From: Nicolin Chen <nicolinc@nvidia.com>
To: Jason Gunthorpe <jgg@nvidia.com>
Cc: "Tian, Kevin" <kevin.tian@intel.com>,
"corbet@lwn.net" <corbet@lwn.net>,
"will@kernel.org" <will@kernel.org>,
"robin.murphy@arm.com" <robin.murphy@arm.com>,
"joro@8bytes.org" <joro@8bytes.org>,
"thierry.reding@gmail.com" <thierry.reding@gmail.com>,
"vdumpa@nvidia.com" <vdumpa@nvidia.com>,
"jonathanh@nvidia.com" <jonathanh@nvidia.com>,
"shuah@kernel.org" <shuah@kernel.org>,
"praan@google.com" <praan@google.com>,
"nathan@kernel.org" <nathan@kernel.org>,
"peterz@infradead.org" <peterz@infradead.org>,
"Liu, Yi L" <yi.l.liu@intel.com>,
"jsnitsel@redhat.com" <jsnitsel@redhat.com>,
"mshavit@google.com" <mshavit@google.com>,
"zhangzekun11@huawei.com" <zhangzekun11@huawei.com>,
"iommu@lists.linux.dev" <iommu@lists.linux.dev>,
"linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-arm-kernel@lists.infradead.org"
<linux-arm-kernel@lists.infradead.org>,
"linux-tegra@vger.kernel.org" <linux-tegra@vger.kernel.org>,
"linux-kselftest@vger.kernel.org"
<linux-kselftest@vger.kernel.org>,
"patches@lists.linux.dev" <patches@lists.linux.dev>
Subject: Re: [PATCH v1 15/16] iommu/tegra241-cmdqv: Add user-space use support
Date: Wed, 23 Apr 2025 23:51:53 -0700 [thread overview]
Message-ID: <aAnfiUk1TTlkpkRE@Asurada-Nvidia> (raw)
In-Reply-To: <20250423231333.GN1648741@nvidia.com>
On Wed, Apr 23, 2025 at 08:13:33PM -0300, Jason Gunthorpe wrote:
> On Wed, Apr 23, 2025 at 11:31:29AM -0700, Nicolin Chen wrote:
>
> > > It also needs to act like a mdev and lock down the part of the IOAS
> > > that provides that memory so the pin can't be released and UAF things.
> >
> > If I capture this correctly, the GPA->PA mapping is already done
> > at the IOAS level for the S2 HWPT/domain, i.e. pages are already
> > pinned. So we just need to a pair of for-driver APIs to validate
> > the contiguity and refcount pages calling iopt_area_add_access().
>
> Yes, adding an access is the key thing, the access will give you a
> page list which you can validate, but it also provides a way to
> synchronize if a hostile userspace does an unmap.
The new APIs are very like iommufd_access_pin/unpin_pages(). But
to reduce the amount of code that we have to share with driver.o,
I added a smaller iopt_area_get/put_access() that gets an access
and increases/decreases the refcounts only.
Yet, this still inevitably doubled (-ish) the size of driver.o:
text data bss dec hex filename
4429 296 0 4725 1275 drivers/iommu/iommufd/driver.o
text data bss dec hex filename
8430 783 0 9213 23fd drivers/iommu/iommufd/driver.o
Meanwhile, I am thinking if we could use the known S2 domain to
translate the GPAs to PAs for the contiguity test, which feels a
little cleaner to do in an IOMMU driver v.s. with a page list?
