mbox series

[0/5] iommu: Define EINVAL as device/domain incompatibility

Message ID 20220913082448.31120-1-nicolinc@nvidia.com
Headers show
Series iommu: Define EINVAL as device/domain incompatibility | expand

Message

Nicolin Chen Sept. 13, 2022, 8:24 a.m. UTC 
This series is to replace the previous EMEDIUMTYPE patch in a VFIO series:
https://lore.kernel.org/kvm/Yxnt9uQTmbqul5lf@8bytes.org/

The purpose is to regulate all existing ->attach_dev callback functions to
use EINVAL exclusively for an incompatibility error between a device and a
domain. This allows VFIO and IOMMUFD to detect such a soft error, and then
try a different domain with the same device.

Among the five patches, the first two are preparatory changes. And then a
patch to update kdocs and another two patches for the enforcement efforts.

Although it might be ideal to merge the previous VFIO series together with
this series, given the number of new changes, the review in the IOMMU list
might need a couple of rounds to finalize. Also, considering that v6.0 is
at rc5 now, perhaps we could merge this IOMMU series and the VFIO one in
different cycles to avoid merge conflicts. If there's less concern for it,
I can respin the finalized version of this series with the previous VFIO
one to merge together into the VFIO tree.

This series is also available on Github:
https://github.com/nicolinc/iommufd/commits/iommu_attach_dev

Thanks!

Nicolin Chen (5):
  iommu/msm: Add missing __disable_clocks calls
  iommu/amd: Drop unnecessary checks in amd_iommu_attach_device()
  iommu: Add return errno rules to ->attach_dev ops
  iommu: Regulate errno in ->attach_dev callback functions
  iommu: Use EINVAL for incompatible device/domain in ->attach_dev

 drivers/iommu/amd/iommu.c                   | 12 ++----------
 drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c | 13 ++-----------
 drivers/iommu/arm/arm-smmu/arm-smmu.c       |  7 ++-----
 drivers/iommu/arm/arm-smmu/qcom_iommu.c     |  9 ++-------
 drivers/iommu/fsl_pamu.c                    |  6 +++---
 drivers/iommu/fsl_pamu_domain.c             |  4 ++--
 drivers/iommu/intel/iommu.c                 | 10 +++-------
 drivers/iommu/intel/pasid.c                 |  2 +-
 drivers/iommu/ipmmu-vmsa.c                  |  4 +---
 drivers/iommu/msm_iommu.c                   |  2 ++
 drivers/iommu/mtk_iommu.c                   |  9 ++++++---
 drivers/iommu/omap-iommu.c                  |  6 +++---
 drivers/iommu/rockchip-iommu.c              |  4 +++-
 drivers/iommu/sprd-iommu.c                  |  4 +---
 drivers/iommu/tegra-gart.c                  |  2 +-
 drivers/iommu/tegra-smmu.c                  |  2 +-
 drivers/iommu/virtio-iommu.c                |  6 +++---
 include/linux/iommu.h                       | 11 +++++++++++
 18 files changed, 49 insertions(+), 64 deletions(-)

Comments

Jeff Johnson Sept. 13, 2022, 6:41 p.m. UTC | #1 
On 9/13/2022 1:24 AM, Nicolin Chen wrote:
> Cases like VFIO wish to attach a device to an existing domain that was
> not allocated specifically from the device. This raises a condition
> where the IOMMU driver can fail the domain attach because the domain and
> device are incompatible with each other.
> 
> This is a soft failure that can be resolved by using a different domain.
> 
> Provide a dedicated errno EINVAL from the IOMMU driver during attach that
> the reason attached failed is because of domain incompatability.
> 
> VFIO can use this to know attach is a soft failure and it should continue
> searching. Otherwise the attach will be a hard failure and VFIO will
> return the code to userspace.
> 
> Update kdocs first to add rules of return errno to ->attach_dev ops.
> 
> Suggested-by: Jason Gunthorpe <jgg@nvidia.com>
> Signed-off-by: Nicolin Chen <nicolinc@nvidia.com>
> ---
>   include/linux/iommu.h | 11 +++++++++++
>   1 file changed, 11 insertions(+)
> 
> diff --git a/include/linux/iommu.h b/include/linux/iommu.h
> index ea30f00dc145..c5d7ec0187c7 100644
> --- a/include/linux/iommu.h
> +++ b/include/linux/iommu.h
> @@ -266,6 +266,17 @@ struct iommu_ops {
>   /**
>    * struct iommu_domain_ops - domain specific operations
>    * @attach_dev: attach an iommu domain to a device
> + *              Rules of its return errno:
> + *               EINVAL  - Exclusively, device and domain are incompatible. Must
> + *                         avoid kernel prints along with this errno. Any EINVAL
> + *                         returned from kAPIs must be converted to ENODEV if it
> + *                         is device-specific, or to some other reasonable errno
> + *                         being listed below
> + *               ENOMEM  - Out of memory
> + *               ENOSPC  - No space left on device
> + *               EBUSY   - Device is attached to a domain and cannot be changed
> + *               ENODEV  - Device specific errors, not able to be attached
> + *              <others> - Treated as ENODEV by the caller. Use is discouraged

