All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH v3] iommu: amd: Fix IOMMU page flush when detach device from a domain
@ 2019-01-24  4:16 ` Suthikulpanit, Suravee
  0 siblings, 0 replies; 5+ messages in thread
From: Suthikulpanit, Suravee @ 2019-01-24  4:16 UTC (permalink / raw)
  To: linux-kernel, iommu
  Cc: joro, Suthikulpanit, Suravee, Boris Ostrovsky, Singh, Brijesh

From: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>

When a VM is terminated, the VFIO driver detaches all pass-through
devices from VFIO domain by clearing domain id and page table root
pointer from each device table entry (DTE), and then invalidates
the DTE. Then, the VFIO driver unmap pages and invalidate IOMMU pages.

Currently, the IOMMU driver keeps track of which IOMMU and how many
devices are attached to the domain. When invalidate IOMMU pages,
the driver checks if the IOMMU is still attached to the domain before
issuing the invalidate page command.

However, since VFIO has already detached all devices from the domain,
the subsequent INVALIDATE_IOMMU_PAGES commands are being skipped as
there is no IOMMU attached to the domain. This results in data
corruption and could cause the PCI device to end up in indeterministic
state.

Fix this by invalidate IOMMU pages when detach a device, and
before decrementing the per-domain device reference counts.

Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Suggested-by: Joerg Roedel <joro@8bytes.org>
Co-developed-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>
---
 drivers/iommu/amd_iommu.c | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c
index 87ba23a75b38..6cd4a00036c1 100644
--- a/drivers/iommu/amd_iommu.c
+++ b/drivers/iommu/amd_iommu.c
@@ -1991,16 +1991,13 @@ static void do_attach(struct iommu_dev_data *dev_data,
 
 static void do_detach(struct iommu_dev_data *dev_data)
 {
+	struct protection_domain *domain = dev_data->domain;
 	struct amd_iommu *iommu;
 	u16 alias;
 
 	iommu = amd_iommu_rlookup_table[dev_data->devid];
 	alias = dev_data->alias;
 
-	/* decrease reference counters */
-	dev_data->domain->dev_iommu[iommu->index] -= 1;
-	dev_data->domain->dev_cnt                 -= 1;
-
 	/* Update data structures */
 	dev_data->domain = NULL;
 	list_del(&dev_data->list);
@@ -2010,6 +2007,16 @@ static void do_detach(struct iommu_dev_data *dev_data)
 
 	/* Flush the DTE entry */
 	device_flush_dte(dev_data);
+
+	/* Flush IOTLB */
+	domain_flush_tlb_pde(domain);
+
+	/* Wait for the flushes to finish */
+	domain_flush_complete(domain);
+
+	/* decrease reference counters - needs to happen after the flushes */
+	domain->dev_iommu[iommu->index] -= 1;
+	domain->dev_cnt                 -= 1;
 }
 
 /*
-- 
2.17.1


^ permalink raw reply related	[flat|nested] 5+ messages in thread
* [PATCH v3] iommu: amd: Fix IOMMU page flush when detach device from a domain
@ 2019-01-24  4:16 ` Suthikulpanit, Suravee
  0 siblings, 0 replies; 5+ messages in thread
From: Suthikulpanit, Suravee @ 2019-01-24  4:16 UTC (permalink / raw)
  To: linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	iommu-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA
  Cc: Singh, Brijesh, Boris Ostrovsky

From: Suravee Suthikulpanit <suravee.suthikulpanit-5C7GfCeVMHo@public.gmane.org>

When a VM is terminated, the VFIO driver detaches all pass-through
devices from VFIO domain by clearing domain id and page table root
pointer from each device table entry (DTE), and then invalidates
the DTE. Then, the VFIO driver unmap pages and invalidate IOMMU pages.

Currently, the IOMMU driver keeps track of which IOMMU and how many
devices are attached to the domain. When invalidate IOMMU pages,
the driver checks if the IOMMU is still attached to the domain before
issuing the invalidate page command.

However, since VFIO has already detached all devices from the domain,
the subsequent INVALIDATE_IOMMU_PAGES commands are being skipped as
there is no IOMMU attached to the domain. This results in data
corruption and could cause the PCI device to end up in indeterministic
state.

Fix this by invalidate IOMMU pages when detach a device, and
before decrementing the per-domain device reference counts.