Thanks
Nicolin
next prev parent reply other threads:[~2025-04-24 7:10 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-11 6:37 [PATCH v1 00/16] iommufd: Add vIOMMU infrastructure (Part-4 vCMDQ) Nicolin Chen
2025-04-11 6:37 ` [PATCH v1 01/16] iommu: Pass in a driver-level user data structure to viommu_alloc op Nicolin Chen
2025-04-23 13:16 ` Jason Gunthorpe
2025-04-11 6:37 ` [PATCH v1 02/16] iommufd/viommu: Allow driver-specific user data for a vIOMMU object Nicolin Chen
2025-04-23 13:16 ` Jason Gunthorpe
2025-04-11 6:37 ` [PATCH v1 03/16] iommu: Add iommu_copy_struct_to_user helper Nicolin Chen
2025-04-11 12:35 ` ALOK TIWARI
2025-04-14 18:03 ` Nicolin Chen
2025-04-14 15:25 ` Matt Ochs
2025-04-14 18:01 ` Nicolin Chen
2025-04-23 13:17 ` Jason Gunthorpe
2025-04-11 6:37 ` [PATCH v1 04/16] iommufd: Add iommufd_struct_destroy to revert iommufd_viommu_alloc Nicolin Chen
2025-04-23 13:18 ` Jason Gunthorpe
2025-04-11 6:37 ` [PATCH v1 05/16] iommufd/selftest: Support user_data in mock_viommu_alloc Nicolin Chen
2025-04-11 6:37 ` [PATCH v1 06/16] iommufd/selftest: Add covearge for viommu data Nicolin Chen
2025-04-11 6:37 ` [PATCH v1 07/16] iommufd/viommu: Add driver-allocated vDEVICE support Nicolin Chen
2025-04-21 8:00 ` Tian, Kevin
2025-04-21 15:35 ` Nicolin Chen
2025-04-23 13:36 ` Jason Gunthorpe
2025-04-11 6:37 ` [PATCH v1 08/16] iommufd/viommu: Introduce IOMMUFD_OBJ_VCMDQ and its related struct Nicolin Chen
2025-04-21 8:03 ` Tian, Kevin
2025-04-21 15:38 ` Nicolin Chen
2025-04-11 6:37 ` [PATCH v1 09/16] iommufd/viommmu: Add IOMMUFD_CMD_VCMDQ_ALLOC ioctl Nicolin Chen
2025-04-21 8:05 ` Tian, Kevin
2025-04-21 15:42 ` Nicolin Chen
2025-04-11 6:37 ` [PATCH v1 10/16] iommufd: Add mmap interface Nicolin Chen
2025-04-21 8:16 ` Tian, Kevin
2025-04-21 17:23 ` Nicolin Chen
2025-04-21 17:45 ` Nicolin Chen
2025-04-11 6:37 ` [PATCH v1 11/16] iommufd/selftest: Add coverage for the new " Nicolin Chen
2025-04-11 6:37 ` [PATCH v1 12/16] Documentation: userspace-api: iommufd: Update vCMDQ Nicolin Chen
2025-04-11 6:37 ` [PATCH v1 13/16] iommu/tegra241-cmdqv: Use request_threaded_irq Nicolin Chen
2025-04-11 6:37 ` [PATCH v1 14/16] iommu/arm-smmu-v3: Add vsmmu_alloc impl op Nicolin Chen
2025-04-21 8:23 ` Tian, Kevin
2025-04-21 17:47 ` Nicolin Chen
2025-04-11 6:37 ` [PATCH v1 15/16] iommu/tegra241-cmdqv: Add user-space use support Nicolin Chen
2025-04-21 8:37 ` Tian, Kevin
2025-04-21 19:14 ` Nicolin Chen
2025-04-23 8:05 ` Tian, Kevin
2025-04-23 11:55 ` Jason Gunthorpe
2025-04-23 18:31 ` Nicolin Chen
2025-04-23 23:13 ` Jason Gunthorpe
2025-04-24 6:51 ` Nicolin Chen [this message]
2025-04-24 8:04 ` Tian, Kevin
2025-04-24 13:40 ` Jason Gunthorpe
2025-04-24 15:46 ` Nicolin Chen
2025-04-11 6:37 ` [PATCH v1 16/16] iommu/tegra241-cmdqv: Add IOMMU_VEVENTQ_TYPE_TEGRA241_CMDQV support Nicolin Chen
2025-04-23 7:28 ` [PATCH v1 00/16] iommufd: Add vIOMMU infrastructure (Part-4 vCMDQ) Vasant Hegde
2025-04-23 7:45 ` Nicolin Chen
2025-04-24 11:21 ` Vasant Hegde
2025-04-24 8:21 ` Tian, Kevin
2025-04-24 15:54 ` Nicolin Chen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aAnfiUk1TTlkpkRE@Asurada-Nvidia \
--to=nicolinc@nvidia.com \
--cc=corbet@lwn.net \
--cc=iommu@lists.linux.dev \
--cc=jgg@nvidia.com \
--cc=jonathanh@nvidia.com \
--cc=joro@8bytes.org \
--cc=jsnitsel@redhat.com \
--cc=kevin.tian@intel.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-tegra@vger.kernel.org \
--cc=mshavit@google.com \
--cc=nathan@kernel.org \
--cc=patches@lists.linux.dev \
--cc=peterz@infradead.org \
--cc=praan@google.com \
--cc=robin.murphy@arm.com \
--cc=shuah@kernel.org \
--cc=thierry.reding@gmail.com \
--cc=vdumpa@nvidia.com \
--cc=will@kernel.org \
--cc=yi.l.liu@intel.com \
--cc=zhangzekun11@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.