Re: [RFC PATCH 03/15] iommu/vt-d: Prevent hotplugs when live update state is not normal
From: Jason Gunthorpe
Date: Mon Sep 29 2025 - 11:51:26 EST
On Sun, Sep 28, 2025 at 07:06:11PM +0000, Samiullah Khawaja wrote:
> Hotplugs should not be allowed when the live update state is not normal.
> This means either we have preserved the state of IOMMU hardware units or
> restoring the preserved state.
>
> The live update semaphore read lock should be taken before checking the
> live update state.
>
> Signed-off-by: Samiullah Khawaja <skhawaja@xxxxxxxxxx>
> ---
> drivers/iommu/intel/dmar.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/drivers/iommu/intel/dmar.c b/drivers/iommu/intel/dmar.c
> index ec975c73cfe6..248bc7e9b035 100644
> --- a/drivers/iommu/intel/dmar.c
> +++ b/drivers/iommu/intel/dmar.c
> @@ -26,6 +26,7 @@
> #include <linux/dmi.h>
> #include <linux/slab.h>
> #include <linux/iommu.h>
> +#include <linux/liveupdate.h>
> #include <linux/numa.h>
> #include <linux/limits.h>
> #include <asm/irq_remapping.h>
> @@ -2357,6 +2358,10 @@ static int dmar_device_hotplug(acpi_handle handle, bool insert)
> if (tmp == NULL)
> return 0;
>
> + guard_liveupdate_state_read();
> + if (!liveupdate_state_normal())
> + return -EBUSY;
Pasha, this is madness!
Exactly why I said we should not have these crazy globals, people are
just going to sprinkle them randomly everywhere with no possible way
of ever understanding why or what they even are supposed to protect!
There is no reason to block hotplug. Do the locking and state tracking
properly so you only manage the instances that need to participate in
luo because they are linked to already plugged devices that are also
participating in luo.
Jason