[0/4] Fix splats releated to using the iommu_group after destroying devices

Message ID	0-v1-ef00ffecea52+2cb-iommu_group_lifetime_jgg@nvidia.com (mailing list archive)
Headers	show Return-Path: <kvm-owner@kernel.org> From: Jason Gunthorpe <jgg@nvidia.com> To: Alex Williamson <alex.williamson@redhat.com>, Cornelia Huck <cohuck@redhat.com>, iommu@lists.linux.dev, Joerg Roedel <joro@8bytes.org>, kvm@vger.kernel.org, Will Deacon <will@kernel.org> Cc: Qian Cai <cai@lca.pw>, Joerg Roedel <jroedel@suse.de>, Marek Szyprowski <m.szyprowski@samsung.com>, Matthew Rosato <mjrosato@linux.ibm.com>, Robin Murphy <robin.murphy@arm.com> Subject: [PATCH 0/4] Fix splats releated to using the iommu_group after destroying devices Date: Thu, 8 Sep 2022 15:44:57 -0300 Message-Id: <0-v1-ef00ffecea52+2cb-iommu_group_lifetime_jgg@nvidia.com> Content-Transfer-Encoding: 8bit Content-Type: text/plain MIME-Version: 1.0 Precedence: bulk
Series	Fix splats releated to using the iommu_group after destroying devices \| expand [0/4] Fix splats releated to using the iommu_group after destroying devices [1/4] vfio: Simplify vfio_create_group() [2/4] vfio: Move the sanity check of the group to vfio_create_group() [3/4] vfio: Follow a strict lifetime for struct iommu_group * [4/4] iommu: Fix ordering of iommu_release_device()

Message ID

0-v1-ef00ffecea52+2cb-iommu_group_lifetime_jgg@nvidia.com (mailing list archive)

