Hi Joerg, Replying again because I noticed that I couldn't find this mail in the external iommu mailing list while I was able to find your comments on my patch. Also, could you please answer my two questions below?
> -----Original Message----- > From: iommu <iommu-boun...@lists.linux-foundation.org> On Behalf Of > Prakhya, Sai Praneeth > Sent: Tuesday, June 30, 2020 8:04 PM > To: Joerg Roedel <j...@8bytes.org> > Cc: Raj, Ashok <ashok....@intel.com>; Will Deacon <will.dea...@arm.com>; > iommu@lists.linux-foundation.org; Robin Murphy <robin.mur...@arm.com>; > Christoph Hellwig <h...@lst.de> > Subject: RE: [PATCH V4 1/3] iommu: Add support to change default domain of > an iommu group > > Hi Joerg, > > > -----Original Message----- > > From: Joerg Roedel <j...@8bytes.org> > > Sent: Tuesday, June 30, 2020 2:16 AM > > To: Prakhya, Sai Praneeth <sai.praneeth.prak...@intel.com> > > Cc: iommu@lists.linux-foundation.org; Christoph Hellwig <h...@lst.de>; > > Raj, Ashok <ashok....@intel.com>; Will Deacon <will.dea...@arm.com>; > > Lu Baolu <baolu...@linux.intel.com>; Mehta, Sohil > > <sohil.me...@intel.com>; Robin Murphy <robin.mur...@arm.com>; Jacob > > Pan <jacob.jun....@linux.intel.com> > > Subject: Re: [PATCH V4 1/3] iommu: Add support to change default > > domain of an iommu group > > > > On Thu, Jun 04, 2020 at 06:32:06PM -0700, Sai Praneeth Prakhya wrote: > > > +static int iommu_change_dev_def_domain(struct iommu_group *group, > > > +int > > > +type) { > > > + struct iommu_domain *prev_dom; > > > + struct group_device *grp_dev; > > > + const struct iommu_ops *ops; > > > + int ret, dev_def_dom; > > > + struct device *dev; > > > + > > > + if (!group) > > > + return -EINVAL; > > > + > > > + mutex_lock(&group->mutex); > > > + > > > + if (group->default_domain != group->domain) { > > > + pr_err_ratelimited("Group assigned to user level for direct > > > +access\n"); > > > > Make this message: "Group not assigned to default domain\n". > > Sure! I will change it > > > > + ret = -EBUSY; > > > + goto out; > > > + } > > > + > > > + /* > > > + * iommu group wasn't locked while acquiring device lock in > > > + * iommu_group_store_type(). So, make sure that the device count > > hasn't > > > + * changed while acquiring device lock. > > > + * > > > + * Changing default domain of an iommu group with two or more > > devices > > > + * isn't supported because there could be a potential deadlock. Consider > > > + * the following scenario. T1 is trying to acquire device locks of all > > > + * the devices in the group and before it could acquire all of them, > > > + * there could be another thread T2 (from different sub-system and use > > > + * case) that has already acquired some of the device locks and might be > > > + * waiting for T1 to release other device locks. > > > + */ > > > + if (iommu_group_device_count(group) != 1) { > > > + pr_err_ratelimited("Cannot change default domain of a group > > with > > > +two or more devices\n"); > > > > "Can not change default domain: Group has more than one device\n" > > Ok.. make sense. I will change this. > > > > + ret = -EINVAL; > > > + goto out; > > > + } > > > + > > > + /* Since group has only one device */ > > > + list_for_each_entry(grp_dev, &group->devices, list) > > > + dev = grp_dev->dev; > > > + > > > + prev_dom = group->default_domain; > > > + if (!prev_dom || !prev_dom->ops || !prev_dom->ops- > > >def_domain_type) { > > > + pr_err_ratelimited("'def_domain_type' call back isn't > > > +registered\n"); > > > > This message isn't needed. > > Ok. I will remove it. > > > > + ret = __iommu_attach_device(group->default_domain, dev); > > > + if (ret) > > > + goto free_new_domain; > > > + > > > + group->domain = group->default_domain; > > > + > > > + ret = iommu_create_device_direct_mappings(group, dev); > > > + if (ret) > > > + goto free_new_domain; > > > > You need to create the direct mappings before you attach the device to > > the new domain. Otherwise there might be a short time-window where > > RMRR regions are not mapped. > > Ok.. makes sense. I will change this accordingly. > > > > +static ssize_t iommu_group_store_type(struct iommu_group *group, > > > + const char *buf, size_t count) { > > > + struct group_device *grp_dev; > > > + struct device *dev; > > > + int ret, req_type; > > > + > > > + if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO)) > > > + return -EACCES; > > > + > > > + if (WARN_ON(!group)) > > > + return -EINVAL; > > > + > > > + if (sysfs_streq(buf, "identity")) > > > + req_type = IOMMU_DOMAIN_IDENTITY; > > > + else if (sysfs_streq(buf, "DMA")) > > > + req_type = IOMMU_DOMAIN_DMA; > > > + else if (sysfs_streq(buf, "auto")) > > > + req_type = 0; > > > + else > > > + return -EINVAL; > > > + > > > + /* > > > + * Lock/Unlock the group mutex here before device lock to > > > + * 1. Make sure that the iommu group has only one device (this is a > > > + * prerequisite for step 2) > > > + * 2. Get struct *dev which is needed to lock device > > > + */ > > > + mutex_lock(&group->mutex); > > > + if (iommu_group_device_count(group) != 1) { > > > + mutex_unlock(&group->mutex); > > > + pr_err_ratelimited("Cannot change default domain of a group > > with two or more devices\n"); > > > + return -EINVAL; > > > + } > > > + > > > + /* Since group has only one device */ > > > + list_for_each_entry(grp_dev, &group->devices, list) > > > + dev = grp_dev->dev; > > > > Please use list_first_entry(). > > Ok. > > > You also need to take a reference with get_device() and then drop the > > group->mutex. > > Sure! I will change it. > > > After device_lock() you need to verify that the device is still in the > > same group and that the group has still only one device in it. Q1: > Presently, iommu_change_dev_def_domain() checks if the iommu group still has > only one device or not. Hence, checking if iommu group has one device or not > is > done twice, once before taking device_lock() and the other, after taking > device_lock(). > > I agree that the code isn't checking if the iommu group still has the _same_ > device or not. > One way, I could think of doing it is by storing "dev" temporarily and > checking > for it. > Do you think that's ok? Or would you rather suggest something else? > > > Then you can call down to > > iommu_change_dev_def_domain() which does not need to take the group- > > mutex by itself. Q2: > The reason for taking iommu_group->mutex in the beginning of > iommu_change_dev_def_domain() is that the function > > 1. Checks if the group is being directly used by user level drivers (i.e. if > (group- > >default_domain != group->domain)) > > 2. Uses iommu_ops > (prev_dom = group->default_domain; > if (!prev_dom || !prev_dom->ops || !prev_dom->ops->def_domain_type)) > > 3. Sets iomu_group->domain to iommu_group->default_domain > > I wanted to make sure that iommu_group->domain and iommu_group- > >default_domain aren't changed by some other thread while this thread is > working on it. So, please let me know if I misunderstood something. > > Regards, > Sai > _______________________________________________ > iommu mailing list > iommu@lists.linux-foundation.org > https://lists.linuxfoundation.org/mailman/listinfo/iommu _______________________________________________ iommu mailing list iommu@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/iommu