1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * VFIO core 4 * 5 * Copyright (C) 2012 Red Hat, Inc. All rights reserved. 6 * Author: Alex Williamson <alex.williamson@redhat.com> 7 * 8 * Derived from original vfio: 9 * Copyright 2010 Cisco Systems, Inc. All rights reserved. 10 * Author: Tom Lyon, pugs@cisco.com 11 */ 12 13 #include <linux/vfio.h> 14 #include <linux/iommufd.h> 15 #include <linux/anon_inodes.h> 16 #include "vfio.h" 17 18 static struct vfio { 19 struct class *class; 20 struct list_head group_list; 21 struct mutex group_lock; /* locks group_list */ 22 struct ida group_ida; 23 dev_t group_devt; 24 } vfio; 25 26 static struct vfio_device *vfio_device_get_from_name(struct vfio_group *group, 27 char *buf) 28 { 29 struct vfio_device *it, *device = ERR_PTR(-ENODEV); 30 31 mutex_lock(&group->device_lock); 32 list_for_each_entry(it, &group->device_list, group_next) { 33 int ret; 34 35 if (it->ops->match) { 36 ret = it->ops->match(it, buf); 37 if (ret < 0) { 38 device = ERR_PTR(ret); 39 break; 40 } 41 } else { 42 ret = !strcmp(dev_name(it->dev), buf); 43 } 44 45 if (ret && vfio_device_try_get_registration(it)) { 46 device = it; 47 break; 48 } 49 } 50 mutex_unlock(&group->device_lock); 51 52 return device; 53 } 54 55 /* 56 * VFIO Group fd, /dev/vfio/$GROUP 57 */ 58 static bool vfio_group_has_iommu(struct vfio_group *group) 59 { 60 lockdep_assert_held(&group->group_lock); 61 /* 62 * There can only be users if there is a container, and if there is a 63 * container there must be users. 64 */ 65 WARN_ON(!group->container != !group->container_users); 66 67 return group->container || group->iommufd; 68 } 69 70 /* 71 * VFIO_GROUP_UNSET_CONTAINER should fail if there are other users or 72 * if there was no container to unset. Since the ioctl is called on 73 * the group, we know that still exists, therefore the only valid 74 * transition here is 1->0. 75 */ 76 static int vfio_group_ioctl_unset_container(struct vfio_group *group) 77 { 78 int ret = 0; 79 80 mutex_lock(&group->group_lock); 81 if (!vfio_group_has_iommu(group)) { 82 ret = -EINVAL; 83 goto out_unlock; 84 } 85 if (group->container) { 86 if (group->container_users != 1) { 87 ret = -EBUSY; 88 goto out_unlock; 89 } 90 vfio_group_detach_container(group); 91 } 92 if (group->iommufd) { 93 iommufd_ctx_put(group->iommufd); 94 group->iommufd = NULL; 95 } 96 97 out_unlock: 98 mutex_unlock(&group->group_lock); 99 return ret; 100 } 101 102 static int vfio_group_ioctl_set_container(struct vfio_group *group, 103 int __user *arg) 104 { 105 struct vfio_container *container; 106 struct iommufd_ctx *iommufd; 107 int ret; 108 int fd; 109 110 if (get_user(fd, arg)) 111 return -EFAULT; 112 113 CLASS(fd, f)(fd); 114 if (fd_empty(f)) 115 return -EBADF; 116 117 mutex_lock(&group->group_lock); 118 if (vfio_group_has_iommu(group)) { 119 ret = -EINVAL; 120 goto out_unlock; 121 } 122 if (!group->iommu_group) { 123 ret = -ENODEV; 124 goto out_unlock; 125 } 126 127 container = vfio_container_from_file(fd_file(f)); 128 if (container) { 129 ret = vfio_container_attach_group(container, group); 130 goto out_unlock; 131 } 132 133 iommufd = iommufd_ctx_from_file(fd_file(f)); 134 if (!IS_ERR(iommufd)) { 135 if (IS_ENABLED(CONFIG_VFIO_NOIOMMU) && 