driver core: Add dma_cleanup callback in bus_type

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The bus_type structure defines dma_configure() callback for bus drivers
to configure DMA on the devices. This adds the paired dma_cleanup()
callback and calls it during driver unbinding so that bus drivers can do
some cleanup work.

One use case for this paired DMA callbacks is for the bus driver to check
for DMA ownership conflicts during driver binding, where multiple devices
belonging to a same IOMMU group (the minimum granularity of isolation and
protection) may be assigned to kernel drivers or user space respectively.

Without this change, for example, the vfio driver has to listen to a bus
BOUND_DRIVER event and then BUG_ON() in case of dma ownership conflict.
This leads to bad user experience since careless driver binding operation
may crash the system if the admin overlooks the group restriction. Aside
from bad design, this leads to a security problem as a root user, even with
lockdown=integrity, can force the kernel to BUG.

With this change, the bus driver could check and set the DMA ownership in
driver binding process and fail on ownership conflicts. The DMA ownership
should be released during driver unbinding.

Signed-off-by: Lu Baolu <baolu.lu@linux.intel.com>
Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Reviewed-by: Jason Gunthorpe <jgg@nvidia.com>
Link: https://lore.kernel.org/r/20220418005000.897664-3-baolu.lu@linux.intel.com
Signed-off-by: Joerg Roedel <jroedel@suse.de>

authored by

Lu Baolu and committed by

Joerg Roedel 4 years ago 25f3bcfc 1ea2a07a

2 changed files

expand all

drivers

base

dd.c

include

linux

device

bus.h

drivers/base/dd.c

··· 671 671 if (dev->bus) 672 672 blocking_notifier_call_chain(&dev->bus->p->bus_notifier, 673 673 BUS_NOTIFY_DRIVER_NOT_BOUND, dev); 674 + if (dev->bus && dev->bus->dma_cleanup) 675 + dev->bus->dma_cleanup(dev); 674 676 pinctrl_bind_failed: 675 677 device_links_no_driver(dev); 676 678 device_unbind_cleanup(dev); ··· 1200 1198 pm_runtime_put_sync(dev); 1201 1199 1202 1200 device_remove(dev); 1201 + 1202 + if (dev->bus && dev->bus->dma_cleanup) 1203 + dev->bus->dma_cleanup(dev); 1203 1204 1204 1205 device_links_driver_cleanup(dev); 1205 1206 device_unbind_cleanup(dev);

include/linux/device/bus.h

··· 59 59 * bus supports. 60 60 * @dma_configure: Called to setup DMA configuration on a device on 61 61 * this bus. 62 + * @dma_cleanup: Called to cleanup DMA configuration on a device on 63 + * this bus. 62 64 * @pm: Power management operations of this bus, callback the specific 63 65 * device driver's pm-ops. 64 66 * @iommu_ops: IOMMU specific operations for this bus, used to attach IOMMU ··· 105 103 int (*num_vf)(struct device *dev); 106 104 107 105 int (*dma_configure)(struct device *dev); 106 + void (*dma_cleanup)(struct device *dev); 108 107 109 108 const struct dev_pm_ops *pm; 110 109