Add mmap interface Nicolin Chen
2025-06-16 11:33 ` Baolu Lu
2025-06-16 14:13 ` Jason Gunthorpe
2025-06-17 2:37 ` Nicolin Chen
2025-06-17 11:55 ` Jason Gunthorpe
2025-06-25 21:18 ` Nicolin Chen
2025-06-19 11:15 ` Pranjal Shrivastava
2025-06-14 7:14 ` [PATCH v6 14/25] iommufd/selftest: Add coverage for the new " Nicolin Chen
2025-06-14 7:14 ` [PATCH v6 15/25] Documentation: userspace-api: iommufd: Update HW QUEUE Nicolin Chen
2025-06-16 11:34 ` Baolu Lu
2025-06-14 7:14 ` [PATCH v6 16/25] iommu: Allow an input type in hw_info op Nicolin Chen
2025-06-16 11:53 ` Baolu Lu
2025-06-14 7:14 ` [PATCH v6 17/25] iommufd: Allow an input data_type via iommu_hw_info Nicolin Chen
2025-06-16 11:54 ` Baolu Lu
2025-06-16 14:14 ` Jason Gunthorpe
2025-06-14 7:14 ` [PATCH v6 18/25] iommufd/selftest: Update hw_info coverage for an input data_type Nicolin Chen
2025-06-14 7:14 ` [PATCH v6 19/25] iommu/arm-smmu-v3-iommufd: Add vsmmu_size/type and vsmmu_init impl ops Nicolin Chen
2025-06-16 14:19 ` Jason Gunthorpe
2025-06-14 7:14 ` [PATCH v6 20/25] iommu/arm-smmu-v3-iommufd: Add hw_info to impl_ops Nicolin Chen
2025-06-16 14:20 ` Jason Gunthorpe
2025-06-19 11:47 ` Pranjal Shrivastava
2025-06-19 18:53 ` Jason Gunthorpe
2025-06-20 3:32 ` Pranjal Shrivastava
2025-06-21 5:36 ` Nicolin Chen
2025-06-23 15:13 ` Pranjal Shrivastava
2025-06-14 7:14 ` [PATCH v6 21/25] iommu/tegra241-cmdqv: Use request_threaded_irq Nicolin Chen
2025-06-14 7:14 ` [PATCH v6 22/25] iommu/tegra241-cmdqv: Simplify deinit flow in tegra241_cmdqv_remove_vintf() Nicolin Chen
2025-06-14 7:14 ` [PATCH v6 23/25] iommu/tegra241-cmdqv: Do not statically map LVCMDQs Nicolin Chen
2025-06-16 15:44 ` Jason Gunthorpe [this message]
2025-06-14 7:14 ` [PATCH v6 24/25] iommu/tegra241-cmdqv: Add user-space use support Nicolin Chen
2025-06-16 16:03 ` Jason Gunthorpe
2025-06-26 18:51 ` Nicolin Chen
2025-06-14 7:14 ` [PATCH v6 25/25] iommu/tegra241-cmdqv: Add IOMMU_VEVENTQ_TYPE_TEGRA241_CMDQV support Nicolin Chen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250616154414.GL1174925@nvidia.com \
--to=jgg@nvidia.com \
--cc=alok.a.tiwari@oracle.com \
--cc=bagasdotme@gmail.com \
--cc=baolu.lu@linux.intel.com \
--cc=corbet@lwn.net \
--cc=dwmw2@infradead.org \
--cc=iommu@lists.linux.dev \
--cc=jonathanh@nvidia.com \
--cc=joro@8bytes.org \
--cc=jsnitsel@redhat.com \
--cc=kevin.tian@intel.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-tegra@vger.kernel.org \
--cc=mochs@nvidia.com \
--cc=mshavit@google.com \
--cc=nathan@kernel.org \
--cc=nicolinc@nvidia.com \
--cc=patches@lists.linux.dev \
--cc=peterz@infradead.org \
--cc=praan@google.com \
--cc=robin.murphy@arm.com \
--cc=shuah@kernel.org \
--cc=thierry.reding@gmail.com \
--cc=vasant.hegde@amd.com \
--cc=vdumpa@nvidia.com \
--cc=will@kernel.org \
--cc=yi.l.liu@intel.com \
--cc=zhangzekun11@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.