git.ipfire.org Git - thirdparty/kernel/stable.git/commit

vfio-pci: Avoid recursive read-lock usage

[ Upstream commit bc93b9ae0151ae5ad5b8504cdc598428ea99570b ]

A down_read on memory_lock is held when performing read/write accesses
to MMIO BAR space, including across the copy_to/from_user() callouts
which may fault.  If the user buffer for these copies resides in an
mmap of device MMIO space, the mmap fault handler will acquire a
recursive read-lock on memory_lock.  Avoid this by reducing the lock
granularity.  Sequential accesses requiring multiple ioread/iowrite
cycles are expected to be rare, therefore typical accesses should not
see additional overhead.

VGA MMIO accesses are expected to be non-fatal regardless of the PCI
memory enable bit to allow legacy probing, this behavior remains with
a comment added.  ioeventfds are now included in memory access testing,
with writes dropped while memory space is disabled.

Fixes: abafbc551fdd ("vfio-pci: Invalidate mmaps and block MMIO access on disabled memory")
Reported-by: Zhiyi Guo <zhguo@redhat.com>
Tested-by: Zhiyi Guo <zhguo@redhat.com>
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

author	Alex Williamson <alex.williamson@redhat.com>
	Mon, 17 Aug 2020 17:08:18 +0000 (11:08 -0600)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 26 Aug 2020 09:49:12 +0000 (11:49 +0200)
commit	c49fa6397b6d29ce10c0ae5b2528bb004a14691f
tree	46dc0609dd75a288dcc2f248a26cf3a84dfe7e63	tree \| snapshot
parent	ba9c27ba11756dd1b00d4d31e4665ea9151083c9	commit \| diff

drivers/vfio/pci/vfio_pci_private.h		diff \| blob \| blame \| history
drivers/vfio/pci/vfio_pci_rdwr.c		diff \| blob \| blame \| history