136 group->type == VFIO_NO_IOMMU) 137 ret = iommufd_vfio_compat_set_no_iommu(iommufd); 138 else 139 ret = iommufd_vfio_compat_ioas_create(iommufd); 140 141 if (ret) { 142 iommufd_ctx_put(iommufd); 143 goto out_unlock; 144 } 145 146 group->iommufd = iommufd; 147 goto out_unlock; 148 } 149 150 /* The FD passed is not recognized. */ 151 ret = -EBADFD; 152 153 out_unlock: 154 mutex_unlock(&group->group_lock); 155 return ret; 156 } 157 158 static void vfio_device_group_get_kvm_safe(struct vfio_device *device) 159 { 160 spin_lock(&device->group->kvm_ref_lock); 161 vfio_device_get_kvm_safe(device, device->group->kvm); 162 spin_unlock(&device->group->kvm_ref_lock); 163 } 164 165 static int vfio_df_group_open(struct vfio_device_file *df) 166 { 167 struct vfio_device *device = df->device; 168 int ret; 169 170 mutex_lock(&device->group->group_lock); 171 if (!vfio_group_has_iommu(device->group)) { 172 ret = -EINVAL; 173 goto out_unlock; 174 } 175 176 mutex_lock(&device->dev_set->lock); 177 178 /* 179 * Before the first device open, get the KVM pointer currently 180 * associated with the group (if there is one) and obtain a reference 181 * now that will be held until the open_count reaches 0 again. Save 182 * the pointer in the device for use by drivers. 183 */ 184 if (device->open_count == 0) 185 vfio_device_group_get_kvm_safe(device); 186 187 df->iommufd = device->group->iommufd; 188 if (df->iommufd && vfio_device_is_noiommu(device) && device->open_count == 0) { 189 /* 190 * Require no compat ioas to be assigned to proceed. The basic 191 * statement is that the user cannot have done something that 192 * implies they expected translation to exist 193 */ 194 if (!capable(CAP_SYS_RAWIO) || 195 vfio_iommufd_device_has_compat_ioas(device, df->iommufd)) 196 ret = -EPERM; 197 else 198 ret = 0; 199 goto out_put_kvm; 200 } 201 202 ret = vfio_df_open(df); 203 if (ret) 204 goto out_put_kvm; 205 206 if (df->iommufd && device->open_count == 1) { 207 ret = vfio_iommufd_compat_attach_ioas(device, df->iommufd); 208 if (ret) 209 goto out_close_device; 210 } 211 212 /* 213 * Paired with smp_load_acquire() in vfio_device_fops::ioctl/ 214 * read/write/mmap and vfio_file_has_device_access() 215 */ 216 smp_store_release(&df->access_granted, true); 217 218 mutex_unlock(&device->dev_set->lock); 219 mutex_unlock(&device->group->group_lock); 220 return 0; 221 222 out_close_device: 223 vfio_df_close(df); 224 out_put_kvm: 225 df->iommufd = NULL; 226 if (device->open_count == 0) 227 vfio_device_put_kvm(device); 228 mutex_unlock(&device->dev_set->lock); 229 out_unlock: 230 mutex_unlock(&device->group->group_lock); 231 return ret; 232 } 233 234 void vfio_df_group_close(struct vfio_device_file *df) 235 { 236 struct vfio_device *device = df->device; 237 238 mutex_lock(&device->group->group_lock); 239 mutex_lock(&device->dev_set->lock); 240 241 vfio_df_close(df); 242 df->iommufd = NULL; 243 244 if (device->open_count == 0) 245 vfio_device_put_kvm(device); 246 247 mutex_unlock(&device->dev_set->lock); 248 mutex_unlock(&device->group->group_lock); 249 } 250 251 static struct file *vfio_device_open_file(struct vfio_device *device) 252 { 253 struct vfio_device_file *df; 254 struct file *filep; 255 int ret; 256 257 df = vfio_allocate_device_file(device); 258 if (IS_ERR(df)) { 259 ret = PTR_ERR(df); 260 goto err_out; 261 } 262 263 df->group = device->group; 264 265 ret = vfio_df_group_open(df); 266 if (ret) 267 goto err_free; 268 269 /* 270 * We can't use anon_inode_getfd() because we need to modify 271 * the f_mode flags directly to allow more than just ioctls 272 */ 273 filep = anon_inode_getfile("[vfio-device]", &vfio_device_fops, 274 df, O_RDWR); 275 if (IS_ERR(filep)) { 276 ret = PTR_ERR(filep); 277 goto err_close_device; 278 } 279 280 /* 281 * TODO: add an anon_inode interface to do this. 282 * Appears to be missing by lack of need rather than 283 * explicitly prevented. Now there's need. 284 */ 285 filep->f_mode |= (FMODE_PREAD | FMODE_PWRITE); 286 287 /* 288 * Use the pseudo fs inode on the device to link all mmaps 289 * to the same address space, allowing us to unmap all vmas 290 * associated to this device using unmap_mapping_range(). 291 */ 292 filep->f_mapping = device->inode->i_mapping; 293 294 if (device->group->type == VFIO_NO_IOMMU) 295 dev_warn(device->dev, "vfio-noiommu device opened by user " 296 "(%s:%d)\n", current->comm, task_pid_nr(current)); 297 /* 298 * On success the ref of device is moved to the file and 299 * put in vfio_device_fops_release() 300 */ 301 return filep; 302 303 err_close_device: 304 vfio_df_group_close(df); 305 err_free: 306 kfree(df); 307 err_out: 308 return ERR_PTR(ret); 309 } 310 311 static int vfio_group_ioctl_get_device_fd(struct vfio_group *group, 312 char __user *arg) 313 { 314 struct vfio_device *device; 315 struct file *filep; 316 char *buf; 317 int fdno; 318 int ret; 319 320 buf = strndup_user(arg, PAGE_SIZE); 321 if (IS_ERR(buf)) 322 return PTR_ERR(buf); 323 324 device = vfio_device_get_from_name(group, buf); 325 kfree(buf); 326 if (IS_ERR(device)) 327 return PTR_ERR(device); 328 329 fdno = get_unused_fd_flags(O_CLOEXEC); 330 if (fdno < 0) { 331 ret = fdno; 332 goto err_put_device; 333 } 334 335 filep = vfio_device_open_file(device); 336 if (IS_ERR(filep)) { 337 ret = PTR_ERR(filep); 338 goto err_put_fdno; 339 } 340 341 fd_install(fdno, filep); 342 return fdno; 343 344 err_put_fdno: 345 put_unused_fd(fdno); 346 err_put_device: 347 vfio_device_put_registration(device); 348 return ret; 349 } 350 351 static int vfio_group_ioctl_get_status(struct vfio_group *group, 352 struct vfio_group_status __user *arg) 353 { 354 unsigned long minsz = offsetofend(struct vfio_group_status, flags); 355 struct vfio_group_status status; 356 357 if (copy_from_user(&status, arg, minsz)) 358 return -EFAULT; 359 360 if (status.argsz < minsz) 361 return -EINVAL; 362 363 status.flags = 0; 364 365 mutex_lock(&group->group_lock); 366 if (!group->iommu_group) { 367 mutex_unlock(&group->group_lock); 368 return -ENODEV; 369 } 370 371 /* 372 * With the container FD the iommu_group_claim_dma_owner() is done 373 * during SET_CONTAINER but for IOMMFD this is done during 374 * VFIO_GROUP_GET_DEVICE_FD. Meaning that with iommufd 375 * VFIO_GROUP_FLAGS_VIABLE could be set but GET_DEVICE_FD will fail due 376 * to viability. 