Re: [PATCH v8 04/11] bus: platform,amba,fsl-mc,PCI: Add device DMA ownership management

From: Robin Murphy
Date: Tue Mar 08 2022 - 08:40:06 EST

Next message: Vladimir Oltean: "Re: [PATCH net-next v4 1/1] net: dsa: microchip: ksz9477: implement MTU configuration"
Previous message: Robin Murphy: "Re: [PATCH v8 01/11] iommu: Add DMA ownership management interfaces"
In reply to: Lu Baolu: "[PATCH v8 04/11] bus: platform,amba,fsl-mc,PCI: Add device DMA ownership management"
Next in thread: Lu Baolu: "[PATCH v8 06/11] PCI: portdrv: Set driver_managed_dma"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2022-03-08 05:44, Lu Baolu wrote:

The devices on platform/amba/fsl-mc/PCI buses could be bound to drivers
with the device DMA managed by kernel drivers or user-space applications.
Unfortunately, multiple devices may be placed in the same IOMMU group
because they cannot be isolated from each other. The DMA on these devices
must either be entirely under kernel control or userspace control, never
a mixture. Otherwise the driver integrity is not guaranteed because they
could access each other through the peer-to-peer accesses which by-pass
the IOMMU protection.

This checks and sets the default DMA mode during driver binding, and
cleanups during driver unbinding. In the default mode, the device DMA is
managed by the device driver which handles DMA operations through the
kernel DMA APIs (see Documentation/core-api/dma-api.rst).

For cases where the devices are assigned for userspace control through the
userspace driver framework(i.e. VFIO), the drivers(for example, vfio_pci/
vfio_platfrom etc.) may set a new flag (driver_managed_dma) to skip this
default setting in the assumption that the drivers know what they are
doing with the device DMA.

Calling iommu_device_use_default_domain() before {of,acpi}_dma_configure
is currently a problem. As things stand, the IOMMU driver ignored the
initial iommu_probe_device() call when the device was added, since at
that point it had no fwspec yet. In this situation,
{of,acpi}_iommu_configure() are retriggering iommu_probe_device() after
the IOMMU driver has seen the firmware data via .of_xlate to learn that
it actually responsible for the given device. As the result, before
that gets fixed, iommu_use_default_domain() goes at the end, and calls
arch_teardown_dma_ops() if it fails.

Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Cc: Bjorn Helgaas <bhelgaas@xxxxxxxxxx>
Cc: Stuart Yoder <stuyoder@xxxxxxxxx>
Cc: Laurentiu Tudor <laurentiu.tudor@xxxxxxx>
Signed-off-by: Lu Baolu <baolu.lu@xxxxxxxxxxxxxxx>
Reviewed-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Reviewed-by: Jason Gunthorpe <jgg@xxxxxxxxxx>

Reviewed-by: Robin Murphy <robin.murphy@xxxxxxx>

Next message: Vladimir Oltean: "Re: [PATCH net-next v4 1/1] net: dsa: microchip: ksz9477: implement MTU configuration"
Previous message: Robin Murphy: "Re: [PATCH v8 01/11] iommu: Add DMA ownership management interfaces"
In reply to: Lu Baolu: "[PATCH v8 04/11] bus: platform,amba,fsl-mc,PCI: Add device DMA ownership management"
Next in thread: Lu Baolu: "[PATCH v8 06/11] PCI: portdrv: Set driver_managed_dma"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]