The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=36b855f1892575cbfe1cd5455b989bfc8ae07502
commit 36b855f1892575cbfe1cd5455b989bfc8ae07502 Author: Mark Johnston <[email protected]> AuthorDate: 2026-02-06 15:29:22 +0000 Commit: Mark Johnston <[email protected]> CommitDate: 2026-02-06 15:38:51 +0000 amd64/vmm: Lock global PCI passthrough structures There is a global list of ppt-claimed devices, accessed via several vmm ioctls. The ioctls are locked by per-VM locks, but this isn't sufficient to prevent multiple VMs from trying to bind a given device. Add a sleepable lock and use that to synchronize all access to ppt devices. Reviewed by: corvink, jhb MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D55065 --- sys/amd64/vmm/io/ppt.c | 162 +++++++++++++++++++++++++++++++++---------------- 1 file changed, 111 insertions(+), 51 deletions(-) diff --git a/sys/amd64/vmm/io/ppt.c b/sys/amd64/vmm/io/ppt.c index 6feac5dcbbed..b522e18e3b24 100644 --- a/sys/amd64/vmm/io/ppt.c +++ b/sys/amd64/vmm/io/ppt.c @@ -28,13 +28,15 @@ #include <sys/param.h> #include <sys/systm.h> +#include <sys/bus.h> #include <sys/kernel.h> +#include <sys/lock.h> #include <sys/malloc.h> #include <sys/module.h> -#include <sys/bus.h> #include <sys/pciio.h> #include <sys/rman.h> #include <sys/smp.h> +#include <sys/sx.h> #include <sys/sysctl.h> #include <dev/pci/pcivar.h> @@ -67,6 +69,12 @@ MALLOC_DEFINE(M_PPTMSIX, "pptmsix", "Passthru MSI-X resources"); +static struct sx ppt_mtx; +SX_SYSINIT(ppt_mtx, &ppt_mtx, "ppt_mtx"); +#define PPT_LOCK() sx_xlock(&ppt_mtx) +#define PPT_UNLOCK() sx_xunlock(&ppt_mtx) +#define PPT_ASSERT_LOCKED() sx_assert(&ppt_mtx, SA_XLOCKED) + struct pptintr_arg { /* pptintr(pptintr_arg) */ struct pptdev *pptdev; uint64_t addr; @@ -156,17 +164,20 @@ ppt_attach(device_t dev) ppt = device_get_softc(dev); + PPT_LOCK(); cmd1 = cmd = pci_read_config(dev, PCIR_COMMAND, 2); cmd &= ~(PCIM_CMD_PORTEN | PCIM_CMD_MEMEN | PCIM_CMD_BUSMASTEREN); pci_write_config(dev, PCIR_COMMAND, cmd, 2); error = iommu_remove_device(iommu_host_domain(), dev, pci_get_rid(dev)); if (error != 0) { pci_write_config(dev, PCIR_COMMAND, cmd1, 2); + PPT_UNLOCK(); return (error); } num_pptdevs++; TAILQ_INSERT_TAIL(&pptdev_list, ppt, next); ppt->dev = dev; + PPT_UNLOCK(); if (bootverbose) device_printf(dev, "attached\n"); @@ -180,22 +191,26 @@ ppt_detach(device_t dev) struct pptdev *ppt; int error; + error = 0; ppt = device_get_softc(dev); - if (ppt->vm != NULL) - return (EBUSY); + PPT_LOCK(); + if (ppt->vm != NULL) { + error = EBUSY; + goto out; + } if (iommu_host_domain() != NULL) { error = iommu_add_device(iommu_host_domain(), dev, pci_get_rid(dev)); - } else { - error = 0; + if (error != 0) + goto out; } - if (error != 0) - return (error); num_pptdevs--; TAILQ_REMOVE(&pptdev_list, ppt, next); +out: + PPT_UNLOCK(); - return (0); + return (error); } static device_method_t ppt_methods[] = { @@ -216,6 +231,8 @@ ppt_find(struct vm *vm, int bus, int slot, int func, struct pptdev **pptp) struct pptdev *ppt; int b, s, f; + PPT_ASSERT_LOCKED(); + TAILQ_FOREACH(ppt, &pptdev_list, next) { dev = ppt->dev; b = pci_get_bus(dev); @@ -406,10 +423,11 @@ ppt_assign_device(struct vm *vm, int bus, int slot, int func) int error; uint16_t cmd; + PPT_LOCK(); /* Passing NULL requires the device to be unowned. */ error = ppt_find(NULL, bus, slot, func, &ppt); - if (error) - return (error); + if (error != 0) + goto