On Wed, 05 Aug 2020 11:58:05 -0600
Alex Williamson <alex.williamson@xxxxxxxxxx> wrote:
> A down_read on memory_lock is held when performing read/write accesses
> to MMIO BAR space, including across the copy_to/from_user() callouts
> which may fault. If the user buffer for these copies resides in an
> mmap of device MMIO space, the mmap fault handler will acquire a
> recursive read-lock on memory_lock. Avoid this by reducing the lock
> granularity. Sequential accesses requiring multiple ioread/iowrite
> cycles are expected to be rare, therefore typical accesses should not
> see additional overhead.
>
> VGA MMIO accesses are expected to be non-fatal regardless of the PCI
> memory enable bit to allow legacy probing, this behavior remains with
> a comment added. ioeventfds are now included in memory access testing,
> with writes dropped while memory space is disabled.
>
> Fixes: abafbc551fdd ("vfio-pci: Invalidate mmaps and block MMIO access on disabled memory")
> Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx>
> ---
> drivers/vfio/pci/vfio_pci_private.h | 2 +
> drivers/vfio/pci/vfio_pci_rdwr.c | 120 ++++++++++++++++++++++++++++-------
> 2 files changed, 98 insertions(+), 24 deletions(-)
Reviewed-by: Cornelia Huck <cohuck@xxxxxxxxxx>