It is my understanding that kernel-doc won't preserve your formatting 
without extra directives. See the "Note" after 
<https://www.kernel.org/doc/html/latest/doc-guide/kernel-doc.html#return-values>


>    * @detach_dev: detach an iommu domain from a device
>    * @map: map a physically contiguous memory region to an iommu domain
>    * @map_pages: map a physically contiguous set of pages of the same size to
Nicolin Chen Sept. 13, 2022, 8 p.m. UTC | #2 
Hi Jeff,

On Tue, Sep 13, 2022 at 11:41:35AM -0700, Jeff Johnson wrote:
> > diff --git a/include/linux/iommu.h b/include/linux/iommu.h
> > index ea30f00dc145..c5d7ec0187c7 100644
> > --- a/include/linux/iommu.h
> > +++ b/include/linux/iommu.h
> > @@ -266,6 +266,17 @@ struct iommu_ops {
> >   /**
> >    * struct iommu_domain_ops - domain specific operations
> >    * @attach_dev: attach an iommu domain to a device
> > + *              Rules of its return errno:
> > + *               EINVAL  - Exclusively, device and domain are incompatible. Must
> > + *                         avoid kernel prints along with this errno. Any EINVAL
> > + *                         returned from kAPIs must be converted to ENODEV if it
> > + *                         is device-specific, or to some other reasonable errno
> > + *                         being listed below
> > + *               ENOMEM  - Out of memory
> > + *               ENOSPC  - No space left on device
> > + *               EBUSY   - Device is attached to a domain and cannot be changed
> > + *               ENODEV  - Device specific errors, not able to be attached
> > + *              <others> - Treated as ENODEV by the caller. Use is discouraged
> 
> It is my understanding that kernel-doc won't preserve your formatting
> without extra directives. See the "Note" after
> <https://www.kernel.org/doc/html/latest/doc-guide/kernel-doc.html#return-values>

Thanks for the review!

Perhaps the following one would work:

diff --git a/include/linux/iommu.h b/include/linux/iommu.h
index ea30f00dc145..14f078b58e17 100644
--- a/include/linux/iommu.h
+++ b/include/linux/iommu.h
@@ -266,6 +266,17 @@ struct iommu_ops {
 /**
  * struct iommu_domain_ops - domain specific operations
  * @attach_dev: attach an iommu domain to a device
+ *  Return:
+ * * 0         - success
+ * * EINVAL    - Exclusively, device and domain are incompatible. Must avoid
+ *               kernel prints along with this errno. Any EINVAL returned from
+ *               a kAPI must be converted to ENODEV if it is device-specific,
+ *               or to some other reasonable errno being listed below
+ * * ENOMEM    - Out of memory
+ * * ENOSPC    - No space left on device
+ * * EBUSY     - Device is attached to a domain and cannot be changed
+ * * ENODEV    - Device specific errors, not able to be attached
+ * * <others>  - Treated as ENODEV by the caller. Use is discouraged
  * @detach_dev: detach an iommu domain from a device
  * @map: map a physically contiguous memory region to an iommu domain
  * @map_pages: map a physically contiguous set of pages of the same size to