> From: Lu Baolu <baolu.lu@xxxxxxxxxxxxxxx> > Sent: Tuesday, January 30, 2024 4:09 PM > > The per-device fault data structure stores information about faults > occurring on a device. Its lifetime spans from IOPF enablement to > disablement. Multiple paths, including IOPF reporting, handling, and > responding, may access it concurrently. > > Previously, a mutex protected the fault data from use after free. But > this is not performance friendly due to the critical nature of IOPF > handling paths. > > Refine this with a refcount-based approach. The fault data pointer is > obtained within an RCU read region with a refcount. The fault data > pointer is returned for usage only when the pointer is valid and a > refcount is successfully obtained. The fault data is freed with > kfree_rcu(), ensuring data is only freed after all RCU critical regions > complete. > > An iopf handling work starts once an iopf group is created. The handling > work continues until iommu_page_response() is called to respond to the > iopf and the iopf group is freed. During this time, the device fault > parameter should always be available. Add a pointer to the device fault > parameter in the iopf_group structure and hold the reference until the > iopf_group is freed. > > Make iommu_page_response() static as it is only used in io-pgfault.c. > > Co-developed-by: Jason Gunthorpe <jgg@xxxxxxxxxx> > Signed-off-by: Jason Gunthorpe <jgg@xxxxxxxxxx> > Signed-off-by: Lu Baolu <baolu.lu@xxxxxxxxxxxxxxx> > Reviewed-by: Jason Gunthorpe <jgg@xxxxxxxxxx> > Tested-by: Yan Zhao <yan.y.zhao@xxxxxxxxx> Reviewed-by: Kevin Tian <kevin.tian@xxxxxxxxx> > * struct iommu_fault_param - per-device IOMMU fault data > * @lock: protect pending faults list > + * @users: user counter to manage the lifetime of the data > + * @ruc: rcu head for kfree_rcu() s/ruc/rcu
