Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S932090AbbFHHvz (ORCPT <rfc822;w@1wt.eu>);
	Mon, 8 Jun 2015 03:51:55 -0400
Received: from mail-wi0-f171.google.com ([209.85.212.171]:35238 "EHLO
	mail-wi0-f171.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752315AbbFHHve (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Mon, 8 Jun 2015 03:51:34 -0400
Message-ID: <55754974.1020207@linaro.org>
Date: Mon, 08 Jun 2015 09:51:16 +0200
From: Eric Auger <eric.auger@linaro.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: Scott Wood <scottwood@freescale.com>, Rob Herring <robherring2@gmail.com>
CC: eric.auger@st.com,
        "linux-arm-kernel@lists.infradead.org" 
	<linux-arm-kernel@lists.infradead.org>,
        alex.williamson@redhat.com, b.reynal@virtualopensystems.com,
        Alexander Graf <agraf@suse.de>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        Christoffer Dall <christoffer.dall@linaro.org>,
        Linaro Patches <patches@linaro.org>
Subject: Re: [PATCH v2 0/4] VFIO platform reset
References: <1433516792-16397-1-git-send-email-eric.auger@linaro.org>	 <CAL_JsqK4dm_Kmoys6+qxJrwFpo0K3gatVQxZiNPoWCduQKqj8w@mail.gmail.com> <1433538892.2477.24.camel@freescale.com>
In-Reply-To: <1433538892.2477.24.camel@freescale.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 2366
Lines: 63

Hi Rob, Scott,
On 06/05/2015 11:14 PM, Scott Wood wrote:
> On Fri, 2015-06-05 at 13:05 -0500, Rob Herring wrote:
>> On Fri, Jun 5, 2015 at 10:06 AM, Eric Auger <eric.auger@linaro.org> 
>> wrote:
>>> In situations where the userspace driver is stopped abnormally and 
>>> the
>>> VFIO platform device is released, the assigned HW device currently 
>>> is
>>> left running. As a consequence the HW device might continue 
>>> issuing IRQs
>>> and performing DMA accesses.
>>>
>>> On release, no physical IRQ handler is setup anymore. Also the DMA 
>>> buffers
>>> are unmapped leading to IOMMU aborts. So there is no serious 
>>> consequence.
>>>
>>> However when assigning that HW device again to another userspace 
>>> driver,
>>> this latter might face some unexpected IRQs and DMA accesses, 
>>> which are
>>> the result of the previous assignment.
>>
>> In general, shouldn't it just be a requirement that the drivers 
>> handle
>> this condition. You have the same problem with firmware/bootloaders
>> leaving h/w not in reset state or kexec'ing to a new kernel.
> 
> It's not the same situation.  Firmware may leave HW in a non-reset 
> state but it must not leave the HW doing DMA; there's nothing the OS 
> could do about that as the OS could get corrupted before the driver 
> has a chance to run (this is not fun to debug).  Leaving interrupts 
> potentially asserted would be bad as well, especially if the interrupt 
> is shared.
> 
> Likewise, with normal kexec drivers are supposed to quiesce the 
> hardware first -- and with kdump, the affected DMA buffers are never 
> reused.
> 
> In order for the driver to handle this, it would need to reset/quiesce 
> the device itself before enabling an IOMMU mapping.  How would that 
> work for virtualization scenarios where the guest does not see any 
> IOMMU, and all vfio mappings are handled by QEMU or equivalent?

This is also my understanding. In a KVM virtualization use case, the
guest potentially could be corrupted by previously set DMA accesses
before getting the chance to stop DMA/IRQs.

Thanks for your interest.

Best Regards

Eric
> 
> -Scott
> 

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/