Hi, These patches fix a potential race for concurrent calls to vfio_pci_core_setup_barmap(), and a DMABUF missing check for resource before the export. Discussion on a previous series (different, replaced by this one) is here:
https://lore.kernel.org/kvm/[email protected] Responses in that thread indicated there wasn't a strong historical reason to require the mapping to be performed on-demand at BAR reference time. It's much simpler to move this earlier, to vfio_pci_core_enable(), and that then avoids having to deal with concurrent requests later. The first patch requests PCI resources and pci_iomap() of the BARs from vfio_pci_core_enable(), moving this out of vfio_pci_core_setup_barmap(). Some callers rely on vfio_pci_core_setup_barmap() for its ioremap() effect, and other callers use it for its resource-acquiring effect. The function turns into a cheap error check that both these actions have occurred; that maintains the same error behaviour as before the fix. The second patch adds a call to vfio_pci_core_setup_barmap() to VFIO DMABUF export to check the resource is reserved; previously this was able to export an unrequested resource. Although patch 1 at first appears to fix this by requesting resources at enable time, code using the BAR still needs to check the resource really was acquired. The third patch refactors vfio_pci_core_setup_barmap() plus the various vdev->barmap[] accesses into vfio_pci_core_get_iomap() which returns either a pointer to the mapping or an ERR_PTR() describing why it doesn't exist. This is used by callers that need the mapping, but also by other callers to check that the resource/mapping step was successful. === Changes === v4: - Reorder patches to put fixes at the front: First, the early BAR setup to avoid the race. Then, add DMABUF check. Then, refactor/tidy. - Adjust Fixes: of first patch to point to early VFIO PCI commit, and reduce the patch to only the fix (don't add new error checks). Use pci_dbg() instead of pci_warn() when setting up BAR resources. Add barmap[] error checking to vfio_pci_core_disable(). - Add barmap[]/BAR index error checking to vfio_pci_core_get_iomap(), and use WARN_ON_ONCE() since the conditions truly shouldn't happen. v3: https://lore.kernel.org/kvm/[email protected]/ - Remove the separate tracking of the BAR mapping versus the acquiring its resource. Errors from failing iomap vs resource reservation are ERR_PTR()-elcoded into barmap[bar]. - Remove the separate test helper, and add vfio_pci_core_get_iomap(). This gets the iomap base or is used check for error/failure to acquire the resource. Added comments at call sites explaining whether they want to just ensure the resource is reserved versus actually use the mapping. v2: https://lore.kernel.org/kvm/[email protected]/ - Don't fail if resources can't be requested or iomapped, even for valid BARs, as this would change the userspace-observable error behaviour. Specifically, if there was an issue with one particular BAR which happened to never be used, then userspace would never encounter an error for it. Track iomap and resource-acquisition status per BAR. - Break out the checks for resource success from those for iomap success, in the form of the two new helpers. - Third patch to add the check to VFIO DMABUF export, because init-time requests can now fail. v1: https://lore.kernel.org/kvm/[email protected]/ Matt Evans (3): vfio/pci: Set up BAR resources and maps in vfio_pci_core_enable() vfio/pci: Check BAR resources before exporting a DMABUF vfio/pci: Replace vfio_pci_core_setup_barmap() with vfio_pci_core_get_iomap() drivers/vfio/pci/nvgrace-gpu/main.c | 11 +++---- drivers/vfio/pci/vfio_pci_core.c | 47 ++++++++++++++++++++++++----- drivers/vfio/pci/vfio_pci_dmabuf.c | 6 ++-- drivers/vfio/pci/vfio_pci_rdwr.c | 42 +++++--------------------- drivers/vfio/pci/virtio/legacy_io.c | 13 ++++---- include/linux/vfio_pci_core.h | 20 +++++++++++- 6 files changed, 81 insertions(+), 58 deletions(-) -- 2.47.3
