[PATCH v3 17/18] vfio/pci: Preserve the iommufd state of the vfio cdev

From: Samiullah Khawaja

Date: Sun Jun 14 2026 - 19:44:05 EST


If the vfio cdev is attached to an iommufd, preserve the state of the
attached iommufd also. Basically preserve the iommu specific state of
the device and also the attach iommu HW unit.

Once the device and its iommufd attachment is preserved, it cannot be
detached or attached to another IOAS until it is unpreserved.

Reviewed-by: Pranjal Shrivastava <praan@xxxxxxxxxx>
Signed-off-by: Samiullah Khawaja <skhawaja@xxxxxxxxxx>
---
drivers/vfio/device_cdev.c | 10 +++++++
drivers/vfio/pci/vfio_pci_liveupdate.c | 37 +++++++++++++++++++++++++-
2 files changed, 46 insertions(+), 1 deletion(-)

diff --git a/drivers/vfio/device_cdev.c b/drivers/vfio/device_cdev.c
index 0050f0fe456b..844f1473d875 100644
--- a/drivers/vfio/device_cdev.c
+++ b/drivers/vfio/device_cdev.c
@@ -275,6 +275,11 @@ int vfio_df_ioctl_attach_pt(struct vfio_device_file *df,
}

mutex_lock(&device->dev_set->lock);
+ if (iommufd_device_is_preserved(device->iommufd_device)) {
+ ret = -EBUSY;
+ goto out_unlock;
+ }
+
if (attach.flags & VFIO_DEVICE_ATTACH_PASID)
ret = device->ops->pasid_attach_ioas(device,
attach.pasid,
@@ -333,6 +338,11 @@ int vfio_df_ioctl_detach_pt(struct vfio_device_file *df,
}

mutex_lock(&device->dev_set->lock);
+ if (iommufd_device_is_preserved(device->iommufd_device)) {
+ mutex_unlock(&device->dev_set->lock);
+ return -EBUSY;
+ }
+
if (detach.flags & VFIO_DEVICE_DETACH_PASID)
device->ops->pasid_detach_ioas(device, detach.pasid);
else
diff --git a/drivers/vfio/pci/vfio_pci_liveupdate.c b/drivers/vfio/pci/vfio_pci_liveupdate.c
index 7b841a1e7fcc..37d327f82d5a 100644
--- a/drivers/vfio/pci/vfio_pci_liveupdate.c
+++ b/drivers/vfio/pci/vfio_pci_liveupdate.c
@@ -106,6 +106,7 @@

#include <linux/errno.h>
#include <linux/file.h>
+#include <linux/iommufd.h>
#include <linux/kexec_handover.h>
#include <linux/kho/abi/vfio_pci.h>
#include <linux/liveupdate.h>
@@ -114,6 +115,8 @@

#include "vfio_pci_priv.h"

+MODULE_IMPORT_NS("IOMMUFD");
+
static bool vfio_pci_liveupdate_can_preserve(struct liveupdate_file_handler *handler,
struct file *file)
{
@@ -155,9 +158,26 @@ static int vfio_pci_liveupdate_preserve(struct liveupdate_file_op_args *args)
vdev = container_of(device, struct vfio_pci_core_device, vdev);
pdev = vdev->pdev;

+#ifdef CONFIG_IOMMU_LIVEUPDATE
+ /* If iommufd is attached, preserve the underlying domain */
+ mutex_lock(&device->dev_set->lock);
+ if (device->iommufd_attached) {
+ u64 token, preserved_state;
+
+ ret = iommufd_device_preserve(args->session,
+ device->iommufd_device,
+ &token, &preserved_state);
+ if (ret) {
+ mutex_unlock(&device->dev_set->lock);
+ return ret;
+ }
+ }
+ mutex_unlock(&device->dev_set->lock);
+#endif
+
ret = pci_liveupdate_preserve(pdev);
if (ret)
- return ret;
+ goto err_iommufd_unpreserve;

ser = kho_alloc_preserve(sizeof(*ser));
if (IS_ERR(ser)) {
@@ -173,12 +193,27 @@ static int vfio_pci_liveupdate_preserve(struct liveupdate_file_op_args *args)

err_unpreserve:
pci_liveupdate_unpreserve(pdev);
+
+err_iommufd_unpreserve:
+ mutex_lock(&device->dev_set->lock);
+ if (device->iommufd_attached)
+ iommufd_device_unpreserve(args->session,
+ device->iommufd_device);
+ mutex_unlock(&device->dev_set->lock);
return ret;
}

static void vfio_pci_liveupdate_unpreserve(struct liveupdate_file_op_args *args)
{
struct vfio_device *device = vfio_device_from_file(args->file);
+ struct vfio_pci_core_device_ser *ser;
+
+ ser = phys_to_virt(args->serialized_data);
+ mutex_lock(&device->dev_set->lock);
+ if (device->iommufd_attached)
+ iommufd_device_unpreserve(args->session,
+ device->iommufd_device);
+ mutex_unlock(&device->dev_set->lock);

pci_liveupdate_unpreserve(to_pci_dev(device->dev));
kho_unpreserve_free(phys_to_virt(args->serialized_data));
--
2.54.0.1136.gdb2ca164c4-goog