The permission of vfio iommu is different and incompatible with vma permission. If the iotlb->perm is IOMMU_NONE (e.g. qemu side), qemu will simply call unmap ioctl() instead of mapping. Hence vfio_dma_map() can't map a dma region with NONE permission. This corner case will be exposed in coming virtio_fs cache_size commit [1] - mmap(NULL, size, PROT_NONE, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); memory_region_init_ram_ptr() - re-mmap the above area with read/write authority. - vfio_dma_map() will be invoked when vfio device is hotplug added. qemu: vfio_listener_region_add() vfio_dma_map(..., readonly=false) map.flags is set to VFIO_DMA_MAP_FLAG_READ|VFIO_..._WRITE ioctl(VFIO_IOMMU_MAP_DMA) kernel: vfio_dma_do_map() vfio_pin_map_dma() vfio_pin_pages_remote() vaddr_get_pfn() ... check_vma_flags() failed! because vm_flags hasn't VM_WRITE && gup_flags has FOLL_WRITE It will report error in qemu log when hotplug adding(vfio) a nvme disk to qemu guest on an Ampere EMAG server: "VFIO_MAP_DMA failed: Bad address" [1] https://gitlab.com/virtio-fs/qemu/-/blob/virtio-fs-dev/hw/virtio/vhost-user-fs.c#L502 Signed-off-by: Jia He <justin.he@xxxxxxx> --- drivers/vfio/vfio_iommu_type1.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/vfio/vfio_iommu_type1.c b/drivers/vfio/vfio_iommu_type1.c index 67e827638995..33faa6b7dbd4 100644 --- a/drivers/vfio/vfio_iommu_type1.c +++ b/drivers/vfio/vfio_iommu_type1.c @@ -453,7 +453,8 @@ static int vaddr_get_pfn(struct mm_struct *mm, unsigned long vaddr, flags |= FOLL_WRITE; mmap_read_lock(mm); - ret = pin_user_pages_remote(mm, vaddr, 1, flags | FOLL_LONGTERM, + ret = pin_user_pages_remote(mm, vaddr, 1, + flags | FOLL_LONGTERM | FOLL_FORCE, page, NULL, NULL); if (ret == 1) { *pfn = page_to_pfn(page[0]); -- 2.17.1