377 */ 378 if (vfio_group_has_iommu(group)) 379 status.flags |= VFIO_GROUP_FLAGS_CONTAINER_SET | 380 VFIO_GROUP_FLAGS_VIABLE; 381 else if (!iommu_group_dma_owner_claimed(group->iommu_group)) 382 status.flags |= VFIO_GROUP_FLAGS_VIABLE; 383 mutex_unlock(&group->group_lock); 384 385 if (copy_to_user(arg, &status, minsz)) 386 return -EFAULT; 387 return 0; 388 } 389 390 static long vfio_group_fops_unl_ioctl(struct file *filep, 391 unsigned int cmd, unsigned long arg) 392 { 393 struct vfio_group *group = filep->private_data; 394 void __user *uarg = (void __user *)arg; 395 396 switch (cmd) { 397 case VFIO_GROUP_GET_DEVICE_FD: 398 return vfio_group_ioctl_get_device_fd(group, uarg); 399 case VFIO_GROUP_GET_STATUS: 400 return vfio_group_ioctl_get_status(group, uarg); 401 case VFIO_GROUP_SET_CONTAINER: 402 return vfio_group_ioctl_set_container(group, uarg); 403 case VFIO_GROUP_UNSET_CONTAINER: 404 return vfio_group_ioctl_unset_container(group); 405 default: 406 return -ENOTTY; 407 } 408 } 409 410 int vfio_device_block_group(struct vfio_device *device) 411 { 412 struct vfio_group *group = device->group; 413 int ret = 0; 414 415 mutex_lock(&group->group_lock); 416 if (group->opened_file) { 417 ret = -EBUSY; 418 goto out_unlock; 419 } 420 421 group->cdev_device_open_cnt++; 422 423 out_unlock: 424 mutex_unlock(&group->group_lock); 425 return ret; 426 } 427 428 void vfio_device_unblock_group(struct vfio_device *device) 429 { 430 struct vfio_group *group = device->group; 431 432 mutex_lock(&group->group_lock); 433 group->cdev_device_open_cnt--; 434 mutex_unlock(&group->group_lock); 435 } 436 437 static int vfio_group_fops_open(struct inode *inode, struct file *filep) 438 { 439 struct vfio_group *group = 440 container_of(inode->i_cdev, struct vfio_group, cdev); 441 int ret; 442 443 mutex_lock(&group->group_lock); 444 445 /* 446 * drivers can be zero if this races with vfio_device_remove_group(), it 447 * will be stable at 0 under the group rwsem 448 */ 449 if (refcount_read(&group->drivers) == 0) { 450 ret = -ENODEV; 451 goto out_unlock; 452 } 453 454 if (group->type == VFIO_NO_IOMMU && !capable(CAP_SYS_RAWIO)) { 455 ret = -EPERM; 456 goto out_unlock; 457 } 458 459 if (group->cdev_device_open_cnt) { 460 ret = -EBUSY; 461 goto out_unlock; 462 } 463 464 /* 465 * Do we need multiple instances of the group open? Seems not. 466 */ 467 if (group->opened_file) { 468 ret = -EBUSY; 469 goto out_unlock; 470 } 471 group->opened_file = filep; 472 filep->private_data = group; 473 ret = 0; 474 out_unlock: 475 mutex_unlock(&group->group_lock); 476 return ret; 477 } 478 479 static int vfio_group_fops_release(struct inode *inode, struct file *filep) 480 { 481 struct vfio_group *group = filep->private_data; 482 483 filep->private_data = NULL; 484 485 mutex_lock(&group->group_lock); 486 /* 487 * Device FDs hold a group file reference, therefore the group release 488 * is only called when there are no open devices. 