Cc: Boris Ostrovsky <boris.ostrovsky-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org>
Suggested-by: Joerg Roedel <joro-zLv9SwRftAIdnm+yROfE0A@public.gmane.org>
Co-developed-by: Brijesh Singh <brijesh.singh-5C7GfCeVMHo@public.gmane.org>
Signed-off-by: Brijesh Singh <brijesh.singh-5C7GfCeVMHo@public.gmane.org>
Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit-5C7GfCeVMHo@public.gmane.org>
---
 drivers/iommu/amd_iommu.c | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/drivers/iommu/amd_iommu.c b/drivers/iommu/amd_iommu.c
index 87ba23a75b38..6cd4a00036c1 100644
--- a/drivers/iommu/amd_iommu.c
+++ b/drivers/iommu/amd_iommu.c
@@ -1991,16 +1991,13 @@ static void do_attach(struct iommu_dev_data *dev_data,
 
 static void do_detach(struct iommu_dev_data *dev_data)
 {
+	struct protection_domain *domain = dev_data->domain;
 	struct amd_iommu *iommu;
 	u16 alias;
 
 	iommu = amd_iommu_rlookup_table[dev_data->devid];
 	alias = dev_data->alias;
 
-	/* decrease reference counters */
-	dev_data->domain->dev_iommu[iommu->index] -= 1;
-	dev_data->domain->dev_cnt                 -= 1;
-
 	/* Update data structures */
 	dev_data->domain = NULL;
 	list_del(&dev_data->list);
@@ -2010,6 +2007,16 @@ static void do_detach(struct iommu_dev_data *dev_data)
 
 	/* Flush the DTE entry */
 	device_flush_dte(dev_data);
+
+	/* Flush IOTLB */
+	domain_flush_tlb_pde(domain);
+
+	/* Wait for the flushes to finish */
+	domain_flush_complete(domain);
+
+	/* decrease reference counters - needs to happen after the flushes */
+	domain->dev_iommu[iommu->index] -= 1;
+	domain->dev_cnt                 -= 1;
 }
 
 /*
-- 
2.17.1

^ permalink raw reply related	[flat|nested] 5+ messages in thread
* Re: [PATCH v3] iommu: amd: Fix IOMMU page flush when detach device from a domain
  2019-01-24  4:16 ` Suthikulpanit, Suravee
  (?)
@ 2019-01-24 14:11 ` joro
  2019-01-24 14:17   ` Suthikulpanit, Suravee
  -1 siblings, 1 reply; 5+ messages in thread
From: joro @ 2019-01-24 14:11 UTC (permalink / raw)
  To: Suthikulpanit, Suravee
  Cc: linux-kernel, iommu, Boris Ostrovsky, Singh, Brijesh

On Thu, Jan 24, 2019 at 04:16:45AM +0000, Suthikulpanit, Suravee wrote:
>  drivers/iommu/amd_iommu.c | 15 +++++++++++----
>  1 file changed, 11 insertions(+), 4 deletions(-)

Applied, thanks Suravee.

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [PATCH v3] iommu: amd: Fix IOMMU page flush when detach device from a domain
  2019-01-24 14:11 ` joro
@ 2019-01-24 14:17   ` Suthikulpanit, Suravee
  2019-01-24 14:19     ` joro
  0 siblings, 1 reply; 5+ messages in thread
From: Suthikulpanit, Suravee @ 2019-01-24 14:17 UTC (permalink / raw)
  To: joro; +Cc: linux-kernel, iommu, Boris Ostrovsky, Singh, Brijesh

Joerg,

On 1/24/19 9:11 PM, joro@8bytes.org wrote:
> On Thu, Jan 24, 2019 at 04:16:45AM +0000, Suthikulpanit, Suravee wrote:
>>   drivers/iommu/amd_iommu.c | 15 +++++++++++----
>>   1 file changed, 11 insertions(+), 4 deletions(-)
> 
> Applied, thanks Suravee.
> 

Thanks. Also, should this also back-ported to stable tree as well?

Suravee

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [PATCH v3] iommu: amd: Fix IOMMU page flush when detach device from a domain
  2019-01-24 14:17   ` Suthikulpanit, Suravee
@ 2019-01-24 14:19     ` joro
  0 siblings, 0 replies; 5+ messages in thread
From: joro @ 2019-01-24 14:19 UTC (permalink / raw)
  To: Suthikulpanit, Suravee
  Cc: linux-kernel, iommu, Boris Ostrovsky, Singh, Brijesh

On Thu, Jan 24, 2019 at 02:17:34PM +0000, Suthikulpanit, Suravee wrote:
> On 1/24/19 9:11 PM, joro@8bytes.org wrote:
> > On Thu, Jan 24, 2019 at 04:16:45AM +0000, Suthikulpanit, Suravee wrote:
> >>   drivers/iommu/amd_iommu.c | 15 +++++++++++----
> >>   1 file changed, 11 insertions(+), 4 deletions(-)
> > 
> > Applied, thanks Suravee.
> > 
> 
> Thanks. Also, should this also back-ported to stable tree as well?

I added a Fixes tag, so stable should pick it up.


	Joerg

^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2019-01-24 14:20 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-01-24  4:16 [PATCH v3] iommu: amd: Fix IOMMU page flush when detach device from a domain Suthikulpanit, Suravee
2019-01-24  4:16 ` Suthikulpanit, Suravee
2019-01-24 14:11 ` joro
2019-01-24 14:17   ` Suthikulpanit, Suravee
2019-01-24 14:19     ` joro

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.