On Wed, Jan 09, 2019 at 04:10:51PM -0700, Alex Williamson wrote: > A kernel bug was introduced in v4.15 via commit 71a7d3d78e3c which > adds a test for address space wrap-around in the vfio DMA unmap path. > Unfortunately due to overflow, the kernel detects an unmap of the last > page in the 64-bit address space as a wrap-around. In QEMU, a Q35 > guest with VT-d emulation and guest IOMMU enabled will attempt to make > such an unmap request during VM system reset, triggering an error: > > qemu-kvm: VFIO_UNMAP_DMA: -22 > qemu-kvm: vfio_dma_unmap(0x561f059948f0, 0xfef00000, 0xffffffff01100000) = > -22 (Invalid argument) > > Here the IOVA start address (0xfef00000) and the size parameter > (0xffffffff01100000) add to exactly 2^64, triggering the bug. A > kernel fix is queued for the Linux v5.0 release to address this. > > This patch implements a workaround to retry the unmap, excluding the > final page of the range when we detect an unmap failing which matches > the requirements for this issue. This is expected to be a safe and > complete workaround as the VT-d address space does not extend to the > full 64-bit space and therefore the last page should never be mapped. > > This workaround can be removed once all kernels with this bug are > sufficiently deprecated. > > Link: https://bugzilla.redhat.com/show_bug.cgi?id=1662291 > Reported-by: Pei Zhang <pezh...@redhat.com> > Debugged-by: Peter Xu <pet...@redhat.com> > Signed-off-by: Alex Williamson <alex.william...@redhat.com>
Reviewed-by: Peter Xu <pet...@redhat.com> -- Peter Xu