489 */ 490 WARN_ON(group->notifier.head); 491 if (group->container) 492 vfio_group_detach_container(group); 493 if (group->iommufd) { 494 iommufd_ctx_put(group->iommufd); 495 group->iommufd = NULL; 496 } 497 group->opened_file = NULL; 498 mutex_unlock(&group->group_lock); 499 return 0; 500 } 501 502 static const struct file_operations vfio_group_fops = { 503 .owner = THIS_MODULE, 504 .unlocked_ioctl = vfio_group_fops_unl_ioctl, 505 .compat_ioctl = compat_ptr_ioctl, 506 .open = vfio_group_fops_open, 507 .release = vfio_group_fops_release, 508 }; 509 510 /* 511 * Group objects - create, release, get, put, search 512 */ 513 static struct vfio_group * 514 vfio_group_find_from_iommu(struct iommu_group *iommu_group) 515 { 516 struct vfio_group *group; 517 518 lockdep_assert_held(&vfio.group_lock); 519 520 /* 521 * group->iommu_group from the vfio.group_list cannot be NULL 522 * under the vfio.group_lock. 523 */ 524 list_for_each_entry(group, &vfio.group_list, vfio_next) { 525 if (group->iommu_group == iommu_group) 526 return group; 527 } 528 return NULL; 529 } 530 531 static void vfio_group_release(struct device *dev) 532 { 533 struct vfio_group *group = container_of(dev, struct vfio_group, dev); 534 535 mutex_destroy(&group->device_lock); 536 mutex_destroy(&group->group_lock); 537 WARN_ON(group->iommu_group); 538 WARN_ON(group->cdev_device_open_cnt); 539 ida_free(&vfio.group_ida, MINOR(group->dev.devt)); 540 kfree(group); 541 } 542 543 static struct vfio_group *vfio_group_alloc(struct iommu_group *iommu_group, 544 enum vfio_group_type type) 545 { 546 struct vfio_group *group; 547 int minor; 548 549 group = kzalloc(sizeof(*group), GFP_KERNEL); 550 if (!group) 551 return ERR_PTR(-ENOMEM); 552 553 minor = ida_alloc_max(&vfio.group_ida, MINORMASK, GFP_KERNEL); 554 if (minor < 0) { 555 kfree(group); 556 return ERR_PTR(minor); 557 } 558 559 device_initialize(&group->dev); 560 group->dev.devt = MKDEV(MAJOR(vfio.group_devt), minor); 561 group->dev.class = vfio.class; 562 group->dev.release = vfio_group_release; 563 cdev_init(&group->cdev, &vfio_group_fops); 564 group->cdev.owner = THIS_MODULE; 565 566 refcount_set(&group->drivers, 1); 567 mutex_init(&group->group_lock); 568 spin_lock_init(&group->kvm_ref_lock); 569 INIT_LIST_HEAD(&group->device_list); 570 mutex_init(&group->device_lock); 571 group->iommu_group = iommu_group; 572 /* put in vfio_group_release() */ 573 iommu_group_ref_get(iommu_group); 574 group->type = type; 575 BLOCKING_INIT_NOTIFIER_HEAD(&group->notifier); 576 577 return group; 578 } 579 580 static struct vfio_group *vfio_create_group(struct iommu_group *iommu_group, 581 enum vfio_group_type type) 582 { 583 struct vfio_group *group; 584 struct vfio_group *ret; 585 int err; 586 587 lockdep_assert_held(&vfio.group_lock); 588 589 group = vfio_group_alloc(iommu_group, type); 590 if (IS_ERR(group)) 591 return group; 592 593 err = dev_set_name(&group->dev, "%s%d", 594 group->type == VFIO_NO_IOMMU ? "noiommu-" : "", 595 iommu_group_id(iommu_group)); 596 if (err) { 597 ret = ERR_PTR(err); 598 goto err_put; 599 } 600 601 err = cdev_device_add(&group->cdev, &group->dev); 602 if (err) { 603 ret = ERR_PTR(err); 604 goto err_put; 605 } 606 607 list_add(&group->vfio_next, &vfio.group_list); 608 609 return group; 610 611 err_put: 612 put_device(&group->dev); 613 return ret; 614 } 615 616 static struct vfio_group *vfio_noiommu_group_alloc(struct device *dev, 617 enum vfio_group_type type) 618 { 619 struct iommu_group *iommu_group; 620 struct vfio_group *group; 621 int ret; 622 623 iommu_group = iommu_group_alloc(); 624 if (IS_ERR(iommu_group)) 