Linaro-mm-sig

linaro-mm-sig@lists.linaro.org

17 participants
3289 discussions

[PATCH v3 0/7] dma-buf: Use revoke mechanism to invalidate shared buffers

by Leon Romanovsky

Changelog: v3: * Used Jason's wordings for commits and cover letter. * Removed IOMMUFD patch. * Renamed dma_buf_attachment_is_revoke() to be dma_buf_attach_revocable(). * Added patch to remove CONFIG_DMABUF_MOVE_NOTIFY. * Added Reviewed-by tags. * Called to dma_resv_wait_timeout() after dma_buf_move_notify() in VFIO. * Added dma_buf_attach_revocable() check to VFIO DMABUF attach function. * Slightly changed commit messages. v2: https://patch.msgid.link/20260118-dmabuf-revoke-v2-0-a03bb27c0875@nvidia.com * Changed series to document the revoke semantics instead of implementing it. v1: https://patch.msgid.link/20260111-dmabuf-revoke-v1-0-fb4bcc8c259b@nvidia.com ------------------------------------------------------------------------- This series documents a dma-buf “revoke” mechanism: to allow a dma-buf exporter to explicitly invalidate (“kill”) a shared buffer after it has been distributed to importers, so that further CPU and device access is prevented and importers reliably observe failure. The change in this series is to properly document and use existing core “revoked” state on the dma-buf object and a corresponding exporter-triggered revoke operation. dma-buf has quietly allowed calling move_notify on pinned dma-bufs, even though legacy importers using dma_buf_attach() would simply ignore these calls. RDMA saw this and needed to use allow_peer2peer=true, so implemented a new-style pinned importer with an explicitly non-working move_notify() callback. This has been tolerable because the existing exporters are thought to only call move_notify() on a pinned DMABUF under RAS events and we have been willing to tolerate the UAF that results by allowing the importer to continue to use the mapping in this rare case. VFIO wants to implement a pin supporting exporter that will issue a revoking move_notify() around FLRs and a few other user triggerable operations. Since this is much more common we are not willing to tolerate the security UAF caused by interworking with non-move_notify() supporting drivers. Thus till now VFIO has required dynamic importers, even though it never actually moves the buffer location. To allow VFIO to work with pinned importers, according to how dma-buf was intended, we need to allow VFIO to detect if an importer is legacy or RDMA and does not actually implement move_notify(). Introduce a new function that exporters can call to detect these less capable importers. VFIO can then refuse to accept them during attach. In theory all exporters that call move_notify() on pinned dma-buf's should call this function, however that would break a number of widely used NIC/GPU flows. Thus for now do not spread this further than VFIO until we can understand how much of RDMA can implement the full semantic. In the process clarify how move_notify is intended to be used with pinned dma-bufs. Thanks Signed-off-by: Leon Romanovsky <leonro(a)nvidia.com> --- Leon Romanovsky (7): dma-buf: Rename .move_notify() callback to a clearer identifier dma-buf: Always build with DMABUF_MOVE_NOTIFY dma-buf: Document RDMA non-ODP invalidate_mapping() special case dma-buf: Add check function for revoke semantics iommufd: Pin dma-buf importer for revoke semantics vfio: Wait for dma-buf invalidation to complete vfio: Validate dma-buf revocation semantics drivers/dma-buf/Kconfig | 12 ----- drivers/dma-buf/dma-buf.c | 69 +++++++++++++++++++++++------ drivers/gpu/drm/amd/amdgpu/amdgpu_dma_buf.c | 14 +++--- drivers/gpu/drm/amd/amdkfd/Kconfig | 2 +- drivers/gpu/drm/virtio/virtgpu_prime.c | 2 +- drivers/gpu/drm/xe/tests/xe_dma_buf.c | 7 ++- drivers/gpu/drm/xe/xe_dma_buf.c | 14 +++--- drivers/infiniband/core/umem_dmabuf.c | 13 +----- drivers/infiniband/hw/mlx5/mr.c | 2 +- drivers/iommu/iommufd/pages.c | 11 ++++- drivers/vfio/pci/vfio_pci_dmabuf.c | 8 ++++ include/linux/dma-buf.h | 9 ++-- 12 files changed, 96 insertions(+), 67 deletions(-) --- base-commit: 9ace4753a5202b02191d54e9fdf7f9e3d02b85eb change-id: 20251221-dmabuf-revoke-b90ef16e4236 Best regards, -- Leon Romanovsky <leonro(a)nvidia.com>

12 minutes

Re: [PATCH v4 8/8] vfio: Validate dma-buf revocation semantics

by Jason Gunthorpe

On Wed, Jan 21, 2026 at 02:47:29PM +0000, Pranjal Shrivastava wrote: > But at the same time, I'd like to discuss if we should think about > changing the dmabuf core, NULL op == success feels like relying on a bug Agree, IMHO, it is surprising and counter intuitive in the kernel that a NULL op means the feature is supported and default to success. Jason

