On Tue, 13 Jun 2023 05:48:46 +0000
"Liu, Yi L" <yi.l....@intel.com> wrote:
> > From: Alex Williamson <alex.william...@redhat.com>
> > Sent: Tuesday, June 13, 2023 6:27 AM
> >
> > On Fri, 2 Jun 2023 05:16:47 -0700
> > Yi Liu <yi.l....@intel.com> wrote:
> >
> > > This adds ioctl for userspace to bind device cdev fd to iommufd.
> > >
> > > VFIO_DEVICE_BIND_IOMMUFD: bind device to an iommufd, hence gain DMA
> > > control provided by the iommufd. open_device
> > > op is called after bind_iommufd op.
> > >
> > > Tested-by: Yanting Jiang <yanting.ji...@intel.com>
> > > Tested-by: Shameer Kolothum <shameerali.kolothum.th...@huawei.com>
> > > Tested-by: Terrence Xu <terrence...@intel.com>
> > > Signed-off-by: Yi Liu <yi.l....@intel.com>
> > > ---
> > > drivers/vfio/device_cdev.c | 123 +++++++++++++++++++++++++++++++++++++
> > > drivers/vfio/vfio.h | 13 ++++
> > > drivers/vfio/vfio_main.c | 5 ++
> > > include/linux/vfio.h | 3 +-
> > > include/uapi/linux/vfio.h | 27 ++++++++
> > > 5 files changed, 170 insertions(+), 1 deletion(-)
> > >
> > > diff --git a/drivers/vfio/device_cdev.c b/drivers/vfio/device_cdev.c
> > > index 1c640016a824..a4498ddbe774 100644
> > > --- a/drivers/vfio/device_cdev.c
> > > +++ b/drivers/vfio/device_cdev.c
> > > @@ -3,6 +3,7 @@
> > > * Copyright (c) 2023 Intel Corporation.
> > > */
> > > #include <linux/vfio.h>
> > > +#include <linux/iommufd.h>
> > >
> > > #include "vfio.h"
> > >
> > > @@ -44,6 +45,128 @@ int vfio_device_fops_cdev_open(struct inode *inode,
> > > struct
> > file *filep)
> > > return ret;
> > > }
> > >
> > > +static void vfio_device_get_kvm_safe(struct vfio_device_file *df)
> > > +{
> > > + spin_lock(&df->kvm_ref_lock);
> > > + if (df->kvm)
> > > + _vfio_device_get_kvm_safe(df->device, df->kvm);
> > > + spin_unlock(&df->kvm_ref_lock);
> > > +}
> > > +
> > > +void vfio_df_cdev_close(struct vfio_device_file *df)
> > > +{
> > > + struct vfio_device *device = df->device;
> > > +
> > > + /*
> > > + * In the time of close, there is no contention with another one
> > > + * changing this flag. So read df->access_granted without lock
> > > + * and no smp_load_acquire() is ok.
> > > + */
> > > + if (!df->access_granted)
> > > + return;
> > > +
> > > + mutex_lock(&device->dev_set->lock);
> > > + vfio_df_close(df);
> > > + vfio_device_put_kvm(device);
> > > + iommufd_ctx_put(df->iommufd);
> > > + device->cdev_opened = false;
> > > + mutex_unlock(&device->dev_set->lock);
> > > + vfio_device_unblock_group(device);
> > > +}
> > > +
> > > +static struct iommufd_ctx *vfio_get_iommufd_from_fd(int fd)
> > > +{
> > > + struct iommufd_ctx *iommufd;
> > > + struct fd f;
> > > +
> > > + f = fdget(fd);
> > > + if (!f.file)
> > > + return ERR_PTR(-EBADF);
> > > +
> > > + iommufd = iommufd_ctx_from_file(f.file);
> > > +
> > > + fdput(f);
> > > + return iommufd;
> > > +}
> > > +
> > > +long vfio_df_ioctl_bind_iommufd(struct vfio_device_file *df,
> > > + struct vfio_device_bind_iommufd __user *arg)
> > > +{
> > > + struct vfio_device *device = df->device;
> > > + struct vfio_device_bind_iommufd bind;
> > > + unsigned long minsz;
> > > + int ret;
> > > +
> > > + static_assert(__same_type(arg->out_devid, df->devid));
> > > +
> > > + minsz = offsetofend(struct vfio_device_bind_iommufd, out_devid);
> > > +
> > > + if (copy_from_user(&bind, arg, minsz))
> > > + return -EFAULT;
> > > +
> > > + if (bind.argsz < minsz || bind.flags || bind.iommufd < 0)
> > > + return -EINVAL;
> > > +
> > > + /* BIND_IOMMUFD only allowed for cdev fds */
> > > + if (df->group)
> > > + return -EINVAL;
> > > +
> > > + ret = vfio_device_block_group(device);
> > > + if (ret)
> > > + return ret;
> > > +
> > > + mutex_lock(&device->dev_set->lock);
> > > + /* one device cannot be bound twice */
> > > + if (df->access_granted) {
> > > + ret = -EINVAL;
> > > + goto out_unlock;
> > > + }
> > > +
> > > + df->iommufd = vfio_get_iommufd_from_fd(bind.iommufd);
> > > + if (IS_ERR(df->iommufd)) {
> > > + ret = PTR_ERR(df->iommufd);
> > > + df->iommufd = NULL;
> > > + goto out_unlock;
> > > + }
> > > +
> > > + /*
> > > + * Before the device open, get the KVM pointer currently
> > > + * associated with the device file (if there is) and obtain
> > > + * a reference. This reference is held until device closed.
