On Wed, May 14, 2025 at 03:26:00PM -0300, Jason Gunthorpe wrote:
> On Thu, May 08, 2025 at 08:02:27PM -0700, Nicolin Chen wrote:
> > An IOMMU driver that allocated a vIOMMU may want to revert the allocation,
> > if it encounters an internal error after the allocation. So, there needs a
> > destroy helper for drivers to use. For instance:
> >
> > static my_viommu_alloc()
> > {
> > ...
> > my_viommu = iommufd_viommu_alloc(viomm, struct my_viommu, core);
> > ...
> > ret = init_my_viommu();
> > if (ret) {
> > /* Need to destroy the my_viommu->core */
> > return ERR_PTR(ret);
> > }
> > return &my_viommu->core;
> > }
> >
> > Move iommufd_object_abort() to the driver.c file and the public header, to
> > introduce common iommufd_struct_destroy() helper that will abort all kinds
> > of driver structures, not confined to iommufd_viommu but also the new ones
> > being added in the future.
> >
> > Reviewed-by: Jason Gunthorpe <[email protected]>
> > Reviewed-by: Lu Baolu <[email protected]>
> > Signed-off-by: Nicolin Chen <[email protected]>
> > ---
> > drivers/iommu/iommufd/iommufd_private.h | 1 -
> > include/linux/iommufd.h | 16 ++++++++++++++++
> > drivers/iommu/iommufd/driver.c | 14 ++++++++++++++
> > drivers/iommu/iommufd/main.c | 13 -------------
> > 4 files changed, 30 insertions(+), 14 deletions(-)
>
> One idea that struck me when I was looking at this was to copy the
> technique from rdma.
>
> When an object is allocated we keep track of it in the struct
> iommufd_ucmd.
>
> Then when the command is over the core code either aborts or finalizes
> the objects in the iommufd_ucmd. This way you don't have to expose
> abort and related to drivers.
I see! Do you want this to apply to the all objects or just driver
allocated ones?
We would need a bigger preparatory series to roll out that to all
the allocators, and need to be careful at the existing abort() that
intertwines with other steps like an unlock().
Thanks
Nicolin