24 minutes

[PATCH v4 0/8] dma-buf: Use revoke mechanism to invalidate shared buffers

by Leon Romanovsky

Changelog: v4: * Changed DMA_RESV_USAGE_KERNEL to DMA_RESV_USAGE_BOOKKEEP. * Made .invalidate_mapping() truly optional. * Added patch which renames dma_buf_move_notify() to be dma_buf_invalidate_mappings(). * Restored dma_buf_attachment_is_dynamic() function. v3: https://lore.kernel.org/all/20260120-dmabuf-revoke-v3-0-b7e0b07b8214@nvidia… * Used Jason's wordings for commits and cover letter. * Removed IOMMUFD patch. * Renamed dma_buf_attachment_is_revoke() to be dma_buf_attach_revocable(). * Added patch to remove CONFIG_DMABUF_MOVE_NOTIFY. * Added Reviewed-by tags. * Called to dma_resv_wait_timeout() after dma_buf_move_notify() in VFIO. * Added dma_buf_attach_revocable() check to VFIO DMABUF attach function. * Slightly changed commit messages. v2: https://patch.msgid.link/20260118-dmabuf-revoke-v2-0-a03bb27c0875@nvidia.com * Changed series to document the revoke semantics instead of implementing it. v1: https://patch.msgid.link/20260111-dmabuf-revoke-v1-0-fb4bcc8c259b@nvidia.com ------------------------------------------------------------------------- This series documents a dma-buf “revoke” mechanism: to allow a dma-buf exporter to explicitly invalidate (“kill”) a shared buffer after it has been distributed to importers, so that further CPU and device access is prevented and importers reliably observe failure. The change in this series is to properly document and use existing core “revoked” state on the dma-buf object and a corresponding exporter-triggered revoke operation. dma-buf has quietly allowed calling move_notify on pinned dma-bufs, even though legacy importers using dma_buf_attach() would simply ignore these calls. RDMA saw this and needed to use allow_peer2peer=true, so implemented a new-style pinned importer with an explicitly non-working move_notify() callback. This has been tolerable because the existing exporters are thought to only call move_notify() on a pinned DMABUF under RAS events and we have been willing to tolerate the UAF that results by allowing the importer to continue to use the mapping in this rare case. VFIO wants to implement a pin supporting exporter that will issue a revoking move_notify() around FLRs and a few other user triggerable operations. Since this is much more common we are not willing to tolerate the security UAF caused by interworking with non-move_notify() supporting drivers. Thus till now VFIO has required dynamic importers, even though it never actually moves the buffer location. To allow VFIO to work with pinned importers, according to how dma-buf was intended, we need to allow VFIO to detect if an importer is legacy or RDMA and does not actually implement move_notify(). In theory all exporters that call move_notify() on pinned dma-buf's should call this function, however that would break a number of widely used NIC/GPU flows. Thus for now do not spread this further than VFIO until we can understand how much of RDMA can implement the full semantic. In the process clarify how move_notify is intended to be used with pinned dma-bufs. Thanks Signed-off-by: Leon Romanovsky <leonro(a)nvidia.com> --- Leon Romanovsky (8): dma-buf: Rename .move_notify() callback to a clearer identifier dma-buf: Rename dma_buf_move_notify() to dma_buf_invalidate_mappings() dma-buf: Always build with DMABUF_MOVE_NOTIFY dma-buf: Make .invalidate_mapping() truly optional dma-buf: Add check function for revoke semantics iommufd: Pin dma-buf importer for revoke semantics vfio: Wait for dma-buf invalidation to complete vfio: Validate dma-buf revocation semantics drivers/dma-buf/Kconfig | 12 ------- drivers/dma-buf/dma-buf.c | 53 ++++++++++++++++++++++------- drivers/gpu/drm/amd/amdgpu/amdgpu_dma_buf.c | 14 +++----- drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 2 +- drivers/gpu/drm/amd/amdkfd/Kconfig | 2 +- drivers/gpu/drm/virtio/virtgpu_prime.c | 2 +- drivers/gpu/drm/xe/tests/xe_dma_buf.c | 7 ++-- drivers/gpu/drm/xe/xe_bo.c | 2 +- drivers/gpu/drm/xe/xe_dma_buf.c | 14 +++----- drivers/infiniband/core/umem_dmabuf.c | 13 ------- drivers/infiniband/hw/mlx5/mr.c | 2 +- drivers/iommu/iommufd/pages.c | 11 ++++-- drivers/iommu/iommufd/selftest.c | 2 +- drivers/vfio/pci/vfio_pci_dmabuf.c | 13 +++++-- include/linux/dma-buf.h | 9 ++--- 15 files changed, 84 insertions(+), 74 deletions(-) --- base-commit: 9ace4753a5202b02191d54e9fdf7f9e3d02b85eb change-id: 20251221-dmabuf-revoke-b90ef16e4236 Best regards, -- Leon Romanovsky <leonro(a)nvidia.com>

