On Fri, 30 Oct 2020 06:25:34 -0400
"Michael S. Tsirkin" <m...@redhat.com> wrote:
> On Thu, Oct 08, 2020 at 03:22:14PM -0600, Alex Williamson wrote:
> > On Thu, 8 Oct 2020 19:15:58 +0200
> > Jean-Philippe Brucker <jean-phili...@linaro.org> wrote:
> >
> > > IOMMUs may declare memory regions spanning from 0 to UINT64_MAX. When
> > > attempting to deal with such region, vfio_listener_region_del() passes a
> > > size of 2^64 to int128_get64() which throws an assertion failure. Even
> > > ignoring this, the VFIO_IOMMU_DMA_MAP ioctl cannot handle this size
> > > since the size field is 64-bit. Split the request in two.
> > >
> > > Signed-off-by: Jean-Philippe Brucker <jean-phili...@linaro.org>
> > > ---
> > > For me this happens when memory_region_iommu_set_page_size_mask()
> > > returns an error because a hotplugged endpoint uses an incompatible page
> > > mask. vfio_connect_container() releases the memory listener which calls
> > > region_del() with the 2^64 IOMMU region. There are probably other ways
> > > to reach this.
> > > ---
> > > hw/vfio/common.c | 11 +++++++++++
> > > 1 file changed, 11 insertions(+)
> > >
> > > diff --git a/hw/vfio/common.c b/hw/vfio/common.c
> > > index e66054b02a7..e90a89c389e 100644
> > > --- a/hw/vfio/common.c
> > > +++ b/hw/vfio/common.c
> > > @@ -797,6 +797,17 @@ static void vfio_listener_region_del(MemoryListener
> > > *listener,
> > > }
> > >
> > > if (try_unmap) {
> > > + if (llsize == int128_2_64()) {
> > > + /* The unmap ioctl doesn't accept a full 64-bit span. */
> > > + llsize = int128_rshift(llsize, 1);
> > > + ret = vfio_dma_unmap(container, iova, int128_get64(llsize));
> > > + if (ret) {
> > > + error_report("vfio_dma_unmap(%p, 0x%"HWADDR_PRIx", "
> > > + "0x%"HWADDR_PRIx") = %d (%m)",
> > > + container, iova, int128_get64(llsize), ret);
> > > + }
> > > + iova += int128_get64(llsize);
> > > + }
> > > ret = vfio_dma_unmap(container, iova, int128_get64(llsize));
> > > if (ret) {
> > > error_report("vfio_dma_unmap(%p, 0x%"HWADDR_PRIx", "
> >
> > We're still susceptible that splitting the range in two could result in
> > unmap calls that attempt to bisect a mapping that spans both ranges.
> > Both unmap calls would fail in that case. I think we could solve this
> > more completely with a high water marker, but this probably good enough
> > for now.
> >
> > Acked-by: Alex Williamson <alex.william...@redhat.com>
>
>
> Are you merging this then?
> If yes
>
> Acked-by: Michael S. Tsirkin <m...@redhat.com>
>
No, the series is focused on virtio-iommu therefore I assumed you or
Eric would merge it, thus I provided an Ack. Thanks,
Alex
