From: Daniel Vetter <daniel.vetter@ffwll.ch>
To: DRI Development <dri-devel@lists.freedesktop.org>,
LKML <linux-kernel@vger.kernel.org>,
Stephen Rothwell <sfr@canb.auug.org.au>
Cc: "KVM list" <kvm@vger.kernel.org>, "Linux MM" <linux-mm@kvack.org>,
"Linux ARM" <linux-arm-kernel@lists.infradead.org>,
linux-samsung-soc <linux-samsung-soc@vger.kernel.org>,
"open list:DMA BUFFER SHARING FRAMEWORK"
<linux-media@vger.kernel.org>,
"Bjorn Helgaas" <bhelgaas@google.com>,
"Dan Williams" <dan.j.williams@intel.com>,
"Daniel Vetter" <daniel.vetter@intel.com>,
"Jason Gunthorpe" <jgg@ziepe.ca>,
"Kees Cook" <keescook@chromium.org>,
"Andrew Morton" <akpm@linux-foundation.org>,
"John Hubbard" <jhubbard@nvidia.com>,
"Jérôme Glisse" <jglisse@redhat.com>, "Jan Kara" <jack@suse.cz>,
"Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
"Linux PCI" <linux-pci@vger.kernel.org>
Subject: Re: [PATCH v7 12/17] PCI: Revoke mappings like devmem
Date: Tue, 19 Jan 2021 09:17:55 +0100 [thread overview]
Message-ID: <CAKMK7uGrdDrbtj0OyzqQc0CGrQwc2F3tFJU9vLfm2jjufAZ5YQ@mail.gmail.com> (raw)
In-Reply-To: <20201127164131.2244124-13-daniel.vetter@ffwll.ch>
On Fri, Nov 27, 2020 at 5:42 PM Daniel Vetter <daniel.vetter@ffwll.ch> wrote:
>
> Since 3234ac664a87 ("/dev/mem: Revoke mappings when a driver claims
> the region") /dev/kmem zaps ptes when the kernel requests exclusive
> acccess to an iomem region. And with CONFIG_IO_STRICT_DEVMEM, this is
> the default for all driver uses.
>
> Except there's two more ways to access PCI BARs: sysfs and proc mmap
> support. Let's plug that hole.
>
> For revoke_devmem() to work we need to link our vma into the same
> address_space, with consistent vma->vm_pgoff. ->pgoff is already
> adjusted, because that's how (io_)remap_pfn_range works, but for the
> mapping we need to adjust vma->vm_file->f_mapping. The cleanest way is
> to adjust this at at ->open time:
>
> - for sysfs this is easy, now that binary attributes support this. We
> just set bin_attr->mapping when mmap is supported
> - for procfs it's a bit more tricky, since procfs pci access has only
> one file per device, and access to a specific resources first needs
> to be set up with some ioctl calls. But mmap is only supported for
> the same resources as sysfs exposes with mmap support, and otherwise
> rejected, so we can set the mapping unconditionally at open time
> without harm.
>
> A special consideration is for arch_can_pci_mmap_io() - we need to
> make sure that the ->f_mapping doesn't alias between ioport and iomem
> space. There's only 2 ways in-tree to support mmap of ioports: generic
> pci mmap (ARCH_GENERIC_PCI_MMAP_RESOURCE), and sparc as the single
> architecture hand-rolling. Both approach support ioport mmap through a
> special pfn range and not through magic pte attributes. Aliasing is
> therefore not a problem.
>
> The only difference in access checks left is that sysfs PCI mmap does
> not check for CAP_RAWIO. I'm not really sure whether that should be
> added or not.