625 return ERR_CAST(iommu_group); 626 627 ret = iommu_group_set_name(iommu_group, "vfio-noiommu"); 628 if (ret) 629 goto out_put_group; 630 ret = iommu_group_add_device(iommu_group, dev); 631 if (ret) 632 goto out_put_group; 633 634 mutex_lock(&vfio.group_lock); 635 group = vfio_create_group(iommu_group, type); 636 mutex_unlock(&vfio.group_lock); 637 if (IS_ERR(group)) { 638 ret = PTR_ERR(group); 639 goto out_remove_device; 640 } 641 iommu_group_put(iommu_group); 642 return group; 643 644 out_remove_device: 645 iommu_group_remove_device(dev); 646 out_put_group: 647 iommu_group_put(iommu_group); 648 return ERR_PTR(ret); 649 } 650 651 static bool vfio_group_has_device(struct vfio_group *group, struct device *dev) 652 { 653 struct vfio_device *device; 654 655 mutex_lock(&group->device_lock); 656 list_for_each_entry(device, &group->device_list, group_next) { 657 if (device->dev == dev) { 658 mutex_unlock(&group->device_lock); 659 return true; 660 } 661 } 662 mutex_unlock(&group->device_lock); 663 return false; 664 } 665 666 static struct vfio_group *vfio_group_find_or_alloc(struct device *dev) 667 { 668 struct iommu_group *iommu_group; 669 struct vfio_group *group; 670 671 iommu_group = iommu_group_get(dev); 672 if (!iommu_group && vfio_noiommu) { 673 /* 674 * With noiommu enabled, create an IOMMU group for devices that 675 * don't already have one, implying no IOMMU hardware/driver 676 * exists. Taint the kernel because we're about to give a DMA 677 * capable device to a user without IOMMU protection. 678 */ 679 group = vfio_noiommu_group_alloc(dev, VFIO_NO_IOMMU); 680 if (!IS_ERR(group)) { 681 add_taint(TAINT_USER, LOCKDEP_STILL_OK); 682 dev_warn(dev, "Adding kernel taint for vfio-noiommu group on device\n"); 683 } 684 return group; 685 } 686 687 if (!iommu_group) 688 return ERR_PTR(-EINVAL); 689 690 mutex_lock(&vfio.group_lock); 691 group = vfio_group_find_from_iommu(iommu_group); 692 if (group) { 693 if (WARN_ON(vfio_group_has_device(group, dev))) 694 group = ERR_PTR(-EINVAL); 695 else 696 refcount_inc(&group->drivers); 697 } else { 698 group = vfio_create_group(iommu_group, VFIO_IOMMU); 699 } 700 mutex_unlock(&vfio.group_lock); 701 702 /* The vfio_group holds a reference to the iommu_group */ 703 iommu_group_put(iommu_group); 704 return group; 705 } 706 707 int vfio_device_set_group(struct vfio_device *device, 708 enum vfio_group_type type) 709 { 710 struct vfio_group *group; 711 712 if (type == VFIO_IOMMU) 713 group = vfio_group_find_or_alloc(device->dev); 714 else 715 group = vfio_noiommu_group_alloc(device->dev, type); 716 717 if (IS_ERR(group)) 718 return PTR_ERR(group); 719 720 /* Our reference on group is moved to the device */ 721 device->group = group; 722 return 0; 723 } 724 725 void vfio_device_remove_group(struct vfio_device *device) 726 { 727 struct vfio_group *group = device->group; 728 struct iommu_group *iommu_group; 729 730 if (group->type == VFIO_NO_IOMMU || group->type == VFIO_EMULATED_IOMMU) 731 iommu_group_remove_device(device->dev); 732 733 /* Pairs with vfio_create_group() / vfio_group_get_from_iommu() */ 734 if (!refcount_dec_and_mutex_lock(&group->drivers, &vfio.group_lock)) 735 return; 736 list_del(&group->vfio_next); 737 738 /* 739 * We could concurrently probe another driver in the group that might 740 * race vfio_device_remove_group() with vfio_get_group(), so we have to 741 * ensure that the sysfs is all cleaned up under lock otherwise the 742 * cdev_device_add() will fail due to the name aready existing. 