> > > + * Save the pointer in the device for use by drivers.
> > > + */
> > > + vfio_device_get_kvm_safe(df);
> > > +
> > > + ret = vfio_df_open(df);
> > > + if (ret)
> > > + goto out_put_kvm;
> > > +
> > > + ret = copy_to_user(&arg->out_devid, &df->devid,
> > > + sizeof(df->devid)) ? -EFAULT : 0;
> > > + if (ret)
> > > + goto out_close_device;
> > > +
> > > + /*
> > > + * Paired with smp_load_acquire() in vfio_device_fops::ioctl/
> > > + * read/write/mmap
> > > + */
> > > + smp_store_release(&df->access_granted, true);
> > > + device->cdev_opened = true;
> > > + mutex_unlock(&device->dev_set->lock);
> > > + return 0;
> > > +
> > > +out_close_device:
> > > + vfio_df_close(df);
> > > +out_put_kvm:
> > > + vfio_device_put_kvm(device);
> > > + iommufd_ctx_put(df->iommufd);
> > > + df->iommufd = NULL;
> > > +out_unlock:
> > > + mutex_unlock(&device->dev_set->lock);
> > > + vfio_device_unblock_group(device);
> > > + return ret;
> > > +}
> > > +
> > > static char *vfio_device_devnode(const struct device *dev, umode_t *mode)
> > > {
> > > return kasprintf(GFP_KERNEL, "vfio/devices/%s", dev_name(dev));
> > > diff --git a/drivers/vfio/vfio.h b/drivers/vfio/vfio.h
> > > index d12b5b524bfc..42de40d2cd4d 100644
> > > --- a/drivers/vfio/vfio.h
> > > +++ b/drivers/vfio/vfio.h
> > > @@ -287,6 +287,9 @@ static inline void vfio_device_del(struct vfio_device
> > > *device)
> > > }
> > >
> > > int vfio_device_fops_cdev_open(struct inode *inode, struct file *filep);
> > > +void vfio_df_cdev_close(struct vfio_device_file *df);
> > > +long vfio_df_ioctl_bind_iommufd(struct vfio_device_file *df,
> > > + struct vfio_device_bind_iommufd __user *arg);
> > > int vfio_cdev_init(struct class *device_class);
> > > void vfio_cdev_cleanup(void);
> > > #else
> > > @@ -310,6 +313,16 @@ static inline int vfio_device_fops_cdev_open(struct
> > > inode
> > *inode,
> > > return 0;
> > > }
> > >
> > > +static inline void vfio_df_cdev_close(struct vfio_device_file *df)
> > > +{
> > > +}
> > > +
> > > +static inline long vfio_df_ioctl_bind_iommufd(struct vfio_device_file
> > > *df,
> > > + struct vfio_device_bind_iommufd
> > > __user
> > *arg)
> > > +{
> > > + return -EOPNOTSUPP;
> > > +}
> > > +
> > > static inline int vfio_cdev_init(struct class *device_class)
> > > {
> > > return 0;
> > > diff --git a/drivers/vfio/vfio_main.c b/drivers/vfio/vfio_main.c
> > > index ef55af75f459..9ba4d420eda2 100644
> > > --- a/drivers/vfio/vfio_main.c
> > > +++ b/drivers/vfio/vfio_main.c
> > > @@ -572,6 +572,8 @@ static int vfio_device_fops_release(struct inode
> > > *inode, struct
> > file *filep)
> > >
> > > if (df->group)
> > > vfio_df_group_close(df);
> > > + else
> > > + vfio_df_cdev_close(df);
> > >
> > > vfio_device_put_registration(device);
> > >
> > > @@ -1145,6 +1147,9 @@ static long vfio_device_fops_unl_ioctl(struct file
> > > *filep,
> > > struct vfio_device *device = df->device;
> > > int ret;
> > >
> > > + if (cmd == VFIO_DEVICE_BIND_IOMMUFD)
> > > + return vfio_df_ioctl_bind_iommufd(df, (void __user *)arg);
> > > +
> > > /* Paired with smp_store_release() following vfio_df_open() */
> > > if (!smp_load_acquire(&df->access_granted))
> > > return -EINVAL;
> > > diff --git a/include/linux/vfio.h b/include/linux/vfio.h
> > > index 83cc5dc28b7a..e80a8ac86e46 100644
> > > --- a/include/linux/vfio.h
> > > +++ b/include/linux/vfio.h
> > > @@ -66,6 +66,7 @@ struct vfio_device {
> > > struct iommufd_device *iommufd_device;
> > > bool iommufd_attached;
> > > #endif
> > > + bool cdev_opened:1;
> >
> > Perhaps a more strongly defined data type here as well and roll
> > iommufd_attached into the same bit field scheme.
>
> Ok, then needs to make iommufd_attached always defined.
That does not follow. Thanks,
Alex
