Received: by 10.223.185.116 with SMTP id b49csp1874290wrg;
        Thu, 15 Feb 2018 03:05:18 -0800 (PST)
X-Google-Smtp-Source: AH8x226UbWQSUmk6+5sEKlU8CsfyUhFRXt9zcfeOT+YpGe41xDQ9aM/UDAeNzY1j3YzjTfPiVEgH
X-Received: by 2002:a17:902:b903:: with SMTP id bf3-v6mr1921170plb.316.1518692718792;
        Thu, 15 Feb 2018 03:05:18 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1518692718; cv=none;
        d=google.com; s=arc-20160816;
        b=irxJtDXMatGQ8Y/o/TTKSJemUIdSYVzTBgUo5YiY9UsAsMHgy6dDue511i97C/CLnb
         X579TNE/6wE+mYBzW+/5CwMYg0b1fL5hLjLOYRL5QeGlHnO2vV2hVZl/DWAG3Q+Fo/iO
         oHzs2zGlaz77jlYrw7yLOM5A3wCY5Wl2iEu/N4mroGmLNK5fySCtM7FDDM+CQw9V6+Tz
         A/VNJIcpQLJlF6pWy/oWKWzurt1pp4obZQB1Ub/HUoi+7bj5lK82m2sPdSm7vh2rie8N
         m8h4PldLm/hwXh4kkbj2nCQlWaGdPAYEFLDy8nz0Ejq3gfhCJ8xYswRdAozx7B4b+Kuy
         iJZQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:content-disposition
         :mime-version:message-id:subject:cc:to:from:date:dkim-signature
         :arc-authentication-results;
        bh=5+mk47nK5SrtgM9E3iF/Aw5zz3ysL52DiETA0JrzJlA=;
        b=HbTKm0tzVLnZZ19PlwKU0TnDBvTff3MMT2dKU8Btung/BzdizKi3Hnpm8dabdfaZl9
         oU9JQz7tApPYLjCYWu7uRmFRrsC5MIpTa++gu+xcLMUHK/7xVWpfFoTOH96hmKzA3Kxz
         apKECtt3szmHWItnyRW8qYuWduicKLM1eZOYT8uMTJQuH/ssQ7BpFJQOYQH5MK14dzIz
         p0XXkr/i+7XADnZLL0V754UyVNj33872Nre9CdxTytwBLyxNmgPJxGTPLqpKWBYZM3In
         s72Ef1SVquGMZn2thwAX2fqabG0AOTyfRzDrFncfHNKyMui20RoQYa/dhB3Fa2ZEaXQi
         1EOg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=qwkMPX2F;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 62si1377371pfh.204.2018.02.15.03.05.03;
        Thu, 15 Feb 2018 03:05:18 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=qwkMPX2F;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1755458AbeBOLEZ (ORCPT <rfc822;kkdevenda@gmail.com> + 99 others);
        Thu, 15 Feb 2018 06:04:25 -0500
Received: from mail-pl0-f65.google.com ([209.85.160.65]:36608 "EHLO
        mail-pl0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1755323AbeBOLEX (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 15 Feb 2018 06:04:23 -0500
Received: by mail-pl0-f65.google.com with SMTP id v3so10215166plg.3;
        Thu, 15 Feb 2018 03:04:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=date:from:to:cc:subject:message-id:mime-version:content-disposition
         :user-agent;
        bh=5+mk47nK5SrtgM9E3iF/Aw5zz3ysL52DiETA0JrzJlA=;
        b=qwkMPX2FME42FyXWNoQ4mJcgNzATpKA2R08ufuQm91VlWXMv+YcjOqmhgSx5KKe8d4
         UjuRrC0s0LxyBlbzrL4/rP81ffdZnEtSQFSifXKTC6NErM83BLCNzqDfRjeeOAyc+hfH
         L7z6EDpsjBIaKHJoIYIobRpiCGM5QmCHTaFoEUEpDlPA1+XSr3Vj6bJ23euIMiGk5VUt
         DtKYVQbbOEOJzvZq8y7WKSN52p+jcVFYMEw+wMYGhRddJUTC/kgTHGzCyepZvnQR0xnR
         b7cEeY9VLsA6+C7mJ+uobv783ShR6g2njvQa5VrM8nvM+z3XpWjHhfyZbMoPeTvzUovb
         hFbg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:mime-version
         :content-disposition:user-agent;
        bh=5+mk47nK5SrtgM9E3iF/Aw5zz3ysL52DiETA0JrzJlA=;
        b=McFjOKa+2VqCj+Dfb3YxMn759ryN7avQG4lyQnUhAWd7Nbh/m3Q07benjtTgNfl5E6
         TjefsyU0lcSN+taLYn0vzw8qIskKMIkUO4rmAkrxaZyjtXtqOjDklFFQk1PKbiWzoW9D
         S569pr60rfjRE3YEceuWrZmItwdeNxaU34Ipa2B2pG50mfZANBbmllRE4m2fbDdReYas
         //tS1i4ZguZiFTO9nlOsxyxBRyi7kWdlirSQ3rqJyRhirtpUVMM8BryiXTMavECnMtSB
         XlmKjpHPQ1s/6gKIooCUFsdxd0QKGEzRfir9Hk8OEC9DvHvOppIzQZ2MBzL2LzFlVzcM
         eYTA==
X-Gm-Message-State: APf1xPDI44fuowcyr+Gl+M90pE9LagmXPBzw7vCa1Gumw0hhHKrK7bE/
        Qb+3yrNNs6B4ofggwFibc0Y=
X-Received: by 2002:a17:902:2e03:: with SMTP id q3-v6mr2219075plb.362.1518692663307;
        Thu, 15 Feb 2018 03:04:23 -0800 (PST)
Received: from virtx40 ([111.93.218.67])
        by smtp.gmail.com with ESMTPSA id r78sm51333337pfj.1.2018.02.15.03.04.21
        (version=TLS1_2 cipher=AES128-SHA bits=128/128);
        Thu, 15 Feb 2018 03:04:22 -0800 (PST)
Date:   Thu, 15 Feb 2018 16:34:06 +0530
From:   Linu Cherian <linuc.decode@gmail.com>
To:     alex.williamson@redhat.com
Cc:     kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
        linu.cherian@cavium.com, Sunil.Goutham@cavium.com
Subject: Handling active DMA during a VFIO application crash
Message-ID: <20180215110406.GA15219@virtx40>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Hi,

