From: Jason Gunthorpe <jgg@nvidia.com>
To: Nicolin Chen <nicolinc@nvidia.com>
Cc: kevin.tian@intel.com, corbet@lwn.net, will@kernel.org,
joro@8bytes.org, suravee.suthikulpanit@amd.com,
robin.murphy@arm.com, dwmw2@infradead.org,
baolu.lu@linux.intel.com, shuah@kernel.org,
linux-kernel@vger.kernel.org, iommu@lists.linux.dev,
linux-arm-kernel@lists.infradead.org,
linux-kselftest@vger.kernel.org, linux-doc@vger.kernel.org,
eric.auger@redhat.com, jean-philippe@linaro.org, mdf@kernel.org,
mshavit@google.com, shameerali.kolothum.thodi@huawei.com,
smostafa@google.com, ddutile@redhat.com, yi.l.liu@intel.com,
patches@lists.linux.dev
Subject: Re: [PATCH v5 06/14] iommufd: Add IOMMUFD_OBJ_VEVENTQ and IOMMUFD_CMD_VEVENTQ_ALLOC
Date: Fri, 10 Jan 2025 15:49:50 -0400 [thread overview]
Message-ID: <20250110194950.GI5556@nvidia.com> (raw)
In-Reply-To: <Z4F0uZBg05J7Nuhl@Asurada-Nvidia>
On Fri, Jan 10, 2025 at 11:27:53AM -0800, Nicolin Chen wrote:
> On Fri, Jan 10, 2025 at 01:48:42PM -0400, Jason Gunthorpe wrote:
> > On Tue, Jan 07, 2025 at 09:10:09AM -0800, Nicolin Chen wrote:
> >
> > > +static ssize_t iommufd_veventq_fops_read(struct iommufd_eventq *eventq,
> > > + char __user *buf, size_t count,
> > > + loff_t *ppos)
> > > +{
> > > + size_t done = 0;
> > > + int rc = 0;
> > > +
> > > + if (*ppos)
> > > + return -ESPIPE;
> > > +
> > > + mutex_lock(&eventq->mutex);
> > > + while (!list_empty(&eventq->deliver) && count > done) {
> > > + struct iommufd_vevent *cur = list_first_entry(
> > > + &eventq->deliver, struct iommufd_vevent, node);
> > > +
> > > + if (cur->data_len > count - done)
> > > + break;
> > > +
> > > + if (copy_to_user(buf + done, cur->event_data, cur->data_len)) {
> > > + rc = -EFAULT;
> > > + break;
> > > + }
> >
> > Now that I look at this more closely, the fault path this is copied
> > from is not great.
> >
> > This copy_to_user() can block while waiting on a page fault, possibily
> > for a long time. While blocked the mutex is held and we can't add more
> > entries to the list.
> >
> > That will cause the shared IRQ handler in the iommu driver to back up,
> > which would cause a global DOS.
> >
> > This probably wants to be organized to look more like
> >
> > while (itm = eventq_get_next_item(eventq)) {
> > if (..) {
> > eventq_restore_failed_item(eventq);
> > return -1;
> > }
> > }
> >
> > Where the next_item would just be a simple spinlock across the linked
> > list manipulation.
>
> Would it be simpler by just limiting one node per read(), i.e.
> no "while (!list_empty)" and no block?
>
> The report() adds one node at a time, and wakes up the poll()
> each time of adding a node. And user space could read one event
> at a time too?
That doesn't really help, the issue is it holds the lock over the
copy_to_user() which it is doing because it doesn't want pull the item off
the list and then try to handle the failure and put it back.
Jason
next prev parent reply other threads:[~2025-01-10 19:51 UTC|newest]
Thread overview: 77+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-07 17:10 [PATCH v5 00/14] iommufd: Add vIOMMU infrastructure (Part-3: vEVENTQ) Nicolin Chen
2025-01-07 17:10 ` [PATCH v5 01/14] iommufd: Keep OBJ/IOCTL lists in an alphabetical order Nicolin Chen
2025-01-10 6:26 ` Tian, Kevin
2025-01-10 17:25 ` Jason Gunthorpe
2025-01-14 19:29 ` Jason Gunthorpe
2025-01-07 17:10 ` [PATCH v5 02/14] iommufd/fault: Add an iommufd_fault_init() helper Nicolin Chen
2025-01-10 17:25 ` Jason Gunthorpe
2025-01-07 17:10 ` [PATCH v5 03/14] iommufd/fault: Move iommufd_fault_iopf_handler() to header Nicolin Chen
2025-01-10 17:25 ` Jason Gunthorpe
2025-01-07 17:10 ` [PATCH v5 04/14] iommufd: Abstract an iommufd_eventq from iommufd_fault Nicolin Chen
