Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp4340286rwr; Mon, 8 May 2023 06:29:12 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4+EaRmhsF5wT9+GBHfuXeVTF2+bcq98pzxGNKsEW+6On/yOUmNsYalVcWu+8qXOw53JXk9 X-Received: by 2002:a05:6a21:110c:b0:f0:a5b8:59f9 with SMTP id oh12-20020a056a21110c00b000f0a5b859f9mr11336581pzb.15.1683552552375; Mon, 08 May 2023 06:29:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1683552552; cv=none; d=google.com; s=arc-20160816; b=dzgZwW78ZZriruFFPCFL+/Um1Xds36ivAp3dDrDMTG6IVbZCLKWSn7JFjXz5/RVdYH HHRpbutdrDwUxhDNx5plE6cCf+u34kw9JtorW4wADGtGXRWicpxm43Q2hk5ciLcvciYm q35noE9DqmmLUkJ28zzxwqH4eF3Odr+ermb4zTDn9UpWIOI4ze14hvSzjxqFlnhQXq7K Ooy53RaDPG4FjIzrCg0YtcSz3ac2wcd3xxxIMYqjIrSgPmch+R8KIOja3U5ygJY2x93T /Qri7Lmn2GQcAncNZg0qP0AnaRya0LQsSqFEAf+qaH+DKdFZfsMdYEAF0LVUBCJrJhaM y4PQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:message-id:date:subject:cc:to:from :dkim-signature; bh=1NMW1h5w5F1q5ifdq3nhrd0mrQIyxC03HXsoHk8OF3M=; b=L8p+waa5DH4Us4PWKkviAZqcXHgtE45X+QJ4p03ukk6FlmiOSotFtPaFcQqJsBMfUU AeZAkiSx2hJvVULv+QLF2W21uexnznQICFzSACWvp9RDclcVoi8NCpVjxRlfHUsL1+pD SVK9Yyg5J0BACuf9P7ArZcpMK+kuViAUMXDYW5v0akjc75IBfr0YyKby4dOjeQCIHp4+ ao0qfnEYSL7C5qbgGumrG+PbzzfMBuKjOTYkVQWGooZJGMEMrCO9tCFLxDBUN4rjPxH1 8vHqAYJhQUEim2oGIBHlbhKOH0il7odu7ahFIM3U8B6a0IyKHd08CIZfPVtLU0TcvHjS XFYA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=NxiT+kvP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id t29-20020a63955d000000b0051b578dfc51si8143328pgn.744.2023.05.08.06.28.57; Mon, 08 May 2023 06:29:12 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=NxiT+kvP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233408AbjEHNXw (ORCPT + 99 others); Mon, 8 May 2023 09:23:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42886 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229479AbjEHNXu (ORCPT ); Mon, 8 May 2023 09:23:50 -0400 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 642E383; Mon, 8 May 2023 06:23:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1683552229; x=1715088229; h=from:to:cc:subject:date:message-id; bh=8SCm4wFEaCHIjaaMs+tOcclnzwJ0N0aJVRlTnjeWArY=; b=NxiT+kvP3EHjRZBkF5hpSVX3nOEH2ECltC9x5L/ltmwX9zMnx3uEXJsE cXp9fJvTCLCPm0QSJlcj1VkAyCv6iM4jV6cwmcWDB8120J/uC1Im+E73q hoWwtzAaw+PQxIi7b/es5uG6mOVLh7w1TPe8PPyM3m9lG9agMxa4giuny Y8JIz3unikABksYQ80hBiDwC/gC+wPh7K/WWpXaQFe1H/J/QIzW/ac+jq MpAqKvOAKzzq+XiKN8tMSoiFBqMbO3b6sBUGRsgMrI3XDhlqJ207M3dDf 8FZpn+bWwnMbH956OOTctospTcuCmtkKGp7skcsYXWXXRksChEUxDPipf Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10703"; a="349674058" X-IronPort-AV: E=Sophos;i="5.99,259,1677571200"; d="scan'208";a="349674058" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 May 2023 06:23:49 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10703"; a="648873705" X-IronPort-AV: E=Sophos;i="5.99,259,1677571200"; d="scan'208";a="648873705" Received: from yzhao56-desk.sh.intel.com ([10.239.159.62]) by orsmga003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 May 2023 06:23:46 -0700 From: Yan Zhao To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: alex.williamson@redhat.com, kevin.tian@intel.com, jgg@nvidia.com, yishaih@nvidia.com, shameerali.kolothum.thodi@huawei.com, Yan Zhao Subject: [PATCH] vfio/pci: take mmap write lock for io_remap_pfn_range Date: Mon, 8 May 2023 20:58:42 +0800 Message-Id: <20230508125842.28193-1-yan.y.zhao@intel.com> X-Mailer: git-send-email 2.17.1 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org In VFIO type1, vaddr_get_pfns() will try fault in MMIO PFNs after pin_user_pages_remote() returns -EFAULT. follow_fault_pfn fixup_user_fault handle_mm_fault handle_mm_fault do_fault do_shared_fault do_fault __do_fault vfio_pci_mmap_fault io_remap_pfn_range remap_pfn_range track_pfn_remap vm_flags_set ==> mmap_assert_write_locked(vma->vm_mm) remap_pfn_range_notrack vm_flags_set ==> mmap_assert_write_locked(vma->vm_mm) As io_remap_pfn_range() will call vm_flags_set() to update vm_flags [1], holding of mmap write lock is required. So, update vfio_pci_mmap_fault() to drop mmap read lock and take mmap write lock. [1] https://lkml.kernel.org/r/20230126193752.297968-3-surenb@google.com commit bc292ab00f6c ("mm: introduce vma->vm_flags wrapper functions") commit 1c71222e5f23 ("mm: replace vma->vm_flags direct modifications with modifier calls") Signed-off-by: Yan Zhao --- drivers/vfio/pci/vfio_pci_core.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/drivers/vfio/pci/vfio_pci_core.c b/drivers/vfio/pci/vfio_pci_core.c index a5ab416cf476..5082f89152b3 100644 --- a/drivers/vfio/pci/vfio_pci_core.c +++ b/drivers/vfio/pci/vfio_pci_core.c @@ -1687,6 +1687,12 @@ static vm_fault_t vfio_pci_mmap_fault(struct vm_fault *vmf) struct vfio_pci_mmap_vma *mmap_vma; vm_fault_t ret = VM_FAULT_NOPAGE; + mmap_assert_locked(vma->vm_mm); + mmap_read_unlock(vma->vm_mm); + + if (mmap_write_lock_killable(vma->vm_mm)) + return VM_FAULT_RETRY; + mutex_lock(&vdev->vma_lock); down_read(&vdev->memory_lock); @@ -1726,6 +1732,17 @@ static vm_fault_t vfio_pci_mmap_fault(struct vm_fault *vmf) up_out: up_read(&vdev->memory_lock); mutex_unlock(&vdev->vma_lock); + mmap_write_unlock(vma->vm_mm); + + /* If PTE is installed successfully, add the completed flag to + * indicate mmap lock is released, + * otherwise retake the read lock + */ + if (ret == VM_FAULT_NOPAGE) + ret |= VM_FAULT_COMPLETED; + else + mmap_read_lock(vma->vm_mm); + return ret; } base-commit: 705b004ee377b789e39ae237519bab714297ac83 -- 2.17.1