Merge tag 'for-linus-iommufd' of git://git.kernel.org/pub/scm/linux/kernel/git/jgg...

Pull iommufd updates from Jason Gunthorpe:
 "This broadly brings the assigned HW command queue support to iommufd.
  This feature is used to improve SVA performance in VMs by avoiding
  paravirtualization traps during SVA invalidations.

  Along the way I think some of the core logic is in a much better state
  to support future driver backed features.

  Summary:

   - IOMMU HW now has features to directly assign HW command queues to a
     guest VM. In this mode the command queue operates on a limited set
     of invalidation commands that are suitable for improving guest
     invalidation performance and easy for the HW to virtualize.

     This brings the generic infrastructure to allow IOMMU drivers to
     expose such command queues through the iommufd uAPI, mmap the
     doorbell pages, and get the guest physical range for the command
     queue ring itself.

   - An implementation for the NVIDIA SMMUv3 extension "cmdqv" is built
     on the new iommufd command queue features. It works with the
     existing SMMU driver support for cmdqv in guest VMs.

   - Many precursor cleanups and improvements to support the above
     cleanly, changes to the general ioctl and object helpers, driver
     support for VDEVICE, and mmap pgoff cookie infrastructure.

   - Sequence VDEVICE destruction to always happen before VFIO device
     destruction. When using the above type features, and also in future
     confidential compute, the internal virtual device representation
     becomes linked to HW or CC TSM configuration and objects. If a VFIO
     device is removed from iommufd those HW objects should also be
     cleaned up to prevent a sort of UAF. This became important now that
     we have HW backing the VDEVICE.

   - Fix one syzkaller found error related to math overflows during iova
     allocation"

* tag 'for-linus-iommufd' of git://git.kernel.org/pub/scm/linux/kernel/git/jgg/iommufd: (57 commits)
  iommu/arm-smmu-v3: Replace vsmmu_size/type with get_viommu_size
  iommu/arm-smmu-v3: Do not bother impl_ops if IOMMU_VIOMMU_TYPE_ARM_SMMUV3
  iommufd: Rename some shortterm-related identifiers
  iommufd/selftest: Add coverage for vdevice tombstone
  iommufd/selftest: Explicitly skip tests for inapplicable variant
  iommufd/vdevice: Remove struct device reference from struct vdevice
  iommufd: Destroy vdevice on idevice destroy
  iommufd: Add a pre_destroy() op for objects
  iommufd: Add iommufd_object_tombstone_user() helper
  iommufd/viommu: Roll back to use iommufd_object_alloc() for vdevice
  iommufd/selftest: Test reserved regions near ULONG_MAX
  iommufd: Prevent ALIGN() overflow
  iommu/tegra241-cmdqv: import IOMMUFD module namespace
  iommufd: Do not allow _iommufd_object_alloc_ucmd if abort op is set
  iommu/tegra241-cmdqv: Add IOMMU_VEVENTQ_TYPE_TEGRA241_CMDQV support
  iommu/tegra241-cmdqv: Add user-space use support
  iommu/tegra241-cmdqv: Do not statically map LVCMDQs
  iommu/tegra241-cmdqv: Simplify deinit flow in tegra241_cmdqv_remove_vintf()
  iommu/tegra241-cmdqv: Use request_threaded_irq
  iommu/arm-smmu-v3-iommufd: Add hw_info to impl_ops
  ...

diff --cc drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c
index f39bd72350119d49c1c0bc37a3d669aa16908206,f56113107c8adb40fd12a88e03b6db221c5357ea..5968043ac80235f59382a1982680fd3c96cbd5aa
--- 1/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c
--- 2/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c
+++ b/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c
@@@ -3689,8 -3688,10 +3689,9 @@@ static const struct iommu_ops arm_smmu_
        .get_resv_regions       = arm_smmu_get_resv_regions,
        .page_response          = arm_smmu_page_response,
        .def_domain_type        = arm_smmu_def_domain_type,
-       .viommu_alloc           = arm_vsmmu_alloc,
+       .get_viommu_size        = arm_smmu_get_viommu_size,
+       .viommu_init            = arm_vsmmu_init,
        .user_pasid_table       = 1,
 -      .pgsize_bitmap          = -1UL, /* Restricted during device attach */
        .owner                  = THIS_MODULE,
        .default_domain_ops = &(const struct iommu_domain_ops) {
                .attach_dev             = arm_smmu_attach_dev,

diff --cc drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.h
Simple merge

diff --cc drivers/iommu/intel/iommu.c
Simple merge

diff --cc drivers/iommu/iommufd/selftest.c
Simple merge

diff --cc include/linux/iommu.h
index 7073be1d88415b3f658d846c2a0891f71c07a85d,e8b59ef54e4870da68e303c936e87feb7597a920..c30d12e16473df31c816b62f255fd57a3e4d00f1
--- 1/include/linux/iommu.h
--- 2/include/linux/iommu.h
+++ b/include/linux/iommu.h
@@@ -596,14 -637,17 +637,16 @@@ __iommu_copy_struct_to_user(const struc
   *            - IOMMU_DOMAIN_DMA: must use a dma domain
   *            - 0: use the default setting
   * @default_domain_ops: the default ops for domains
-  * @viommu_alloc: Allocate an iommufd_viommu on a physical IOMMU instance behind
-  *                the @dev, as the set of virtualization resources shared/passed
-  *                to user space IOMMU instance. And associate it with a nesting
-  *                @parent_domain. The @viommu_type must be defined in the header
-  *                include/uapi/linux/iommufd.h
-  *                It is required to call iommufd_viommu_alloc() helper for
-  *                a bundled allocation of the core and the driver structures,
-  *                using the given @ictx pointer.
+  * @get_viommu_size: Get the size of a driver-level vIOMMU structure for a given
+  *                   @dev corresponding to @viommu_type. Driver should return 0
+  *                   if vIOMMU isn't supported accordingly. It is required for
+  *                   driver to use the VIOMMU_STRUCT_SIZE macro to sanitize the
+  *                   driver-level vIOMMU structure related to the core one
+  * @viommu_init: Init the driver-level struct of an iommufd_viommu on a physical
+  *               IOMMU instance @viommu->iommu_dev, as the set of virtualization
+  *               resources shared/passed to user space IOMMU instance. Associate
+  *               it with a nesting @parent_domain. It is required for driver to
+  *               set @viommu->ops pointing to its own viommu_ops
 - * @pgsize_bitmap: bitmap of all possible supported page sizes
   * @owner: Driver module providing these ops
   * @identity_domain: An always available, always attachable identity
   *                   translation.
@@@ -653,11 -698,14 +697,13 @@@ struct iommu_ops 
  
        int (*def_domain_type)(struct device *dev);
  
-       struct iommufd_viommu *(*viommu_alloc)(
-               struct device *dev, struct iommu_domain *parent_domain,
-               struct iommufd_ctx *ictx, unsigned int viommu_type);
+       size_t (*get_viommu_size)(struct device *dev,
+                                 enum iommu_viommu_type viommu_type);
+       int (*viommu_init)(struct iommufd_viommu *viommu,
+                          struct iommu_domain *parent_domain,
+                          const struct iommu_user_data *user_data);
  
        const struct iommu_domain_ops *default_domain_ops;
 -      unsigned long pgsize_bitmap;
        struct module *owner;
        struct iommu_domain *identity_domain;
        struct iommu_domain *blocked_domain;

diff --cc tools/testing/selftests/iommu/iommufd.c
Simple merge

diff --cc tools/testing/selftests/iommu/iommufd_utils.h
Simple merge