On Tue, Jul 12, 2022 at 12:27:17PM +1000, Alexey Kardashevskiy wrote: > > > On 7/12/22 04:46, Jason Gunthorpe wrote: > > On Mon, Jul 11, 2022 at 11:24:32PM +1000, Alexey Kardashevskiy wrote: > > > > > I really think that for 5.19 we should really move this blocked domain > > > business to Type1 like this: > > > > > > https://github.com/aik/linux/commit/96f80c8db03b181398ad355f6f90e574c3ada4bf > > > > This creates the same security bug for power we are discussing here. If you > > How so? attach_dev() on power makes uninitalizes DMA setup for the group on > the hardware level, any other DMA user won't be able to initiate DMA. We removed all the code from VFIO that prevented dma driver conflicts and lowered into the new APIs. You have to use these new APIs or there are problems with exclusivity of the group. The previous code that was allowing power to work safely doesn't exist any more, which is why you can't just ignore these apis for type2. They have nothing to do with the vfio 'type', they are all about arbitrating who gets to use the group or not and making a safe hand off protocol from one group owner to the other. Since power says it has groups it must implement the sharing protocol for groups. > > don't want to fix it then lets just merge this iommu_ops patch as is rather than > > mangle the core code. > > The core code should not be assuming iommu_ops != NULL, Type1 should, I > thought it is the whole point of having Type1, why is not it the case > anymore? Architectures should not be creating iommu groups without providing proper iommu subsystem support. The half baked use of the iommu subsystem in power is the problem here. Adding the ops and starting to use the subsystem properly is the correct thing to do, even if you can't complete every corner right now. At least the issues are limited to arch code and can be fixed by arch maintainers. I think the patch you have here is fine to fix vfio on power and it should simply be merged for v5.19 and power folks can further work on this in the later cycles. Jason