Re: [PATCH 6/9] iommu/amd: Implement map_atomic

From: Robin Murphy
Date: Tue Apr 16 2019 - 10:13:25 EST

Next message: Borislav Petkov: "Re: [PATCH v2 1/5] cpu/speculation: Add 'mitigations=' cmdline option"
Previous message: Joe Lawrence: "Re: [PATCH v3 2/9] kbuild: Support for Symbols.list creation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 11/04/2019 19:47, Tom Murphy wrote:

Instead of using a spin lock I removed the mutex lock from both the
amd_iommu_map and amd_iommu_unmap path as well. iommu_map doesnât lock
while mapping and so if iommu_map is called by two different threads on
the same iova region it results in a race condition even with the locks.
So the locking in amd_iommu_map and amd_iommu_unmap doesn't add any real
protection. The solution to this is for whatever manages the allocated
iovaâs externally to make sure iommu_map isnât called twice on the same
region at the same time.

Note that that assumption is not necessarily sufficient - even with correct address space management you can have cases like two threads mapping adjacent pages, where even thought they are targeting different PTEs they can race to install/modify intermediate levels of the pagetable. I believe AMD is actually OK in that regard, but some drivers *are* relying on locking for correctness so it can't just be unequivocally removed everywhere.

Robin.

Signed-off-by: Tom Murphy <tmurphy@xxxxxxxxxx>
---
drivers/iommu/amd_iommu.c | 25 ++++++++++++++++++-------
1 file changed, 18 insertions(+), 7 deletions(-)

diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c
index 2d4ee10626b4..b45e0e033adc 100644
--- a/drivers/iommu/amd_iommu.c
+++ b/drivers/iommu/amd_iommu.c
@@ -3089,12 +3089,12 @@ static int amd_iommu_attach_device(struct iommu_domain *dom,
return ret;
}
-static int amd_iommu_map(struct iommu_domain *dom, unsigned long iova,
- phys_addr_t paddr, size_t page_size, int iommu_prot)
+static int __amd_iommu_map(struct iommu_domain *dom, unsigned long iova,
+ phys_addr_t paddr, size_t page_size, int iommu_prot,
+ gfp_t gfp)
{
struct protection_domain *domain = to_pdomain(dom);
int prot = 0;
- int ret;
if (domain->mode == PAGE_MODE_NONE)
return -EINVAL;
@@ -3104,11 +3104,21 @@ static int amd_iommu_map(struct iommu_domain *dom, unsigned long iova,
if (iommu_prot & IOMMU_WRITE)
prot |= IOMMU_PROT_IW;
- mutex_lock(&domain->api_lock);
- ret = iommu_map_page(domain, iova, paddr, page_size, prot, GFP_KERNEL);
- mutex_unlock(&domain->api_lock);
+ return iommu_map_page(domain, iova, paddr, page_size, prot, gfp);
+}
- return ret;
+static int amd_iommu_map(struct iommu_domain *dom, unsigned long iova,
+ phys_addr_t paddr, size_t page_size, int iommu_prot)
+{
+ return __amd_iommu_map(dom, iova, paddr, page_size, iommu_prot,
+ GFP_KERNEL);
+}
+
+static int amd_iommu_map_atomic(struct iommu_domain *dom, unsigned long iova,
+ phys_addr_t paddr, size_t page_size, int iommu_prot)
+{
+ return __amd_iommu_map(dom, iova, paddr, page_size, iommu_prot,
+ GFP_ATOMIC);
}
static size_t amd_iommu_unmap(struct iommu_domain *dom, unsigned long iova,
@@ -3262,6 +3272,7 @@ const struct iommu_ops amd_iommu_ops = {
.attach_dev = amd_iommu_attach_device,
.detach_dev = amd_iommu_detach_device,
.map = amd_iommu_map,
+ .map_atomic = amd_iommu_map_atomic,
.unmap = amd_iommu_unmap,
.iova_to_phys = amd_iommu_iova_to_phys,
.add_device = amd_iommu_add_device,

Next message: Borislav Petkov: "Re: [PATCH v2 1/5] cpu/speculation: Add 'mitigations=' cmdline option"
Previous message: Joe Lawrence: "Re: [PATCH v3 2/9] kbuild: Support for Symbols.list creation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]