743 */ 744 cdev_device_del(&group->cdev, &group->dev); 745 746 mutex_lock(&group->group_lock); 747 /* 748 * These data structures all have paired operations that can only be 749 * undone when the caller holds a live reference on the device. Since 750 * all pairs must be undone these WARN_ON's indicate some caller did not 751 * properly hold the group reference. 752 */ 753 WARN_ON(!list_empty(&group->device_list)); 754 WARN_ON(group->notifier.head); 755 756 /* 757 * Revoke all users of group->iommu_group. At this point we know there 758 * are no devices active because we are unplugging the last one. Setting 759 * iommu_group to NULL blocks all new users. 760 */ 761 if (group->container) 762 vfio_group_detach_container(group); 763 iommu_group = group->iommu_group; 764 group->iommu_group = NULL; 765 mutex_unlock(&group->group_lock); 766 mutex_unlock(&vfio.group_lock); 767 768 iommu_group_put(iommu_group); 769 put_device(&group->dev); 770 } 771 772 void vfio_device_group_register(struct vfio_device *device) 773 { 774 mutex_lock(&device->group->device_lock); 775 list_add(&device->group_next, &device->group->device_list); 776 mutex_unlock(&device->group->device_lock); 777 } 778 779 void vfio_device_group_unregister(struct vfio_device *device) 780 { 781 mutex_lock(&device->group->device_lock); 782 list_del(&device->group_next); 783 mutex_unlock(&device->group->device_lock); 784 } 785 786 int vfio_device_group_use_iommu(struct vfio_device *device) 787 { 788 struct vfio_group *group = device->group; 789 int ret = 0; 790 791 lockdep_assert_held(&group->group_lock); 792 793 if (WARN_ON(!group->container)) 794 return -EINVAL; 795 796 ret = vfio_group_use_container(group); 797 if (ret) 798 return ret; 799 vfio_device_container_register(device); 800 return 0; 801 } 802 803 void vfio_device_group_unuse_iommu(struct vfio_device *device) 804 { 805 struct vfio_group *group = device->group; 806 807 lockdep_assert_held(&group->group_lock); 808 809 if (WARN_ON(!group->container)) 810 return; 811 812 vfio_device_container_unregister(device); 813 vfio_group_unuse_container(group); 814 } 815 816 bool vfio_device_has_container(struct vfio_device *device) 817 { 818 return device->group->container; 819 } 820 821 struct vfio_group *vfio_group_from_file(struct file *file) 822 { 823 struct vfio_group *group = file->private_data; 824 825 if (file->f_op != &vfio_group_fops) 826 return NULL; 827 return group; 828 } 829 830 /** 831 * vfio_file_iommu_group - Return the struct iommu_group for the vfio group file 832 * @file: VFIO group file 833 * 834 * The returned iommu_group is valid as long as a ref is held on the file. This 835 * returns a reference on the group. This function is deprecated, only the SPAPR 836 * path in kvm should call it. 837 */ 838 struct iommu_group *vfio_file_iommu_group(struct file *file) 839 { 840 struct vfio_group *group = vfio_group_from_file(file); 841 struct iommu_group *iommu_group = NULL; 842 843 if (!IS_ENABLED(CONFIG_SPAPR_TCE_IOMMU)) 844 return NULL; 845 846 if (!group) 847 return NULL; 848 849 mutex_lock(&group->group_lock); 850 if (group->iommu_group) { 851 iommu_group = group->iommu_group; 852 iommu_group_ref_get(iommu_group); 853 } 854 mutex_unlock(&group->group_lock); 855 return iommu_group; 856 } 857 EXPORT_SYMBOL_GPL(vfio_file_iommu_group); 858 859 /** 860 * vfio_file_is_group - True if the file is a vfio group file 861 * @file: VFIO group file 862 */ 863 bool vfio_file_is_group(struct file *file) 864 { 865 return vfio_group_from_file(file); 866 } 867 EXPORT_SYMBOL_GPL(vfio_file_is_group); 868 869 bool vfio_group_enforced_coherent(struct vfio_group *group) 870 { 871 struct vfio_device *device; 872 bool ret = true; 873 874 /* 875 * If the device does not have IOMMU_CAP_ENFORCE_CACHE_COHERENCY then 876 * any domain later attached to it will also not support it. If the cap 877 * is set then the iommu_domain eventually attached to the device/group 878 * must use a domain with enforce_cache_coherency(). 879 */ 880 mutex_lock(&group->device_lock); 881 list_for_each_entry(device, &group->device_list, group_next) { 882 if (!device_iommu_capable(device->dev, 883 IOMMU_CAP_ENFORCE_CACHE_COHERENCY)) { 884 ret = false; 885 break; 886 } 887 } 888 mutex_unlock(&group->device_lock); 889 return ret; 890 } 891 892 void vfio_group_set_kvm(struct vfio_group *group, struct kvm *kvm) 893 { 894 spin_lock(&group->kvm_ref_lock); 895 group->kvm = kvm; 896 spin_unlock(&group->kvm_ref_lock); 897 } 898 899 /** 900 * vfio_file_has_dev - True if the VFIO file is a handle for device 901 * @file: VFIO file to check 902 * @device: Device that must be part of the file 903 * 904 * Returns true if given file has permission to manipulate the given device. 905 */ 906 bool vfio_file_has_dev(struct file *file, struct vfio_device *device) 907 { 908 struct vfio_group *group = vfio_group_from_file(file); 909 910 if (!group) 911 return false; 912 913 return group == device->group; 914 } 915 EXPORT_SYMBOL_GPL(vfio_file_has_dev); 916 917 static char *vfio_devnode(const struct device *dev, umode_t *mode) 918 { 919 return kasprintf(GFP_KERNEL, "vfio/%s", dev_name(dev)); 920 } 921 922 int __init vfio_group_init(void) 923 { 924 int ret; 925 926 ida_init(&vfio.group_ida); 927 mutex_init(&vfio.group_lock); 928 INIT_LIST_HEAD(&vfio.group_list); 929 930 ret = vfio_container_init(); 931 if (ret) 932 return ret; 933 934 /* /dev/vfio/$GROUP */ 935 vfio.class = class_create("vfio"); 936 if (IS_ERR(vfio.class)) { 937 ret = PTR_ERR(vfio.class); 938 goto err_group_class; 939 } 940 941 vfio.class->devnode = vfio_devnode; 942 943 ret = alloc_chrdev_region(&vfio.group_devt, 0, MINORMASK + 1, "vfio"); 944 if (ret) 945 goto err_alloc_chrdev; 946 return 0; 947 948 err_alloc_chrdev: 949 class_destroy(vfio.class); 950 vfio.class = NULL; 951 err_group_class: 952 vfio_container_cleanup(); 953 return ret; 954 } 955 956 void vfio_group_cleanup(void) 957 { 958 WARN_ON(!list_empty(&vfio.group_list)); 959 ida_destroy(&vfio.group_ida); 960 unregister_chrdev_region(vfio.group_devt, MINORMASK + 1); 961 class_destroy(vfio.class); 962 vfio.class = NULL; 963 vfio_container_cleanup(); 964 } 965