Re: [PATCH v2 1/1] vfio: remove VFIO_GROUP_NOTIFY_SET_KVM

Jason Gunthorpe <jgg@xxxxxxxxxx> · Thu, 19 May 2022 09:33:31 -0300

On Wed, May 18, 2022 at 05:26:07PM -0400, Matthew Rosato wrote:
> Rather than relying on a notifier for associating the KVM with
> the group, let's assume that the association has already been
> made prior to device_open.  The first time a device is opened
> associate the group KVM with the device.
> 
> This fixes a user-triggerable oops in GVT.
> 
> Signed-off-by: Jason Gunthorpe <jgg@xxxxxxxxxx>
> Signed-off-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxx>
> ---
>  drivers/gpu/drm/i915/gvt/gtt.c        |  4 +-
>  drivers/gpu/drm/i915/gvt/gvt.h        |  3 -
>  drivers/gpu/drm/i915/gvt/kvmgt.c      | 82 ++++++---------------------
>  drivers/s390/crypto/vfio_ap_ops.c     | 38 ++++---------
>  drivers/s390/crypto/vfio_ap_private.h |  3 -
>  drivers/vfio/vfio.c                   | 75 ++++++++----------------
>  include/linux/vfio.h                  |  5 +-
>  7 files changed, 56 insertions(+), 154 deletions(-)

I'm fine with this, thanks for finishing it

> diff --git a/drivers/s390/crypto/vfio_ap_ops.c b/drivers/s390/crypto/vfio_ap_ops.c
> index e8914024f5b1..17a56bb4cf25 100644
> --- a/drivers/s390/crypto/vfio_ap_ops.c
> +++ b/drivers/s390/crypto/vfio_ap_ops.c
> @@ -1196,6 +1196,8 @@ static int vfio_ap_mdev_set_kvm(struct ap_matrix_mdev *matrix_mdev,
>  {
>         struct ap_matrix_mdev *m;
>
> +       kvm_get_kvm(kvm);
> +

[..]

> +       if (kvm)
> +               kvm_put_kvm(kvm);
>  }

This extra ref traffic is not necessary, the kvm will have a valid ref
because we are under the group_rwsem here and then the function will
obtain a ref when it stores it in matrix_mdev->kvm.

> diff --git a/drivers/vfio/vfio.c b/drivers/vfio/vfio.c
> index cfcff7764403..272acb62facd 100644
> --- a/drivers/vfio/vfio.c
> +++ b/drivers/vfio/vfio.c
> @@ -1083,11 +1083,22 @@ static struct file *vfio_device_open(struct vfio_device *device)
>  
>  	mutex_lock(&device->dev_set->lock);
>  	device->open_count++;
> +	down_read(&device->group->group_rwsem);
> +	if (device->open_count == 1 && device->group->kvm) {
> +		/*
> +		 * Here we pass the KVM pointer with the group under the read
> +		 * lock.  If the device driver will use it, it must obtain a
> +		 * reference and release it during close_device.
> +		 */
> +		device->kvm = device->group->kvm;
> +	}

But it is a bit ugly to keep the device->kvm in the struct device
without holding a reference count.

It is probably worth adding a comment to the definition in the struct
as well that the device driver must reference it or never touch it.

Jason