From: Jacob Pan <jacob.pan@linux.microsoft.com>
To: Jason Gunthorpe <jgg@nvidia.com>
Cc: linux-kernel@vger.kernel.org,
"iommu@lists.linux.dev" <iommu@lists.linux.dev>,
Alex Williamson <alex@shazbot.org>,
Joerg Roedel <joro@8bytes.org>,
Mostafa Saleh <smostafa@google.com>,
David Matlack <dmatlack@google.com>,
Robin Murphy <robin.murphy@arm.com>,
Nicolin Chen <nicolinc@nvidia.com>,
"Tian, Kevin" <kevin.tian@intel.com>, Yi Liu <yi.l.liu@intel.com>,
skhawaja@google.com, pasha.tatashin@soleen.com,
Will Deacon <will@kernel.org>,
Baolu Lu <baolu.lu@linux.intel.com>
Subject: Re: [PATCH V3 05/10] vfio: Allow null group for noiommu without containers
Date: Fri, 10 Apr 2026 16:09:53 -0700 [thread overview]
Message-ID: <20260410160953.000020e5@linux.microsoft.com> (raw)
In-Reply-To: <20260409184416.GO3357077@nvidia.com>
Hi Jason,
On Thu, 9 Apr 2026 15:44:16 -0300
Jason Gunthorpe <jgg@nvidia.com> wrote:
> On Thu, Apr 02, 2026 at 10:11:41PM -0700, Jacob Pan wrote:
>
> > @@ -598,6 +604,14 @@ static struct vfio_group
> > *vfio_noiommu_group_alloc(struct device *dev, struct vfio_group
> > *group; int ret;
> >
> > + /*
> > + * With noiommu enabled under cdev interface only, there
> > is no need to
> > + * create a vfio_group if the group based containers are
> > not enabled.
> > + * The cdev interface is exclusively used for iommufd.
> > + */
> > + if (vfio_null_group_allowed())
> > + return NULL;
>
> Sashiko wondered if this causes a null pointer deref without pointing
> at a specific case. Claude found a case:
>
> @@ -696,6 +696,9 @@ void vfio_device_remove_group(struct vfio_device
> *device) struct vfio_group *group = device->group;
> struct iommu_group *iommu_group;
>
> + if (!group)
> + return;
> +
> if (group->type == VFIO_NO_IOMMU || group->type ==
> VFIO_EMULATED_IOMMU) iommu_group_remove_device(device->dev);
>
> Happens during error unwind in __vfio_register_dev()
will do.
> It also points out that the hunks are weirdly split between this patch
> and "vfio: Enable cdev noiommu mode under iommufd" so that things are
> broken at this point.
>
> I think you should pull the vfio_device_has_group() and related into
> this patch.
>
makes sense, will regroup.
next prev parent reply other threads:[~2026-04-10 23:09 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-03 5:11 Jacob Pan
2026-04-03 5:11 ` [PATCH V3 01/10] iommufd: Support a HWPT without an iommu driver for noiommu Jacob Pan
2026-04-03 5:11 ` [PATCH V3 02/10] iommufd: Move igroup allocation to a function Jacob Pan
2026-04-03 5:11 ` [PATCH V3 03/10] iommufd: Allow binding to a noiommu device Jacob Pan
2026-04-09 17:06 ` Jason Gunthorpe
2026-04-10 16:51 ` Jacob Pan
2026-04-03 5:11 ` [PATCH V3 04/10] iommufd: Add an ioctl IOMMU_IOAS_GET_PA to query PA from IOVA Jacob Pan
2026-04-09 18:26 ` Jason Gunthorpe
2026-04-10 21:20 ` Jacob Pan
2026-04-03 5:11 ` [PATCH V3 05/10] vfio: Allow null group for noiommu without containers Jacob Pan
2026-04-09 18:44 ` Jason Gunthorpe
2026-04-10 23:09 ` Jacob Pan [this message]
2026-04-03 5:11 ` [PATCH V3 06/10] vfio: Introduce and set noiommu flag on vfio_device Jacob Pan
2026-04-03 5:11 ` [PATCH V3 07/10] vfio: Enable cdev noiommu mode under iommufd Jacob Pan
2026-04-09 18:48 ` Jason Gunthorpe
2026-04-13 22:43 ` Jacob Pan
2026-04-03 5:11 ` [PATCH V3 08/10] vfio:selftest: Handle VFIO noiommu cdev Jacob Pan
2026-04-03 5:11 ` [PATCH V3 09/10] selftests/vfio: Add iommufd noiommu mode selftest for cdev Jacob Pan
2026-04-03 5:11 ` [PATCH V3 10/10] Documentation: Update VFIO NOIOMMU mode Jacob Pan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260410160953.000020e5@linux.microsoft.com \
--to=jacob.pan@linux.microsoft.com \
--cc=alex@shazbot.org \
--cc=baolu.lu@linux.intel.com \
--cc=dmatlack@google.com \
--cc=iommu@lists.linux.dev \
--cc=jgg@nvidia.com \
--cc=joro@8bytes.org \
--cc=kevin.tian@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=nicolinc@nvidia.com \
--cc=pasha.tatashin@soleen.com \
--cc=robin.murphy@arm.com \
--cc=skhawaja@google.com \
--cc=smostafa@google.com \
--cc=will@kernel.org \
--cc=yi.l.liu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.