Re: [RFC 1/8] iommu: Introduce a replace API for device pasid

From: Baolu Lu
Date: Tue Sep 26 2023 - 22:42:22 EST

Next message: Ming Qian: "RE: [EXT] Re: [PATCH v4 2/2] dt-bindings: media: imx-jpeg: Assign slot for imx jpeg encoder/decoder"
Previous message: joao: "[PATCH v2 1/2] Make loop indexes unsigned"
In reply to: Yi Liu: "[RFC 1/8] iommu: Introduce a replace API for device pasid"
Next in thread: Tian, Kevin: "RE: [RFC 1/8] iommu: Introduce a replace API for device pasid"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 9/26/23 5:26 PM, Yi Liu wrote:

From: Lu Baolu <baolu.lu@xxxxxxxxxxxxxxx>

Provide a high-level API to allow replacements of one domain with
another for specific pasid of a device. This is similar to
iommu_group_replace_domain() and it is also expected to be used
only by IOMMUFD.

Signed-off-by: Lu Baolu <baolu.lu@xxxxxxxxxxxxxxx>
Signed-off-by: Yi Liu <yi.l.liu@xxxxxxxxx>
---
drivers/iommu/iommu-priv.h | 2 ++
drivers/iommu/iommu.c | 73 ++++++++++++++++++++++++++++++--------
2 files changed, 60 insertions(+), 15 deletions(-)

[...]

@@ -3433,8 +3443,8 @@ EXPORT_SYMBOL_GPL(iommu_attach_device_pasid);
* The @domain must have been attached to @pasid of the @dev with
* iommu_attach_device_pasid().
*/
-void iommu_detach_device_pasid(struct iommu_domain *domain, struct device *dev,
- ioasid_t pasid)
+void iommu_detach_device_pasid(struct iommu_domain *domain,
+ struct device *dev, ioasid_t pasid)

Above change is irrelevant.

{
struct iommu_group *group = iommu_group_get(dev);
@@ -3447,6 +3457,39 @@ void iommu_detach_device_pasid(struct iommu_domain *domain, struct device *dev,
}
EXPORT_SYMBOL_GPL(iommu_detach_device_pasid);
+/**
+ * iommu_replace_device_pasid - replace the domain that a pasid is attached to
+ * @domain: new IOMMU domain to replace with
+ * @dev: the physical device
+ * @pasid: pasid that will be attached to the new domain
+ *
+ * This API allows the pasid to switch domains. Return 0 on success, or an
+ * error. The pasid will roll back to use the old domain if failure. The
+ * caller could call iommu_detach_device_pasid() before free the old domain
+ * in order to avoid use-after-free case.

The comment does not match the actual behavior of the code. We need to
discuss and agree on which state the PASID should park in if replacing
the domain fails.

+ */
+int iommu_replace_device_pasid(struct iommu_domain *domain,
+ struct device *dev, ioasid_t pasid)
+{
+ struct iommu_group *group = dev->iommu_group;
+ int ret;
+
+ if (!domain)
+ return -EINVAL;
+
+ if (!group)
+ return -ENODEV;
+
+ mutex_lock(&group->mutex);
+ __iommu_remove_group_pasid(group, pasid);
+ xa_erase(&group->pasid_array, pasid);
+ ret = __iommu_group_attach_pasid(domain, group, pasid);
+ mutex_unlock(&group->mutex);
+
+ return ret;
+}
+EXPORT_SYMBOL_NS_GPL(iommu_replace_device_pasid, IOMMUFD_INTERNAL);
+
/*
* iommu_get_domain_for_dev_pasid() - Retrieve domain for @pasid of @dev
* @dev: the queried device

Best regards,
baolu

Next message: Ming Qian: "RE: [EXT] Re: [PATCH v4 2/2] dt-bindings: media: imx-jpeg: Assign slot for imx jpeg encoder/decoder"
Previous message: joao: "[PATCH v2 1/2] Make loop indexes unsigned"
In reply to: Yi Liu: "[RFC 1/8] iommu: Introduce a replace API for device pasid"
Next in thread: Tian, Kevin: "RE: [RFC 1/8] iommu: Introduce a replace API for device pasid"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]