From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pl1-f179.google.com (mail-pl1-f179.google.com [209.85.214.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 796FE31C57B for ; Wed, 25 Feb 2026 08:38:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.179 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772008695; cv=none; b=VerLLsv5Ma9qzLbPS4XTyP73DEIPOtYzi824I4rvNqASchpCHNIZp6qNApYL4wGOFhKw0cQQCPsihNickgpDI2ON0/ZGLJi2et/Lj2WDe2Cd5FkD6XiIMDVs4q1XEGsEOy+dSVjA22Vx64D0nAzJOIM4ugURuCeQt7ru+blQxrE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772008695; c=relaxed/simple; bh=uun3Vk7JQyHZ6aF3HcHlMyo2Xah/fKCgQ3PDPCYVA6w=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=F4NRvyMy76s1xVR+nuapdTsGAzM8SGYlNrYKUHMDwbf+EIl7DJvN/zV+PGnXiVuQBgrbPwr5qpF1EgRYK0REKUwymc8l/a+hEZSVRQch2ufpHrIUrBI+aNL3TKrt/OgMpCYacHSo7Mfm7pCQP+9dF9hRS7hwOIZr86mGO44hdYg= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=0d5FCoRU; arc=none smtp.client-ip=209.85.214.179 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="0d5FCoRU" Received: by mail-pl1-f179.google.com with SMTP id d9443c01a7336-2aad8123335so61925ad.1 for ; Wed, 25 Feb 2026 00:38:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1772008694; x=1772613494; darn=vger.kernel.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=euz76pxATmJYev+UEaMjSj8YYGXQ5aYbA3uegrgN/Es=; b=0d5FCoRUjPdyGC+3ksFgWishHadW5IYorl8tK66VBPAKn65KnWAsC3NPOrquJQkA81 AmYi7hY9aounpoXHRaBlwCPDfCmKfSaSVVsvYPqD2UDk9Q+f2FOEHEXhw/y3C7NgDpZT ehjNGj2mO+fmCkRyjd2uwFq5vMDmzU5taYk/yEsG6Rm6insqmfMw/LdXhnjnPNzSipRh 8iATFyj2niKIRoRNz3lBjsw9KddROojWASSL8+sqsolFSBw4Y/Z/eEZya8Jv38nrKDLD sOTnLmK/Mn5mIH1XKu40CWQDRiNqtV983z8rMk1QkMKeeTMamQCIW7hOlr+QqWYsz0Qz zp0g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772008694; x=1772613494; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-gg:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=euz76pxATmJYev+UEaMjSj8YYGXQ5aYbA3uegrgN/Es=; b=PRwgcu/Cw7lYPEE2ssNv2mN3OlXD0KNbxDhL8A63brLCj37ThYrNUfdu0MtKXOlxwp uPWbijOXQwlmDTuURbH5x9y03hBrJ7ibSKRT0ooOcg4Ms7lFTkYEX/9f+JyHdyoJUhDw 3jn8nb5FZNs4e8fDwsyfgdDZ6+QDaJ3bHgmDPqRR8Wg91Ws3nHMhRxY68tVqFcPhBGMB ZlUGSQBresbtlpt5GhdFJcSoVj4fWmzJLdnyBfcg5Xk2G/HYfz7mGbxIx49keXh+j0lb CfLWcLFkM6E1q0ttnUDzTCpcPbuFOY5iyAwlp5xx0m5YED4Ylb1WItK48NJOLBzC22H2 ZoqQ== X-Forwarded-Encrypted: i=1; AJvYcCWKwyVGftk4kruhbPiUpyhf076R6rMJTsnqRK56Irqlv39IR+Fgzv6W9yTDdcHTjQGb/h6vY9bwcHr3xG0=@vger.kernel.org X-Gm-Message-State: AOJu0YxHm975P28Bx4HE4hjqUS7yuP87zvcisslDDqXhSCNSijCMdqnD 8zYQ04knJTeRqi5rWp8c8tsexWUQPVil5RQbhIIxBQQc5gDlbhMBS7oMkWdgUl3H4g== X-Gm-Gg: ATEYQzyq3kq3weM5XfpgtouNOvWhm+iGaUcz21YdqRODWS6wo1tv7gcOupQyiQt7K00 tYBKi7csOu/jPk+PU+RwJsPv3YIp+2lJvxJ0LCkD9afoQFA3RWS2ltPItpoYR79uFKP3XXb7Mne NtYjP4v5tcQ4Oa66C1mtijZNJjNI8hfHrlFrUMv/XPMYq2naxG5pLSUKKYwyKohXvAGbgMeo11w 3/0VeTcSZvRra4l+xH4LovXMyE0yrJ9dUe5FCFdEDKrdZ/8DUblNQVf8Z+RNLnbR59WYjUek5i+ C3Ycql+jovUXuRfNpBAuSIiXtQItkOXvlRzfd2Zez/ftVwzWUqgjEC8GXMnggX+ZHmrFnLjBWCA RnwSE885C2BS98eT0o/XRiRC+y0ygT0rxFOmMwvFI4zCigiMQEs/NRRdDCng47ExUK8eYlMvUCR nGoVlbagjE4O5S+EGn2oBpfwjFky8Yslmt3SGr+uWSK6T0qHjFObRUYSkD3tze X-Received: by 2002:a17:902:ea02:b0:291:6858:ee60 with SMTP id d9443c01a7336-2adca6c8a9fmr1402215ad.4.1772008693092; Wed, 25 Feb 2026 00:38:13 -0800 (PST) Received: from google.com (222.245.187.35.bc.googleusercontent.com. [35.187.245.222]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-826dd6c30dfsm13034861b3a.27.2026.02.25.00.38.05 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 25 Feb 2026 00:38:12 -0800 (PST) Date: Wed, 25 Feb 2026 08:38:02 +0000 From: Pranjal Shrivastava To: David Matlack Cc: Alex Williamson , Adithya Jayachandran , Alexander Graf , Alex Mastro , Alistair Popple , Andrew Morton , Ankit Agrawal , Bjorn Helgaas , Chris Li , David Rientjes , Jacob Pan , Jason Gunthorpe , Jason Gunthorpe , Jonathan Corbet , Josh Hilke , Kevin Tian , kexec@lists.infradead.org, kvm@vger.kernel.org, Leon Romanovsky , Leon Romanovsky , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-mm@kvack.org, linux-pci@vger.kernel.org, Lukas Wunner , =?utf-8?Q?Micha=C5=82?