Nit, ATDETACH? [AT|DE]TACH?
On Mon, 27 Mar 2023 02:40:45 -0700
Yi Liu <yi.l....@intel.com> wrote:
> This adds ioctl for userspace to attach device cdev fd to and detach
> from IOAS/hw_pagetable managed by iommufd.
>
> VFIO_DEVICE_ATTACH_IOMMUFD_PT: attach vfio device to IOAS, hw_pagetable
> managed by iommufd. Attach can be
> undo by VFIO_DEVICE_DETACH_IOMMUFD_PT
> or device fd close.
> VFIO_DEVICE_DETACH_IOMMUFD_PT: detach vfio device from the current
> attached
> IOAS or hw_pagetable managed by iommufd.
>
> Reviewed-by: Kevin Tian <kevin.t...@intel.com>
> Tested-by: Terrence Xu <terrence...@intel.com>
> Tested-by: Nicolin Chen <nicol...@nvidia.com>
> Tested-by: Matthew Rosato <mjros...@linux.ibm.com>
> Signed-off-by: Yi Liu <yi.l....@intel.com>
> ---
> drivers/vfio/device_cdev.c | 85 ++++++++++++++++++++++++++++++++++++++
> drivers/vfio/vfio.h | 16 +++++++
> drivers/vfio/vfio_main.c | 8 ++++
> include/uapi/linux/vfio.h | 52 +++++++++++++++++++++++
> 4 files changed, 161 insertions(+)
>
> diff --git a/drivers/vfio/device_cdev.c b/drivers/vfio/device_cdev.c
> index 2b563bac50b9..b5de997bff6d 100644
> --- a/drivers/vfio/device_cdev.c
> +++ b/drivers/vfio/device_cdev.c
> @@ -197,6 +197,91 @@ long vfio_device_ioctl_bind_iommufd(struct
> vfio_device_file *df,
> return ret;
> }
>
> +int vfio_ioctl_device_attach(struct vfio_device_file *df,
> + struct vfio_device_attach_iommufd_pt __user *arg)
> +{
> + struct vfio_device *device = df->device;
> + struct vfio_device_attach_iommufd_pt attach;
> + unsigned long minsz;
> + int ret;
> +
> + static_assert(__same_type(arg->pt_id, attach.pt_id));
Same comment as previous, given these are the same field of the same
structure, I don't understand how this could ever assert.
> +
> + minsz = offsetofend(struct vfio_device_attach_iommufd_pt, pt_id);
> +
> + if (copy_from_user(&attach, arg, minsz))
> + return -EFAULT;
> +
> + if (attach.argsz < minsz || attach.flags)
> + return -EINVAL;
> +
> + if (!device->ops->bind_iommufd)
> + return -ENODEV;
Same as previous, we already require this to enable cdev support, so
this seems ultra paranoid.
> +
> + /* ATTACH only allowed for cdev fds */
> + if (df->group)
> + return -EINVAL;
> +
> + mutex_lock(&device->dev_set->lock);
> + /* noiommufd mode doesn't allow attach */
> + if (!df->iommufd) {
> + ret = -EOPNOTSUPP;
> + goto out_unlock;
> + }
> +
> + ret = device->ops->attach_ioas(device, &attach.pt_id);
> + if (ret)
> + goto out_unlock;
> +
> + ret = copy_to_user(&arg->pt_id, &attach.pt_id,
> + sizeof(attach.pt_id)) ? -EFAULT : 0;
> + if (ret)
> + goto out_detach;
> + mutex_unlock(&device->dev_set->lock);
> +
> + return 0;
> +
> +out_detach:
> + device->ops->detach_ioas(device);
> +out_unlock:
> + mutex_unlock(&device->dev_set->lock);
> + return ret;
> +}
> +
> +int vfio_ioctl_device_detach(struct vfio_device_file *df,
> + struct vfio_device_detach_iommufd_pt __user *arg)
> +{
> + struct vfio_device *device = df->device;
> + struct vfio_device_detach_iommufd_pt detach;
> + unsigned long minsz;
> +
> + minsz = offsetofend(struct vfio_device_detach_iommufd_pt, flags);
> +
> + if (copy_from_user(&detach, arg, minsz))
> + return -EFAULT;
> +
> + if (detach.argsz < minsz || detach.flags)
> + return -EINVAL;
> +
> + if (!device->ops->bind_iommufd)
> + return -ENODEV;
> +
> + /* DETACH only allowed for cdev fds */
> + if (df->group)
> + return -EINVAL;
> +
> + mutex_lock(&device->dev_set->lock);
> + /* noiommufd mode doesn't support detach */
> + if (!df->iommufd) {
> + mutex_unlock(&device->dev_set->lock);
> + return -EOPNOTSUPP;
> + }
> + device->ops->detach_ioas(device);
> + mutex_unlock(&device->dev_set->lock);
> +
> + return 0;
> +}
For both of these, can't a user trigger the
WARN_ON(!vdev->iommufd_device) if they call either of these before
VFIO_DEVICE_BIND_IOMMUFD? Thanks,
Alex
> +
> static char *vfio_device_devnode(const struct device *dev, umode_t *mode)
> {
> return kasprintf(GFP_KERNEL, "vfio/devices/%s", dev_name(dev));