>
> Acked-by: Bjorn Helgaas <bhelgaas@google.com>
> Reviewed-by: Dan Williams <dan.j.williams@intel.com>
> Signed-off-by: Daniel Vetter <daniel.vetter@intel.com>
> Cc: Jason Gunthorpe <jgg@ziepe.ca>
> Cc: Kees Cook <keescook@chromium.org>
> Cc: Dan Williams <dan.j.williams@intel.com>
> Cc: Andrew Morton <akpm@linux-foundation.org>
> Cc: John Hubbard <jhubbard@nvidia.com>
> Cc: Jérôme Glisse <jglisse@redhat.com>
> Cc: Jan Kara <jack@suse.cz>
> Cc: Dan Williams <dan.j.williams@intel.com>
> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> Cc: linux-mm@kvack.org
> Cc: linux-arm-kernel@lists.infradead.org
> Cc: linux-samsung-soc@vger.kernel.org
> Cc: linux-media@vger.kernel.org
> Cc: Bjorn Helgaas <bhelgaas@google.com>
> Cc: linux-pci@vger.kernel.org
> Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
> --
> v2:
> - Totally new approach: Adjust filp->f_mapping at open time. Note that
> this now works on all architectures, not just those support
> ARCH_GENERIC_PCI_MMAP_RESOURCE
> ---
> drivers/pci/pci-sysfs.c | 4 ++++
> drivers/pci/proc.c | 1 +
> 2 files changed, 5 insertions(+)
>
> diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c
> index d15c881e2e7e..3f1c31bc0b7c 100644
> --- a/drivers/pci/pci-sysfs.c
> +++ b/drivers/pci/pci-sysfs.c
> @@ -929,6 +929,7 @@ void pci_create_legacy_files(struct pci_bus *b)
> b->legacy_io->read = pci_read_legacy_io;
> b->legacy_io->write = pci_write_legacy_io;
> b->legacy_io->mmap = pci_mmap_legacy_io;
> + b->legacy_io->mapping = iomem_get_mapping();
> pci_adjust_legacy_attr(b, pci_mmap_io);
> error = device_create_bin_file(&b->dev, b->legacy_io);
> if (error)
> @@ -941,6 +942,7 @@ void pci_create_legacy_files(struct pci_bus *b)
> b->legacy_mem->size = 1024*1024;
> b->legacy_mem->attr.mode = 0600;
> b->legacy_mem->mmap = pci_mmap_legacy_mem;
> + b->legacy_io->mapping = iomem_get_mapping();
Unlike the normal pci stuff below, the legacy files here go boom
because they're set up much earlier in the boot sequence. This only
affects HAVE_PCI_LEGACY architectures, which aren't that many. So what
should we do here now:
- drop the devmem revoke for these
- rework the init sequence somehow to set up these files a lot later
- redo the sysfs patch so that it doesn't take an address_space
pointer, but instead a callback to get at that (since at open time
everything is set up). Imo rather ugly
- ditch this part of the series (since there's not really any takers
for the latter parts it might just not make sense to push for this)
- something else?
Bjorn, Greg, thoughts?
Issuge got reported by Stephen on a powerpc when trying to build
linux-next with this patch included.
Thanks, Daniel
> pci_adjust_legacy_attr(b, pci_mmap_mem);
> error = device_create_bin_file(&b->dev, b->legacy_mem);
> if (error)
> @@ -1156,6 +1158,8 @@ static int pci_create_attr(struct pci_dev *pdev, int num, int write_combine)
> res_attr->mmap = pci_mmap_resource_uc;
> }
> }
> + if (res_attr->mmap)
> + res_attr->mapping = iomem_get_mapping();
> res_attr->attr.name = res_attr_name;
> res_attr->attr.mode = 0600;
> res_attr->size = pci_resource_len(pdev, num);
> diff --git a/drivers/pci/proc.c b/drivers/pci/proc.c
> index 3a2f90beb4cb..9bab07302bbf 100644
> --- a/drivers/pci/proc.c
> +++ b/drivers/pci/proc.c