= Winiarski , Mike Rapoport , Parav Pandit , Pasha Tatashin , Pratyush Yadav , Raghavendra Rao Ananta , Rodrigo Vivi , Saeed Mahameed , Samiullah Khawaja , Shuah Khan , Thomas =?iso-8859-1?Q?Hellstr=F6m?= , Tomita Moeko , Vipin Sharma , Vivek Kasireddy , William Tu , Yi Liu , Zhu Yanjun Subject: Re: [PATCH v2 09/22] vfio/pci: Store incoming Live Update state in struct vfio_pci_core_device Message-ID: References: <20260129212510.967611-1-dmatlack@google.com> <20260129212510.967611-10-dmatlack@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20260129212510.967611-10-dmatlack@google.com> On Thu, Jan 29, 2026 at 09:24:56PM +0000, David Matlack wrote: > Stash a pointer to a device's incoming Live Updated state in struct > vfio_pci_core_device. This will enable subsequent commits to use the > preserved state when initializing the device. > > To enable VFIO to safely access this pointer during device enablement, > require that the device is fully enabled before returning true from > can_finish(). This is synchronized by vfio_pci_core.c setting > vdev->liveupdate_incoming_state to NULL under dev_set lock once it's > done using it. > > Signed-off-by: David Matlack > --- > drivers/vfio/pci/vfio_pci_core.c | 2 +- > drivers/vfio/pci/vfio_pci_liveupdate.c | 17 ++++++++++++++++- > include/linux/vfio_pci_core.h | 1 + > 3 files changed, 18 insertions(+), 2 deletions(-) > > diff --git a/drivers/vfio/pci/vfio_pci_core.c b/drivers/vfio/pci/vfio_pci_core.c > index 3a11e6f450f7..b01b94d81e28 100644 > --- a/drivers/vfio/pci/vfio_pci_core.c > +++ b/drivers/vfio/pci/vfio_pci_core.c > @@ -569,7 +569,7 @@ int vfio_pci_core_enable(struct vfio_pci_core_device *vdev) > if (!vfio_vga_disabled() && vfio_pci_is_vga(pdev)) > vdev->has_vga = true; > > - > + vdev->liveupdate_incoming_state = NULL; > return 0; > > out_free_zdev: > diff --git a/drivers/vfio/pci/vfio_pci_liveupdate.c b/drivers/vfio/pci/vfio_pci_liveupdate.c > index ad915352303f..1ad7379c70c4 100644 > --- a/drivers/vfio/pci/vfio_pci_liveupdate.c > +++ b/drivers/vfio/pci/vfio_pci_liveupdate.c > @@ -131,6 +131,7 @@ static int match_device(struct device *dev, const void *arg) > static int vfio_pci_liveupdate_retrieve(struct liveupdate_file_op_args *args) > { > struct vfio_pci_core_device_ser *ser; > + struct vfio_pci_core_device *vdev; > struct vfio_device *device; > struct file *file; > int ret; > @@ -160,6 +161,9 @@ static int vfio_pci_liveupdate_retrieve(struct liveupdate_file_op_args *args) > goto out; > } > > + vdev = container_of(device, struct vfio_pci_core_device, vdev); > + vdev->liveupdate_incoming_state = ser; > + > args->file = file; > > out: > @@ -171,7 +175,18 @@ static int vfio_pci_liveupdate_retrieve(struct liveupdate_file_op_args *args) > > static bool vfio_pci_liveupdate_can_finish(struct liveupdate_file_op_args *args) > { > - return args->retrieved; > + struct vfio_pci_core_device *vdev; > + struct vfio_device *device; > + > + if (!args->retrieved) > + return false; > + > + device = vfio_device_from_file(args->file); > + vdev = container_of(device, struct vfio_pci_core_device, vdev); > + > + /* Check that vdev->liveupdate_incoming_state is no longer in use. */ > + guard(mutex)(&device->dev_set->lock); > + return !vdev->liveupdate_incoming_state; Since we set this to NULL in the success path of vfio_pci_core_enable() I'm wondering if a failure in vfio_pci_core_enable could cause a resource leak? Because vfio_pci_liveupdate_can_finish() returns false as long as that pointer is valid, a single device failure will perpetually block the LIVEUPDATE_SESSION_FINISH IOCTL for the entire session preventing the LUO from reclaiming KHO memory. Shall we also set vdev->liveupdate_incoming_state = NULL on the error paths of vfio_pci_core_enable() ? Thanks, Praan