From: Jacob Pan <jacob.pan@linux.microsoft.com>
To: David Matlack <dmatlack@google.com>
Cc: iommu@lists.linux.dev, kexec@lists.infradead.org,
linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-mm@kvack.org, linux-pci@vger.kernel.org,
Adithya Jayachandran <ajayachandra@nvidia.com>,
Alexander Graf <graf@amazon.com>,
Alex Williamson <alex@shazbot.org>,
Bjorn Helgaas <bhelgaas@google.com>, Chris Li <chrisl@kernel.org>,
David Rientjes <rientjes@google.com>,
Jason Gunthorpe <jgg@nvidia.com>, Joerg Roedel <joro@8bytes.org>,
Jonathan Corbet <corbet@lwn.net>, Josh Hilke <jrhilke@google.com>,
Leon Romanovsky <leonro@nvidia.com>,
Lukas Wunner <lukas@wunner.de>, Mike Rapoport <rppt@kernel.org>,
Parav Pandit <parav@nvidia.com>,
Pasha Tatashin <pasha.tatashin@soleen.com>,
Pranjal Shrivastava <praan@google.com>,
Pratyush Yadav <pratyush@kernel.org>,
Robin Murphy <robin.murphy@arm.com>,
Saeed Mahameed <saeedm@nvidia.com>,
Samiullah Khawaja <skhawaja@google.com>,
Shuah Khan <skhan@linuxfoundation.org>,
Will Deacon <will@kernel.org>, William Tu <witu@nvidia.com>,
Yi Liu <yi.l.liu@intel.com>,
jacob.pan@linux.microsoft.com
Subject: Re: [PATCH v4 08/11] PCI: liveupdate: Require preserved devices are in immutable singleton IOMMU groups
Date: Mon, 27 Apr 2026 13:56:25 -0700 [thread overview]
Message-ID: <20260427135625.0000413e@linux.microsoft.com> (raw)
In-Reply-To: <20260423212316.3431746-9-dmatlack@google.com>
Hi David,
On Thu, 23 Apr 2026 21:23:12 +0000
David Matlack <dmatlack@google.com> wrote:
> Restrict support for preserving PCI devices across Live Update to
> devices in immutable singleton IOMMU groups. A device's group is
> considered immutable if all bridges upstream from the device up to the
> root port have the required ACS features enabled.
>
> Since ACS flags are inherited across a Live Update for preserved
> devices and all the way up to the root port, the preserved device
> should be in a singleton IOMMU group after kexec in the new kernel.
>
> This change should still permit all the current use-cases for PCI
> device preservation across Live Update, since it is intended to be
> used in Cloud enviroments which should have the required ACS features
> enabled for virtualization purposes.
>
> If a device is part of a multi-device IOMMU group, preserving it will
> now fail with an error. This restriction may be lifted in the future
> if support for preserving multi-device groups is desired.
>
> Signed-off-by: David Matlack <dmatlack@google.com>
> ---
> drivers/iommu/iommu.c | 35 +++++++++++++++++++++++++++++++++++
> drivers/pci/liveupdate.c | 6 ++++++
> include/linux/iommu.h | 7 +++++++
> 3 files changed, 48 insertions(+)
>
> diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
> index 61c12ba78206..782e73a9d45f 100644
> --- a/drivers/iommu/iommu.c
> +++ b/drivers/iommu/iommu.c
> @@ -1664,6 +1664,41 @@ struct iommu_group *pci_device_group(struct
> device *dev) }
> EXPORT_SYMBOL_GPL(pci_device_group);
>
> +bool pci_device_group_immutable_singleton(struct pci_dev *dev)
> +{
> + struct iommu_group *group;
> + struct group_device *d;
> + struct pci_bus *bus;
> + int nr_devices = 0;
> +
> + group = iommu_group_get(&dev->dev);
> + if (!group)
> + return false;
This may not work for noiommu mode where we could have a null group.
Maybe I can add special case later?
