Re: [PATCH] PCI/P2PDMA: Avoid returning a provider for non_mappable_bars

[Matt Evans]

Hi Alex,

On 22/04/2026 16:01, Alex Williamson wrote:
> On Tue, 21 Apr 2026 10:43:51 -0700
> Matt Evans <mattev@xxxxxxxx> wrote:
>
> > Extend pcim_p2pdma_provider()'s checks to exclude functions that have
> > pdev->non_mappable_bars set.
> >
> > Consumers such as VFIO were previously able to map these for access by
> > the CPU or P2P.  Update the comment on non_mappable_bars to show it
> > refers to any access, not just userspace CPU access.
> >
> > Fixes: 372d6d1b8ae3c ("PCI/P2PDMA: Refactor to separate core P2P functionality from memory allocation")
> > Signed-off-by: Matt Evans <mattev@xxxxxxxx>
> > ---
> >
> > This arises from Alex Williamson's suggestion to test
> > non_mappable_bars when getting the provider, with discussion here:
> >
> >   https://lore.kernel.org/kvm/20260415181623.1021090-1-mattev@xxxxxxxx/
> >
> > The goal was to prevent a hole where VFIO could export DMABUFs for
> > BARs marked non-mappable, and to fix for all users of the provider
> > rather than just VFIO.  Alex observed that non_mappable_bars should be
> > taken to mean BARs weren't usable by the CPU _or_ peers and,
> > considering that, its comment about userspace access wasn't quite
> > right.
> >
> >
> >   drivers/pci/p2pdma.c | 3 ++-
> >   include/linux/pci.h  | 2 +-
> >   2 files changed, 3 insertions(+), 2 deletions(-)
> >
> > diff --git a/drivers/pci/p2pdma.c b/drivers/pci/p2pdma.c
> > index 7c898542af8d..4a783413f466 100644
> > --- a/drivers/pci/p2pdma.c
> > +++ b/drivers/pci/p2pdma.c
> > @@ -318,7 +318,8 @@ struct p2pdma_provider *pcim_p2pdma_provider(struct pci_dev *pdev, int bar)
> >   {
> >   	struct pci_p2pdma *p2p;
> >   
> > -	if (!(pci_resource_flags(pdev, bar) & IORESOURCE_MEM))
> > +	if (!(pci_resource_flags(pdev, bar) & IORESOURCE_MEM) ||
> > +	    pdev->non_mappable_bars)
> >   		return NULL;
> >   
> >   	p2p = rcu_dereference_protected(pdev->p2pdma, 1);
> > diff --git a/include/linux/pci.h b/include/linux/pci.h
> > index 2c4454583c11..1e6802017d6b 100644
> > --- a/include/linux/pci.h
> > +++ b/include/linux/pci.h
> > @@ -508,7 +508,7 @@ struct pci_dev {
> >   	unsigned int	no_command_memory:1;	/* No PCI_COMMAND_MEMORY */
> >   	unsigned int	rom_bar_overlap:1;	/* ROM BAR disable broken */
> >   	unsigned int	rom_attr_enabled:1;	/* Display of ROM attribute enabled? */
> > -	unsigned int	non_mappable_bars:1;	/* BARs can't be mapped to user-space  */
> > +	unsigned int	non_mappable_bars:1;	/* BARs can't be mapped by CPU or peers */
> >   	pci_dev_flags_t dev_flags;
> >   	atomic_t	enable_cnt;	/* pci_enable_device has been called */
> >   
>
> Should pcim_p2pdma_init() separately test pdev->non_mappable_bars
> before the rcu-deref/kzalloc of the pci_p2pdma object and return
> -EOPNOTSUPP?
>
> That then invokes the same error paths we'd see if we simply don't have
> p2pdma in the kernel and handles the pci_p2pdma_add_resource() path
> automatically as well.
>
> This pcim_p2pdma_provider() test is really then just suppressing the
> WARN_ON that we'd otherwise see by not finding the p2p object on the
> device.  Thanks,

That makes sense, yes, it'll avoid the WARN that'd otherwise occur in 
pci_p2pdma_add_resource().

I'll do a v2 adding this check to pcim_p2pdma_init() as well.  Hopefully 
Logan & Niklas's R-B will still apply.


Thanks,


Matt