> @@ -298,6 +298,7 @@ static int proc_bus_pci_open(struct inode *inode, struct file *file)
> fpriv->write_combine = 0;
>
> file->private_data = fpriv;
> + file->f_mapping = iomem_get_mapping();
>
> return 0;
> }
> --
> 2.29.2
>
--
Daniel Vetter
Software Engineer, Intel Corporation
http://blog.ffwll.ch
next prev parent reply other threads:[~2021-01-19 8:19 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-27 16:41 [PATCH v7 00/17] follow_pfn and other iomap races Daniel Vetter
2020-11-27 16:41 ` [PATCH v7 01/17] drm/exynos: Stop using frame_vector helpers Daniel Vetter
2020-11-27 16:41 ` [PATCH v7 02/17] drm/exynos: Use FOLL_LONGTERM for g2d cmdlists Daniel Vetter
2020-11-27 16:41 ` [PATCH v7 03/17] misc/habana: Stop using frame_vector helpers Daniel Vetter
2020-11-27 16:41 ` [PATCH v7 04/17] misc/habana: Use FOLL_LONGTERM for userptr Daniel Vetter
2020-11-27 16:41 ` [PATCH v7 05/17] mm/frame-vector: Use FOLL_LONGTERM Daniel Vetter
2020-11-27 16:41 ` [PATCH v7 06/17] media: videobuf2: Move frame_vector into media subsystem Daniel Vetter
2020-11-27 16:41 ` [PATCH v7 07/17] mm: Close race in generic_access_phys Daniel Vetter
2020-11-27 16:41 ` [PATCH v7 08/17] PCI: Obey iomem restrictions for procfs mmap Daniel Vetter
2020-11-27 16:41 ` [PATCH v7 09/17] /dev/mem: Only set filp->f_mapping Daniel Vetter
2020-11-27 16:41 ` [PATCH v7 10/17] resource: Move devmem revoke code to resource framework Daniel Vetter
2020-11-27 16:41 ` [PATCH v7 11/17] sysfs: Support zapping of binary attr mmaps Daniel Vetter
2020-11-27 16:41 ` [PATCH v7 12/17] PCI: Revoke mappings like devmem Daniel Vetter
2021-01-19 8:17 ` Daniel Vetter [this message]
2021-01-19 14:32 ` Greg Kroah-Hartman
2021-01-19 14:34 ` Daniel Vetter
2021-01-19 15:20 ` Greg Kroah-Hartman
2021-01-19 16:03 ` Daniel Vetter
2021-02-03 16:14 ` Daniel Vetter
2021-02-04 10:23 ` Daniel Vetter
2020-11-27 16:41 ` [PATCH v7 13/17] mm: Add unsafe_follow_pfn Daniel Vetter
2020-11-27 16:41 ` [PATCH v7 14/17] media/videobuf1|2: Mark follow_pfn usage as unsafe Daniel Vetter
2021-01-19 12:24 ` Hans Verkuil
2020-11-27 16:41 ` [PATCH v7 15/17] vfio/type1: Mark follow_pfn " Daniel Vetter
2020-11-27 16:41 ` [PATCH v7 16/17] kvm: pass kvm argument to follow_pfn callsites Daniel Vetter
2020-11-27 16:41 ` [PATCH v7 17/17] mm: add mmu_notifier argument to follow_pfn Daniel Vetter
2020-11-27 19:10 ` kernel test robot
2020-11-30 14:28 ` Daniel Vetter
2020-11-30 18:03 ` Nick Desaulniers
2021-01-12 13:24 ` [PATCH v7 00/17] follow_pfn and other iomap races Daniel Vetter
2021-01-12 13:28 ` Daniel Vetter
2021-01-12 20:57 ` Stephen Rothwell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAKMK7uGrdDrbtj0OyzqQc0CGrQwc2F3tFJU9vLfm2jjufAZ5YQ@mail.gmail.com \
--to=daniel.vetter@ffwll.ch \
--cc=akpm@linux-foundation.org \
--cc=bhelgaas@google.com \
--cc=dan.j.williams@intel.com \
--cc=daniel.vetter@intel.com \
--cc=dri-devel@lists.freedesktop.org \
--cc=gregkh@linuxfoundation.org \
--cc=jack@suse.cz \
--cc=jgg@ziepe.ca \
--cc=jglisse@redhat.com \
--cc=jhubbard@nvidia.com \
--cc=keescook@chromium.org \
--cc=kvm@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-media@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-pci@vger.kernel.org \
--cc=linux-samsung-soc@vger.kernel.org \
--cc=sfr@canb.auug.org.au \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).