> diff --git a/drivers/vfio/vfio.h b/drivers/vfio/vfio.h
> index ace3d52b0928..c199e410db18 100644
> --- a/drivers/vfio/vfio.h
> +++ b/drivers/vfio/vfio.h
> @@ -284,6 +284,10 @@ int vfio_device_fops_cdev_open(struct inode *inode,
> struct file *filep);
> void vfio_device_cdev_close(struct vfio_device_file *df);
> long vfio_device_ioctl_bind_iommufd(struct vfio_device_file *df,
> struct vfio_device_bind_iommufd __user
> *arg);
> +int vfio_ioctl_device_attach(struct vfio_device_file *df,
> + struct vfio_device_attach_iommufd_pt __user *arg);
> +int vfio_ioctl_device_detach(struct vfio_device_file *df,
> + struct vfio_device_detach_iommufd_pt __user *arg);
> int vfio_cdev_init(struct class *device_class);
> void vfio_cdev_cleanup(void);
> #else
> @@ -317,6 +321,18 @@ static inline long vfio_device_ioctl_bind_iommufd(struct
> vfio_device_file *df,
> return -EOPNOTSUPP;
> }
>
> +static inline int vfio_ioctl_device_attach(struct vfio_device_file *df,
> + struct vfio_device_attach_iommufd_pt
> __user *arg)
> +{
> + return -EOPNOTSUPP;
> +}
> +
> +static inline int vfio_ioctl_device_detach(struct vfio_device_file *df,
> + struct vfio_device_detach_iommufd_pt
> __user *arg)
> +{
> + return -EOPNOTSUPP;
> +}
> +
> static inline int vfio_cdev_init(struct class *device_class)
> {
> return 0;
> diff --git a/drivers/vfio/vfio_main.c b/drivers/vfio/vfio_main.c
> index 375086c8803f..896d8bb49585 100644
> --- a/drivers/vfio/vfio_main.c
> +++ b/drivers/vfio/vfio_main.c
> @@ -1150,6 +1150,14 @@ static long vfio_device_fops_unl_ioctl(struct file
> *filep,
> ret = vfio_ioctl_device_feature(device, (void __user *)arg);
> break;
>
> + case VFIO_DEVICE_ATTACH_IOMMUFD_PT:
> + ret = vfio_ioctl_device_attach(df, (void __user *)arg);
> + break;
> +
> + case VFIO_DEVICE_DETACH_IOMMUFD_PT:
> + ret = vfio_ioctl_device_detach(df, (void __user *)arg);
> + break;
> +
> default:
> if (unlikely(!device->ops->ioctl))
> ret = -EINVAL;
> diff --git a/include/uapi/linux/vfio.h b/include/uapi/linux/vfio.h
> index 62b2f2497525..bf6c97e759c7 100644
> --- a/include/uapi/linux/vfio.h
> +++ b/include/uapi/linux/vfio.h
> @@ -231,6 +231,58 @@ struct vfio_device_bind_iommufd {
>
> #define VFIO_DEVICE_BIND_IOMMUFD _IO(VFIO_TYPE, VFIO_BASE + 19)
>
> +/*
> + * VFIO_DEVICE_ATTACH_IOMMUFD_PT - _IOW(VFIO_TYPE, VFIO_BASE + 20,
> + * struct vfio_device_attach_iommufd_pt)
> + *
> + * Attach a vfio device to an iommufd address space specified by IOAS
> + * id or hw_pagetable (hwpt) id.
> + *
> + * Available only after a device has been bound to iommufd via
> + * VFIO_DEVICE_BIND_IOMMUFD
> + *
> + * Undo by VFIO_DEVICE_DETACH_IOMMUFD_PT or device fd close.
> + *
> + * @argsz: user filled size of this data.
> + * @flags: must be 0.
> + * @pt_id: Input the target id which can represent an ioas or a hwpt
> + * allocated via iommufd subsystem.
> + * Output the attached hwpt id which could be the specified
> + * hwpt itself or a hwpt automatically created for the
> + * specified ioas by kernel during the attachment.
> + *
> + * Return: 0 on success, -errno on failure.
> + */
> +struct vfio_device_attach_iommufd_pt {
> + __u32 argsz;
> + __u32 flags;
> + __u32 pt_id;
> +};
> +
> +#define VFIO_DEVICE_ATTACH_IOMMUFD_PT _IO(VFIO_TYPE,
> VFIO_BASE + 20)
> +
> +/*
> + * VFIO_DEVICE_DETACH_IOMMUFD_PT - _IOW(VFIO_TYPE, VFIO_BASE + 21,
> + * struct vfio_device_detach_iommufd_pt)
> + *
> + * Detach a vfio device from the iommufd address space it has been
> + * attached to. After it, device should be in a blocking DMA state.
> + *
> + * Available only after a device has been bound to iommufd via
> + * VFIO_DEVICE_BIND_IOMMUFD.
> + *
> + * @argsz: user filled size of this data.
> + * @flags: must be 0.
> + *
> + * Return: 0 on success, -errno on failure.
> + */
> +struct vfio_device_detach_iommufd_pt {
> + __u32 argsz;
> + __u32 flags;
> +};
> +
> +#define VFIO_DEVICE_DETACH_IOMMUFD_PT _IO(VFIO_TYPE,
> VFIO_BASE + 21)
> +
> /**
> * VFIO_DEVICE_GET_INFO - _IOR(VFIO_TYPE, VFIO_BASE + 7,
> * struct vfio_device_info)
