On Thu, Jun 23, 2022 at 05:00:44PM -0600, Alex Williamson wrote:
> > >> +struct vfio_device *vfio_device_get_from_iommu(struct iommu_group *iommu_group)
> > >> +{
> > >> + struct vfio_group *group = vfio_group_get_from_iommu(iommu_group);
> > >> + struct vfio_device *device;
> > >
> > > Check group for NULL.
> >
> > OK - FWIW in context this should only ever make sense to call with an
> > iommu_group which has already been derived from a vfio_group, and I did
> > initially consider a check with a WARN_ON(), but then decided that the
> > unguarded dereference would be a sufficiently strong message. No problem
> > with bringing that back to make it more defensive if that's what you prefer.
>
> A while down the road, that's a bit too much implicit knowledge of the
> intent and single purpose of this function just to simply avoid a test.
I think we should just pass the 'struct vfio_group *' into the
attach_group op and have this API take that type in and forget the
vfio_group_get_from_iommu().
At this point there is little justification for
vfio_group_get_from_iommu() existing at all, it should be folded into
the one use in vfio_group_find_or_alloc() and the locking widened so
we don't have the unlock/alloc/lock race that requires it to be called
twice.
> I'd lean towards Kevin's idea that we could store bus_type on the
> vfio_group and pass that to type1, with the same assumptions we're
> making in the commit log that it's consistent, but that doesn't get us
> closer to the long term plan of dropping the bus_type interfaces
> AIUI.
Right, the point is to get a representative struct device here to use.
Jason