out; pci_save_state(ppt->dev); ppt_pci_reset(ppt->dev); @@ -417,12 +435,14 @@ ppt_assign_device(struct vm *vm, int bus, int slot, int func) error = iommu_add_device(vm_iommu_domain(vm), ppt->dev, pci_get_rid(ppt->dev)); if (error != 0) - return (error); + goto out; ppt->vm = vm; cmd = pci_read_config(ppt->dev, PCIR_COMMAND, 2); cmd |= PCIM_CMD_BUSMASTEREN | ppt_bar_enables(ppt); pci_write_config(ppt->dev, PCIR_COMMAND, cmd, 2); - return (0); +out: + PPT_UNLOCK(); + return (error); } int @@ -432,9 +452,10 @@ ppt_unassign_device(struct vm *vm, int bus, int slot, int func) int error; uint16_t cmd; + PPT_LOCK(); error = ppt_find(vm, bus, slot, func, &ppt); - if (error) - return (error); + if (error != 0) + goto out; cmd = pci_read_config(ppt->dev, PCIR_COMMAND, 2); cmd &= ~(PCIM_CMD_PORTEN | PCIM_CMD_MEMEN | PCIM_CMD_BUSMASTEREN); @@ -448,6 +469,8 @@ ppt_unassign_device(struct vm *vm, int bus, int slot, int func) error = iommu_remove_device(vm_iommu_domain(vm), ppt->dev, pci_get_rid(ppt->dev)); ppt->vm = NULL; +out: + PPT_UNLOCK(); return (error); } @@ -500,13 +523,17 @@ ppt_map_mmio(struct vm *vm, int bus, int slot, int func, hpa % PAGE_SIZE != 0 || gpa + len < gpa || hpa + len < hpa) return (EINVAL); + PPT_LOCK(); error = ppt_find(vm, bus, slot, func, &ppt); if (error) - return (error); + goto out; - if (!ppt_valid_bar_mapping(ppt, hpa, len)) - return (EINVAL); + if (!ppt_valid_bar_mapping(ppt, hpa, len)) { + error = EINVAL; + goto out; + } + error = ENOSPC; for (i = 0; i < MAX_MMIOSEGS; i++) { seg = &ppt->mmio[i]; if (seg->len == 0) { @@ -515,10 +542,12 @@ ppt_map_mmio(struct vm *vm, int bus, int slot, int func, seg->gpa = gpa; seg->len = len; } - return (error); + break; } } - return (ENOSPC); +out: + PPT_UNLOCK(); + return (error); } int @@ -529,10 +558,12 @@ ppt_unmap_mmio(struct vm *vm, int bus, int slot, int func, struct pptseg *seg; struct pptdev *ppt; + PPT_LOCK(); error = ppt_find(vm, bus, slot, func, &ppt); if (error) - return (error); + goto out; + error = ENOENT; for (i = 0; i < MAX_MMIOSEGS; i++) { seg = &ppt->mmio[i]; if (seg->gpa == gpa && seg->len == len) { @@ -541,9 +572,11 @@ ppt_unmap_mmio(struct vm *vm, int bus, int slot, int func, seg->gpa = 0; seg->len = 0; } - return (error); + break; } } +out: + PPT_UNLOCK(); return (ENOENT); } @@ -586,19 +619,22 @@ ppt_setup_msi(struct vm *vm, int bus, int slot, int func, if (numvec < 0 || numvec > MAX_MSIMSGS) return (EINVAL); + PPT_LOCK(); error = ppt_find(vm, bus, slot, func, &ppt); if (error) - return (error); + goto out; /* Reject attempts to enable MSI while MSI-X is active. */ - if (ppt->msix.num_msgs != 0 && numvec != 0) - return (EBUSY); + if (ppt->msix.num_msgs != 0 && numvec != 0) { + error = EBUSY; + goto out; + } /* Free any allocated resources */ ppt_teardown_msi(ppt); if (numvec == 0) /* nothing more to do */ - return (0); + goto out; flags = RF_ACTIVE; msi_count = pci_msi_count(ppt->dev); @@ -613,8 +649,10 @@ ppt_setup_msi(struct vm *vm, int bus, int slot, int func, * The device must be capable of supporting the number of vectors * the guest wants to allocate. */ - if (numvec > msi_count) - return (EINVAL); + if (numvec > msi_count) { + error = EINVAL; + goto out; + } /* * Make sure that we can allocate all the MSI vectors that are needed @@ -624,10 +662,11 @@ ppt_setup_msi(struct vm *vm, int bus, int slot, int func, tmp = numvec; error = pci_alloc_msi(ppt->dev, &tmp); if (error) - return (error); + goto out; else if (tmp != numvec) { pci_release_msi(ppt->dev); - return (ENOSPC); + error = ENOSPC; + goto out; } else { /* success */ } @@ -662,10 +701,12 @@ ppt_setup_msi(struct vm *vm, int bus, int slot, int func, if (i < numvec) { ppt_teardown_msi(ppt); - return (ENXIO); + error = ENXIO; } - return (0); +out: + PPT_UNLOCK(); + return (error); } int @@ -677,17 +718,22 @@ ppt_setup_msix(struct vm *vm, int bus, int slot, int func, int numvec, alloced, rid, error; size_t res_size, cookie_size, arg_size; + PPT_LOCK(); error = ppt_find(vm, bus, slot, func, &ppt); if (error) - return (error); + goto out; /* Reject attempts to enable MSI-X while MSI is active. */ - if (ppt->msi.num_msgs != 0) - return (EBUSY); + if (ppt->msi.num_msgs != 0) { + error = EBUSY; + goto out; + } dinfo = device_get_ivars(ppt->dev); - if (!dinfo) - return (ENXIO); + if (dinfo == NULL) { + error = ENXIO; + goto out; + } /* * First-time configuration: @@ -697,8 +743,10 @@ ppt_setup_msix(struct vm *vm, int bus, int slot, int func, */ if (ppt->msix.num_msgs == 0) { numvec = pci_msix_count(ppt->dev); - if (numvec <= 0) - return (EINVAL); + if (numvec <= 0) { + error = EINVAL; + goto out; + } ppt->msix.startrid = 1; ppt->msix.num_msgs = numvec; @@ -718,7 +766,8 @@ ppt_setup_msix(struct vm *vm, int bus, int slot, int func, if (ppt->msix.msix_table_res == NULL) { ppt_teardown_msix(ppt); - return (ENOSPC); + error = ENOSPC; + goto out; } ppt->msix.msix_table_rid = rid; @@ -730,7 +779,8 @@ ppt_setup_msix(struct vm *vm, int bus, int slot, int func, if (ppt->msix.msix_pba_res == NULL) { ppt_teardown_msix(ppt); - return (ENOSPC); + error = ENOSPC; + goto out; } ppt->msix.msix_pba_rid = rid; } @@ -739,12 +789,16 @@ ppt_setup_msix(struct vm *vm, int bus, int slot, int func, error = pci_alloc_msix(ppt->dev, &alloced); if (error || alloced != numvec) { ppt_teardown_msix(ppt); - return (error == 0 ? ENOSPC: error); + if (error == 0) + error = ENOSPC; + goto out; } } - if (idx >= ppt->msix.num_msgs) - return (EINVAL); + if (idx >= ppt->msix.num_msgs) { + error = EINVAL; + goto out; + } if ((vector_control & PCIM_MSIX_VCTRL_MASK) == 0) { /* Tear down the IRQ if it's already set up */ @@ -755,8 +809,10 @@ ppt_setup_msix(struct vm *vm, int bus, int slot, int func, rid = ppt->msix.startrid + idx; ppt->msix.res[idx] = bus_alloc_resource_any(ppt->dev, SYS_RES_IRQ, &rid, RF_ACTIVE); - if (ppt->msix.res[idx] == NULL) - return (ENXIO); + if (ppt->msix.res[idx] == NULL) { + error = ENXIO; + goto out; + } ppt->msix.arg[idx].pptdev = ppt; ppt->msix.arg[idx].addr = addr; @@ -767,19 +823,20 @@ ppt_setup_msix(struct vm *vm, int bus, int slot, int func, INTR_TYPE_NET | INTR_MPSAFE, pptintr, NULL, &ppt->msix.arg[idx], &ppt->msix.cookie[idx]); - if (error != 0) { bus_release_resource(ppt->dev, SYS_RES_IRQ, rid, ppt->msix.res[idx]); ppt->msix.cookie[idx] = NULL; ppt->msix.res[idx] = NULL; - return (ENXIO); + error = ENXIO; + goto out; } } else { /* Masked, tear it down if it's already been set up */ ppt_teardown_msix_intr(ppt, idx); } - - return (0); +out: + PPT_UNLOCK(); + return (error); } int @@ -788,10 +845,13 @@ ppt_disable_msix(struct vm *vm, int bus, int slot, int func) struct pptdev *ppt; int error; + PPT_LOCK(); error = ppt_find(vm, bus, slot, func, &ppt); - if (error) + if (error != 0) { + PPT_UNLOCK(); return (error); - + } ppt_teardown_msix(ppt); + PPT_UNLOCK(); return (0); }