Headers

From: Jason Gunthorpe <jgg@nvidia.com>
To: Alex Williamson <alex.williamson@redhat.com>,
        Cornelia Huck <cohuck@redhat.com>, iommu@lists.linux.dev,
        Joerg Roedel <joro@8bytes.org>, kvm@vger.kernel.org,
        Will Deacon <will@kernel.org>
Cc: Qian Cai <cai@lca.pw>, Joerg Roedel <jroedel@suse.de>,
        Marek Szyprowski <m.szyprowski@samsung.com>,
        Matthew Rosato <mjrosato@linux.ibm.com>,
        Robin Murphy <robin.murphy@arm.com>
Subject: [PATCH 0/4] Fix splats releated to using the iommu_group after
 destroying devices
Date: Thu,  8 Sep 2022 15:44:57 -0300
Message-Id: <0-v1-ef00ffecea52+2cb-iommu_group_lifetime_jgg@nvidia.com>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
MIME-Version: 1.0
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
 +bK+wqTn5cPNExHv3dlGa3eRH8PW7MshM2KLbMb5B2AF1ifqTSzyJPVmO9ruFt7bZSTx9YNSCA0vR7NtKQfhjoAKP4ybQO1S+ptV69RhY+/HYsHeCulWqgAnW+O/J8bfFLpoIOSf+vAzd6s0Jl3t1f2BlaGIgwX/WuMLjoSZLxWhRblNRe75bRDvwBXGqi7G046bjC8AitOsu3czzzW2eEkcx3CEfe/N08261R41IHt9HBdxBirO/VPb+SF3NPbu6lGJvXpgNYica2o5yj5CKzOPApjak9VykvXVBBEylpmaXp4bA6KyWL8ZZnwfMfehF0IOvttG4l2eWgeS9JMBLVLR0ps0NCerEtZ7p9PPYzC79wtVzuukx5Bk6BYSFRaTIzpATI2y5R7f4K9EC2KPFlaPpk6aJ+yTyxLnfqNY9NvvyHhzoCUm0w0WOUsSC67izuYs2wUu+Y99gfRqQ2iBi2yYtniu1HBC7t0JB23Y4h1ceC1y94y5gaXsJCbIFxOLKt5jMtRLbu5lveeKCwvuiQPHLdAO4Ec7+72/WIswxYy/aAIYRGI5jO4PuJjpC58AY0CdGPE7zzZWOeLyN/IsMVYkii7k776vVJishGLX1OPYCLIPYgWwWdVrpj1TUzmF+IXJaH7bNdw8nWh8aN5fwPr2MZWz2ADZjK06QD9JbNmrwEK+MffeeTPipeRoF28+m1H/zI75mj2kHJrG3pnKEvupBQMbKhLB94nLrZm9G0ekE6LLx/pItZmz14rfDVbgfAOb9PRUVmYilCISWdyenZwM2wwbVa38Nvkzmtu4yeaItlccTSPveqbWkGizuKvOKf1VSEdbNispRQI6V7FJZn+7kEJVhRdMJTJPShz9elHEqU3xW5vofDowkp0iGZohodcVW0GOVsIbpUOo1TwiaQtuZyLzOqldl0goP1tTAoGS2PmfyDo/3GNAYKWYmfNayfhDIANWeydO3NP+bsVbgxeMubPPithZa2uZh90Lh6mVfP9XUlueBT++G08g2WzOxE6rvxKOIr/9Kn1psVLQPMCoPfXDLNlJ8GDAuv9Kob0/zN8XeUp4wEtEJAuu7vCZYVWCb90VbcLjwgnHMGarFrxmgXa4sdinJJ3HLEaCZWWbhXdkCoBZz4r6G/ug1jdpS/zI63NZN5FVcB8rKKWs1VBGwkxtP/HTCueEh2Gjif3zMezQM/sJYLn2GVBmcoU68tmkfzspE0f8RxbYUq1oUQYB2whdm+Qzzf3w7o9YY319Wg2kvR3v9dZsBkfueC1VtrURRQMS7bBrZY9tg3z0dEHvE4wSyzw2Z1ky5KiMyCyuNpx7hNwwMwTFln3REOfyePWj9oU3xlTHFlRjH1GnqdoPrHtZN0Y+a1v5807Gt4ooRb600LEUEZDNj2ACeN4oN7P8JfxpjqjhbHJXi4cRJSyrNI1fS5u8mKAiHNkEsDDN3zOK4eWKVev/QdxFufFPe/LShaQOFO76R80oOiNnH/yI7NBpACCnvRrDiaiEyALjYZ70FdrutyprLtiKrB4MllJ8Lp/+Y5nSNyp5k4tXybpWL5l2ghTrqSi2gl1ZVj/z3YSsT/n8438P6WsfIdEZ
X-OriginatorOrg: Nvidia.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 294d8d09-bf07-46fa-c29f-08da91ca3da5
X-MS-Exchange-CrossTenant-AuthSource: MN2PR12MB4192.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 Sep 2022 18:45:03.1447
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 ZHh2YIhfimWXMkrChFlk8qLACUMxHx2sKN1/DPvihdnBlB0mYPf/Pdi1yU9fM6lQ
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY5PR12MB6429
Precedence: bulk
List-ID: <kvm.vger.kernel.org>
X-Mailing-List: kvm@vger.kernel.org

Series

Fix splats releated to using the iommu_group after destroying devices | expand

Message

Jason Gunthorpe Sept. 8, 2022, 6:44 p.m. UTC

The basic issue is that the iommu_group is being used by VFIO after all
the device drivers have been removed.

In part this is caused by bad logic inside the iommu core that doesn't
sequence removing the device from the group properly, and in another part
this is bad logic in VFIO continuing to use device->iommu_group after all
VFIO device drivers have been removed.

Fix both situations. Either fix alone should fix the bug reported, but
both together bring a nice robust design to this area.

This is a followup from this thread:

https://lore.kernel.org/kvm/20220831201236.77595-1-mjrosato@linux.ibm.com/

Matthew confirmed an earlier version of the series solved the issue, it
would be best if he would test this as well to confirm the various changes
are still OK.

The iommu patch is independent of the other patches, it can go through the
iommu rc tree.

Jason Gunthorpe (4):
  vfio: Simplify vfio_create_group()
  vfio: Move the sanity check of the group to vfio_create_group()
  vfio: Follow a strict lifetime for struct iommu_group *
  iommu: Fix ordering of iommu_release_device()

 drivers/iommu/iommu.c    |  36 ++++++--
 drivers/vfio/vfio_main.c | 172 +++++++++++++++++++++------------------
 2 files changed, 120 insertions(+), 88 deletions(-)


base-commit: 245898eb9275ce31942cff95d0bdc7412ad3d589

Comments

Matthew Rosato Sept. 9, 2022, 12:49 p.m. UTC | #1

On 9/8/22 2:44 PM, Jason Gunthorpe wrote:
> The basic issue is that the iommu_group is being used by VFIO after all
> the device drivers have been removed.
> 
> In part this is caused by bad logic inside the iommu core that doesn't
> sequence removing the device from the group properly, and in another part
> this is bad logic in VFIO continuing to use device->iommu_group after all
> VFIO device drivers have been removed.
> 
> Fix both situations. Either fix alone should fix the bug reported, but
> both together bring a nice robust design to this area.
> 
> This is a followup from this thread:
> 
> https://lore.kernel.org/kvm/20220831201236.77595-1-mjrosato@linux.ibm.com/
> 
> Matthew confirmed an earlier version of the series solved the issue, it
> would be best if he would test this as well to confirm the various changes
> are still OK.

FYI I've been running this series (+ the incremental to patch 4 you mentioned) against my original repro scenario in a loop overnight, looks good.

> 
> The iommu patch is independent of the other patches, it can go through the
> iommu rc tree.
> 
> Jason Gunthorpe (4):
>   vfio: Simplify vfio_create_group()
>   vfio: Move the sanity check of the group to vfio_create_group()
>   vfio: Follow a strict lifetime for struct iommu_group *
>   iommu: Fix ordering of iommu_release_device()
> 
>  drivers/iommu/iommu.c    |  36 ++++++--
>  drivers/vfio/vfio_main.c | 172 +++++++++++++++++++++------------------
>  2 files changed, 120 insertions(+), 88 deletions(-)
> 
> 
> base-commit: 245898eb9275ce31942cff95d0bdc7412ad3d589

Jason Gunthorpe Sept. 9, 2022, 4:24 p.m. UTC | #2

On Fri, Sep 09, 2022 at 08:49:40AM -0400, Matthew Rosato wrote:
> On 9/8/22 2:44 PM, Jason Gunthorpe wrote:
> > The basic issue is that the iommu_group is being used by VFIO after all
> > the device drivers have been removed.
> > 
> > In part this is caused by bad logic inside the iommu core that doesn't
> > sequence removing the device from the group properly, and in another part
> > this is bad logic in VFIO continuing to use device->iommu_group after all
> > VFIO device drivers have been removed.
> > 
> > Fix both situations. Either fix alone should fix the bug reported, but
> > both together bring a nice robust design to this area.
> > 
> > This is a followup from this thread:
> > 
> > https://lore.kernel.org/kvm/20220831201236.77595-1-mjrosato@linux.ibm.com/
> > 
> > Matthew confirmed an earlier version of the series solved the issue, it
> > would be best if he would test this as well to confirm the various changes
> > are still OK.
> 
> FYI I've been running this series (+ the incremental to patch 4 you
> mentioned) against my original repro scenario in a loop overnight,
> looks good.

Thanks Matthew, looks like we need some more time on the last patch
but I think the VFIO ones are OK if Alex wants to pick them before LPC
is over.

Jason