2025-01-10 6:26 ` Tian, Kevin
2025-01-10 17:26 ` Jason Gunthorpe
2025-01-10 20:49 ` Nicolin Chen
2025-01-07 17:10 ` [PATCH v5 05/14] iommufd: Rename fault.c to eventq.c Nicolin Chen
2025-01-10 17:27 ` Jason Gunthorpe
2025-01-07 17:10 ` [PATCH v5 06/14] iommufd: Add IOMMUFD_OBJ_VEVENTQ and IOMMUFD_CMD_VEVENTQ_ALLOC Nicolin Chen
2025-01-10 7:06 ` Tian, Kevin
2025-01-10 21:29 ` Nicolin Chen
2025-01-13 2:52 ` Tian, Kevin
2025-01-13 4:51 ` Nicolin Chen
2025-01-13 8:17 ` Tian, Kevin
2025-01-13 19:10 ` Jason Gunthorpe
2025-01-10 17:48 ` Jason Gunthorpe
2025-01-10 19:27 ` Nicolin Chen
2025-01-10 19:49 ` Jason Gunthorpe [this message]
2025-01-10 21:58 ` Nicolin Chen
2025-01-13 19:12 ` Jason Gunthorpe
2025-01-13 19:18 ` Nicolin Chen
2025-01-07 17:10 ` [PATCH v5 07/14] iommufd/viommu: Add iommufd_viommu_get_vdev_id helper Nicolin Chen
2025-01-10 7:07 ` Tian, Kevin
2025-01-10 21:35 ` Nicolin Chen
2025-01-07 17:10 ` [PATCH v5 08/14] iommufd/viommu: Add iommufd_viommu_report_event helper Nicolin Chen
2025-01-10 7:12 ` Tian, Kevin
2025-01-10 14:51 ` Jason Gunthorpe
2025-01-10 18:40 ` Nicolin Chen
2025-01-10 17:41 ` Jason Gunthorpe
2025-01-10 18:38 ` Nicolin Chen
2025-01-10 19:51 ` Jason Gunthorpe
2025-01-10 19:56 ` Nicolin Chen
2025-01-13 5:37 ` Nicolin Chen
2025-01-13 19:21 ` Jason Gunthorpe
2025-01-13 19:47 ` Nicolin Chen
2025-01-13 19:54 ` Jason Gunthorpe
2025-01-13 20:44 ` Nicolin Chen
2025-01-14 13:41 ` Jason Gunthorpe
2025-01-17 22:11 ` Nicolin Chen
2025-01-20 18:18 ` Jason Gunthorpe
2025-01-20 20:52 ` Nicolin Chen
2025-01-21 18:36 ` Jason Gunthorpe
2025-01-21 19:55 ` Nicolin Chen
2025-01-21 20:09 ` Jason Gunthorpe
2025-01-21 21:02 ` Nicolin Chen
2025-01-21 21:14 ` Jason Gunthorpe
2025-01-21 21:40 ` Nicolin Chen
2025-01-22 0:21 ` Jason Gunthorpe
2025-01-22 7:15 ` Nicolin Chen
2025-01-22 9:33 ` Tian, Kevin
2025-01-22 19:54 ` Nicolin Chen
2025-01-23 13:42 ` Jason Gunthorpe
2025-01-22 8:05 ` Nicolin Chen
2025-01-22 18:02 ` Nicolin Chen
2025-01-23 7:02 ` Nicolin Chen
2025-01-23 13:43 ` Jason Gunthorpe
2025-01-07 17:10 ` [PATCH v5 09/14] iommufd/selftest: Require vdev_id when attaching to a nested domain Nicolin Chen
2025-01-07 17:10 ` [PATCH v5 10/14] iommufd/selftest: Add IOMMU_TEST_OP_TRIGGER_VEVENT for vEVENTQ coverage Nicolin Chen
2025-01-07 17:10 ` [PATCH v5 11/14] iommufd/selftest: Add IOMMU_VEVENTQ_ALLOC test coverage Nicolin Chen
2025-01-07 17:10 ` [PATCH v5 12/14] Documentation: userspace-api: iommufd: Update FAULT and VEVENTQ Nicolin Chen
2025-01-10 7:13 ` Tian, Kevin
2025-01-07 17:10 ` [PATCH v5 13/14] iommu/arm-smmu-v3: Introduce struct arm_smmu_vmaster Nicolin Chen
2025-01-13 19:29 ` Jason Gunthorpe
2025-01-13 19:52 ` Nicolin Chen
2025-01-07 17:10 ` [PATCH v5 14/14] iommu/arm-smmu-v3: Report events that belong to devices attached to vIOMMU Nicolin Chen
2025-01-09 11:04 ` kernel test robot
2025-01-13 19:01 ` Nicolin Chen
2025-01-13 19:06 ` Jason Gunthorpe
2025-01-13 19:15 ` Nicolin Chen
2025-01-13 19:18 ` Jason Gunthorpe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250110194950.GI5556@nvidia.com \
--to=jgg@nvidia.com \
--cc=baolu.lu@linux.intel.com \
--cc=corbet@lwn.net \
--cc=ddutile@redhat.com \
--cc=dwmw2@infradead.org \
--cc=eric.auger@redhat.com \
--cc=iommu@lists.linux.dev \
--cc=jean-philippe@linaro.org \
--cc=joro@8bytes.org \
--cc=kevin.tian@intel.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=mdf@kernel.org \
--cc=mshavit@google.com \
--cc=nicolinc@nvidia.com \
--cc=patches@lists.linux.dev \
--cc=robin.murphy@arm.com \
--cc=shameerali.kolothum.thodi@huawei.com \
--cc=shuah@kernel.org \
--cc=smostafa@google.com \
--cc=suravee.suthikulpanit@amd.com \
--cc=will@kernel.org \
--cc=yi.l.liu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).