Was exploring the implications of an application crash while DMA 
is active from a vfio PCI device; the DMA being configured and 
started by the application using vfio APIs.               

The expectation is that, DMA is stopped/reset before we tear down the IOMMU mappings 
and finally free the mmapped pages(on which DMA is happening).                                            

From the below stack trace(with dump_stack in vfio_pci_release),             
[  201.564273] [<ffffff8008798b50>] vfio_pci_release+0x80/0x458
[  201.564276] [<ffffff8008792b74>] vfio_device_fops_release+0x2c/0x50
[  201.564279] [<ffffff8008269ef4>] __fput+0x9c/0x218
[  201.564283] [<ffffff800826a0e8>] ____fput+0x20/0x30
[  201.564286] [<ffffff80080e7fe0>] task_work_run+0xa0/0xc8
[  201.564289] [<ffffff80080cbc7c>] do_exit+0x2bc/0x9c8
[  201.564293] [<ffffff80080cd0ec>] do_group_exit+0x3c/0xa8
[  201.564296] [<ffffff80080d94c4>] get_signal+0x3e4/0x538
[  201.564299] [<ffffff80080892f0>] do_signal+0x70/0x660
[  201.564302] [<ffffff8008089ce8>] do_notify_resume+0xe0/0x120
                                                                                               

PCI device is disabled/reset from vfio_pci_release invoked as part of 
device fd release. The fd releases are in turn invoked from exit_files
and exit_task_work.

But exit_mm, gets called before exit_files/exit_task_work in do_exit.
                                                                                               
Assuming all pages allocated/mmaped to a process gets freed in exit_mm,                                                                                               
is there is a possibility that user pages configured for DMA can get freed 
to kernel before the vfio device is stopped/reset ? 

Thanks.

-- 
Linu cherian