Re: [BACKPORT] swiotlb-xen: implement xen_swiotlb_dma_mmap callback

From: Stefano Stabellini
Date: Wed Sep 20 2017 - 20:36:54 EST


On Wed, 20 Sep 2017, Leonard Crestez wrote:
> On Mon, 2017-09-18 at 11:08 -0700, Stefano Stabellini wrote:
> On Fri, 15 Sep 2017, Greg KH wrote:
> > On Thu, Sep 14, 2017 at 04:23:05PM -0700, Stefano Stabellini wrote:
> > > Hi all,
> > >Â
> > > We are getting reports from Xen on ARM users about DMA issues. The
> > > problem is that the commit below
> > > (7e91c7df29b5e196de3dc6f086c8937973bd0b88) is necessary to support mmap
> > > on Xen on ARM. It is self-contained and doesn't affect anything outside
> > > of Xen on ARM, so I think is a good candidate for backporting. It went
> > > upstream in 4.11.
>
> > But it's a new feature, right? How does that fit the stable kernel
> > rules?
>
>
> It implements a previously unimplemented function (mmap), although it
> calls the generic functions to do it. Yes, I agree with you that it
> can be classified as a new feature. If that is against the stable kernel
> rules, then please discard this request.
>
>
> FYI the reason why it didn't raise a flag in my mind is that users
> reported something like "unhandled alignment fault (11) at
> 0xffffa6048080, esr 0x92000061", which really looks more like a bug.
>
> I am the one who reported this, on the #xenarm IRC channel.

Thank you for jumping into this thread.


> Not implementing mmap in dma_map_ops means that dma_common_mmap is
> called by dma_map_attrs as a fallback. The end result is not something
> like -ENOSYS but what seem to be corrupt mappings.
>
> However I agree that backporting might be excessive. I ran into this by
> experimenting with using a GPU from dom0. It seems reasonable to get
> kernel crashes if you try this kind of stuff.
>
> This patch results in calling __swiotlb_mmap instead of
> dma_common_mmap. I don't know the implementation details of the DMA api
> but the interesting difference between these paths seems to be the way
> pfn is fetched (from dma_addr instead of the kernel virt addr).

Yes, on ARM and ARM64 dma_map_ops functions can return pages for which
virt_to_page doesn't work as expected (for example on ARM alloc_coherent
returns an ioremap'ped virtual address, I don't remember the details of
the ARM64 implementation right now). This is why the dma_map_ops
functions are implemented by looking up the physical address from the
dma address.