> + mutex_lock(&group->mutex);
> +
> + for_each_group_device(group, d)
> + nr_devices++;
> +
> + mutex_unlock(&group->mutex);
> + iommu_group_put(group);
nit:
scoped_guard(mutex, &group->mutex) {
for_each_group_device(group, d)
nr_devices++;
}
> +
> + if (nr_devices != 1)
> + return false;
> +
> + for (bus = dev->bus; !pci_is_root_bus(bus); bus =
> bus->parent) {
> + if (!bus->self)
> + continue;
> +
> + if (!pci_acs_path_enabled(bus->self, NULL,
> REQ_ACS_FLAGS))
> + return false;
> +
> + break;
> + }
> +
> + return true;
> +}
> +
> /* Get the IOMMU group for device on fsl-mc bus */
> struct iommu_group *fsl_mc_device_group(struct device *dev)
> {
> diff --git a/drivers/pci/liveupdate.c b/drivers/pci/liveupdate.c
> index a9a89f7bd3e5..54a90ff02bdd 100644
> --- a/drivers/pci/liveupdate.c
> +++ b/drivers/pci/liveupdate.c
> @@ -133,6 +133,7 @@
> #define pr_fmt(fmt) "PCI: liveupdate: " fmt
>
> #include <linux/io.h>
> +#include <linux/iommu.h>
> #include <linux/kexec_handover.h>
> #include <linux/kho/abi/pci.h>
> #include <linux/liveupdate.h>
> @@ -359,6 +360,11 @@ int pci_liveupdate_preserve(struct pci_dev *dev)
> if (dev->is_virtfn)
> return -EINVAL;
>
> + if (!pci_device_group_immutable_singleton(dev)) {
> + pci_warn(dev, "Device preservation limited to
> immutable singleton iommu groups\n");
> + return -EINVAL;
> + }
> +
> if (dev->liveupdate_outgoing)
> return -EBUSY;
>
> diff --git a/include/linux/iommu.h b/include/linux/iommu.h
> index e587d4ac4d33..6f5d1dec3f89 100644
> --- a/include/linux/iommu.h
> +++ b/include/linux/iommu.h
> @@ -1096,6 +1096,8 @@ extern struct iommu_group
> *generic_device_group(struct device *dev); struct iommu_group
> *fsl_mc_device_group(struct device *dev); extern struct iommu_group
> *generic_single_device_group(struct device *dev);
> +bool pci_device_group_immutable_singleton(struct pci_dev *dev);
> +
> /**
> * struct iommu_fwspec - per-device IOMMU instance data
> * @iommu_fwnode: firmware handle for this device's IOMMU
> @@ -1528,6 +1530,11 @@ static inline int
> pci_dev_reset_iommu_prepare(struct pci_dev *pdev) static inline void
> pci_dev_reset_iommu_done(struct pci_dev *pdev) {
> }
> +
> +static inline bool pci_device_group_immutable_singleton(struct
> pci_dev *dev) +{
> + return false;
> +}
> #endif /* CONFIG_IOMMU_API */
>
> #ifdef CONFIG_IRQ_MSI_IOMMU
next prev parent reply other threads:[~2026-04-27 20:56 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-23 21:23 [PATCH v4 00/11] PCI: liveupdate: PCI core support for Live Update David Matlack
2026-04-23 21:23 ` [PATCH v4 01/11] PCI: liveupdate: Set up FLB handler for the PCI core David Matlack
2026-04-24 12:33 ` Pratyush Yadav
2026-04-24 13:29 ` Pasha Tatashin
2026-04-27 23:59 ` David Matlack
2026-04-27 21:05 ` Bjorn Helgaas
2026-04-27 21:31 ` David Matlack
2026-04-23 21:23 ` [PATCH v4 02/11] PCI: liveupdate: Track outgoing preserved PCI devices David Matlack
2026-04-27 15:57 ` Jacob Pan
2026-04-27 18:56 ` David Matlack
2026-04-27 21:06 ` Bjorn Helgaas
2026-04-23 21:23 ` [PATCH v4 03/11] PCI: liveupdate: Track incoming " David Matlack
2026-04-27 21:06 ` Bjorn Helgaas
2026-04-23 21:23 ` [PATCH v4 04/11] PCI: liveupdate: Document driver binding responsibilities David Matlack
2026-04-23 21:23 ` [PATCH v4 05/11] PCI: liveupdate: Inherit bus numbers during Live Update David Matlack
2026-04-27 18:47 ` Jacob Pan
2026-04-27 20:40 ` David Matlack
2026-04-27 21:16 ` David Matlack
2026-04-27 21:07 ` Bjorn Helgaas
2026-04-23 21:23 ` [PATCH v4 06/11] PCI: liveupdate: Auto-preserve upstream bridges across " David Matlack
2026-04-23 21:23 ` [PATCH v4 07/11] PCI: liveupdate: Inherit ACS flags in incoming preserved devices David Matlack
2026-04-23 21:23 ` [PATCH v4 08/11] PCI: liveupdate: Require preserved devices are in immutable singleton IOMMU groups David Matlack
2026-04-23 22:10 ` David Matlack
2026-04-23 22:52 ` Jason Gunthorpe
2026-04-23 23:09 ` David Matlack
2026-04-23 23:27 ` Samiullah Khawaja
2026-04-27 20:56 ` Jacob Pan [this message]
2026-04-23 21:23 ` [PATCH v4 09/11] PCI: liveupdate: Inherit ARI Forwarding Enable on preserved bridges David Matlack
2026-04-23 21:23 ` [PATCH v4 10/11] PCI: liveupdate: Do not disable bus mastering on preserved devices during kexec David Matlack
2026-04-27 21:08 ` Bjorn Helgaas
2026-04-23 21:23 ` [PATCH v4 11/11] Documentation: PCI: Add documentation for Live Update David Matlack
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260427135625.0000413e@linux.microsoft.com \
--to=jacob.pan@linux.microsoft.com \
--cc=ajayachandra@nvidia.com \
--cc=alex@shazbot.org \
--cc=bhelgaas@google.com \
--cc=chrisl@kernel.org \
--cc=corbet@lwn.net \
--cc=dmatlack@google.com \
--cc=graf@amazon.com \
--cc=iommu@lists.linux.dev \
--cc=jgg@nvidia.com \
--cc=joro@8bytes.org \
--cc=jrhilke@google.com \
--cc=kexec@lists.infradead.org \
--cc=leonro@nvidia.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-pci@vger.kernel.org \
--cc=lukas@wunner.de \
--cc=parav@nvidia.com \
--cc=pasha.tatashin@soleen.com \
--cc=praan@google.com \
--cc=pratyush@kernel.org \
--cc=rientjes@google.com \
--cc=robin.murphy@arm.com \
--cc=rppt@kernel.org \
--cc=saeedm@nvidia.com \
--cc=skhan@linuxfoundation.org \
--cc=skhawaja@google.com \
--cc=will@kernel.org \
--cc=witu@nvidia.com \
--cc=yi.l.liu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox