[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH RFC] pci/ats: do not allow broken devices to be assigned


  • To: Roger Pau Monne <roger.pau@xxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Thu, 24 Feb 2022 13:58:31 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=WjpLk9EzMqLrv4I7VyEkS5pYbehDb2Yx0JN2Qh2mtOE=; b=aeyy1zzz9RXwMafXCzCEgCQjwQwSk944m/ELUnMRI6nTCfhGVWtWKwZck6YgE2fp0W9KPxwQRgZG95EkALk/6gt3hIhx1lZ87NhB57KpdXue59wsBBNDjS6HfqGB4WR0KPlBZm/Hij9vOCTtSLYXBASrVcLKQglEd9nGrtwnziAt554x8a9TaSqBVkzJHrriZ2m27AIy+yybS4lPoDZcAnaW6y4todWVZdbIwU9htl0LjzLQmFnSd4SwB4i73nTd8NS1XHRzSon/3E7q8hKUho3f7MxqqV1ezTDD52AMk3bRW72ssaBjumkom+BYs6COUDV5M6jtF6ZDCG+G3acFMg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Le5O/5UmblZxSPYVtcrgtGk4kr0AITyou8ND4rLE0wIKMfqg4UKY+lq2hS5rk2bdCcdJkoy80wQLqdVRsJ9p356eEsO4rTC9173XtTGXfnldE2aPClHBKU/6iTsxQj5kIuQd0EAUMoayqR/7nN2VIKCiFRDslzJpld/uxXymuooO982DmX/CiBc7szT6a4SDbK3W3laSuN2yRG/G7vW9OdIo/iMVqbPa4iirWVg7FosxzIAZ+2PPgXPUZqSdwmR3w/RcX5+RmYycjn4+7qotZ+YDwiLbSWobgjKKKl4MsW2Si8vFS9/xPPVglVEe1Xy5gE+wm/eSvhXYNCqOA/mbsQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Paul Durrant <paul@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Kevin Tian <kevin.tian@xxxxxxxxx>, Oleksandr Andrushchenko <andr2000@xxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • Delivery-date: Thu, 24 Feb 2022 12:58:44 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 24.02.2022 13:43, Roger Pau Monne wrote:
> Introduce a new field to mark devices as broken: having it set
> prevents the device from being assigned to domains. Use the field in
> order to mark ATS devices that have failed a flush as broken, thus
> preventing them to be assigned to any guest.
> 
> This allows the device IOMMU context entry to be cleaned up properly,
> as calling _pci_hide_device will just change the ownership of the
> device, but the IOMMU context entry of the device would be left as-is.
> It would also leak a Domain ID, as removing the device from it's
> previous owner will allow releasing the DID used by the device without
> having cleaned up the context entry.
> 
> Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>
> ---
> RFC: I haven't tested the code path, as I have no ATS devices on the
> box I'm currently testing on. In any case, ATS is not supported, and
> removing the call to _pci_hide_device in iommu_dev_iotlb_flush_timeout
> should allow to remove the dependency on recursive pcidevs lock.

No objection in principle. Whether this is the only dependency on
recursive pcidevs lock isn't really know though, is it?

> TBD: it's unclear whether we still need the pcidevs_lock in
> iommu_dev_iotlb_flush_timeout. The caller of
> iommu_dev_iotlb_flush_timeout is already bogus as it iterates over a
> list of pdevs without holding the pcidevs_lock.

Analysis of whether / where recursive uses are needed should imo
include cases where the lock ought to be held, but currently isn't
(like apparently this case).

> @@ -1487,6 +1487,11 @@ static int assign_device(struct domain *d, u16 seg, u8 
> bus, u8 devfn, u32 flag)
>      ASSERT(pdev && (pdev->domain == hardware_domain ||
>                      pdev->domain == dom_io));
>  
> +    /* Do not allow broken devices to be assigned. */
> +    rc = -EBADF;
> +    if ( pdev->broken )
> +        goto done;

I think this wants exceptions for Dom0 and DomIO. An admin may be
able to fix things in Dom0, e.g. by updating device firmware.

Jan




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.