27 minutes

Re: types: reuse common phys_vec type instead of DMABUF open‑coded variant

by Leon Romanovsky

On Mon, Jan 19, 2026 at 01:38:38PM -0700, Alex Williamson wrote: > On Wed, 7 Jan 2026 11:14:14 +0200 > Leon Romanovsky <leon(a)kernel.org> wrote: > > > From: Leon Romanovsky <leonro(a)nvidia.com> > > > > After commit fcf463b92a08 ("types: move phys_vec definition to common header"), > > we can use the shared phys_vec type instead of the DMABUF‑specific > > dma_buf_phys_vec, which duplicated the same structure and semantics. > > > > Signed-off-by: Leon Romanovsky <leonro(a)nvidia.com> > > --- > > Alex, > > > > According to diffstat, VFIO is the subsystem with the largest set of changes, > > so it would be great if you could take it through your tree. > > > > The series is based on the for-7.0/blk-pvec shared branch from Jens: > > https://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux.git/log/?h=for-… > > Applied to vfio next branch for v6.20/7.0 and pushed tag > common_phys_vec_via_vfio including this commit and dependency. Thanks. I will pull it right before the RDMA dma-buf exporter patches are ready to be merged. Thanks again. > Thanks, > > Alex > > > > --- > > Cc: linux-media(a)vger.kernel.org > > Cc: dri-devel(a)lists.freedesktop.org > > Cc: linaro-mm-sig(a)lists.linaro.org > > Cc: linux-kernel(a)vger.kernel.org > > Cc: iommu(a)lists.linux.dev > > Cc: kvm(a)vger.kernel.org > > To: Sumit Semwal <sumit.semwal(a)linaro.org> > > To: Christian König <christian.koenig(a)amd.com> > > To: Jason Gunthorpe <jgg(a)ziepe.ca> > > To: Kevin Tian <kevin.tian(a)intel.com> > > To: Joerg Roedel <joro(a)8bytes.org> > > To: Will Deacon <will(a)kernel.org> > > To: Robin Murphy <robin.murphy(a)arm.com> > > To: Yishai Hadas <yishaih(a)nvidia.com> > > To: Shameer Kolothum <skolothumtho(a)nvidia.com> > > To: Ankit Agrawal <ankita(a)nvidia.com> > > To: Alex Williamson <alex(a)shazbot.org> > > Cc: Matthew Wilcox <willy(a)infradead.org> > > Cc: Jens Axboe <axboe(a)kernel.dk> > > --- > > drivers/dma-buf/dma-buf-mapping.c | 6 +++--- > > drivers/iommu/iommufd/io_pagetable.h | 2 +- > > drivers/iommu/iommufd/iommufd_private.h | 5 ++--- > > drivers/iommu/iommufd/pages.c | 4 ++-- > > drivers/iommu/iommufd/selftest.c | 2 +- > > drivers/vfio/pci/nvgrace-gpu/main.c | 2 +- > > drivers/vfio/pci/vfio_pci_dmabuf.c | 8 ++++---- > > include/linux/dma-buf-mapping.h | 2 +- > > include/linux/dma-buf.h | 10 ---------- > > include/linux/vfio_pci_core.h | 13 ++++++------- > > 10 files changed, 21 insertions(+), 33 deletions(-) > > > > diff --git a/drivers/dma-buf/dma-buf-mapping.c b/drivers/dma-buf/dma-buf-mapping.c > > index b7352e609fbd..174677faa577 100644 > > --- a/drivers/dma-buf/dma-buf-mapping.c > > +++ b/drivers/dma-buf/dma-buf-mapping.c > > @@ -33,8 +33,8 @@ static struct scatterlist *fill_sg_entry(struct scatterlist *sgl, size_t length, > > } > > > > static unsigned int calc_sg_nents(struct dma_iova_state *state, > > - struct dma_buf_phys_vec *phys_vec, > > - size_t nr_ranges, size_t size) > > + struct phys_vec *phys_vec, size_t nr_ranges, > > + size_t size) > > { > > unsigned int nents = 0; > > size_t i; > > @@ -91,7 +91,7 @@ struct dma_buf_dma { > > */ > > struct sg_table *dma_buf_phys_vec_to_sgt(struct dma_buf_attachment *attach, > > struct p2pdma_provider *provider, > > - struct dma_buf_phys_vec *phys_vec, > > + struct phys_vec *phys_vec, > > size_t nr_ranges, size_t size, > > enum dma_data_direction dir) > > { > > diff --git a/drivers/iommu/iommufd/io_pagetable.h b/drivers/iommu/iommufd/io_pagetable.h > > index 14cd052fd320..27e3e311d395 100644 > > --- a/drivers/iommu/iommufd/io_pagetable.h > > +++ b/drivers/iommu/iommufd/io_pagetable.h > > @@ -202,7 +202,7 @@ struct iopt_pages_dmabuf_track { > > > > struct iopt_pages_dmabuf { > > struct dma_buf_attachment *attach; > > - struct dma_buf_phys_vec phys; > > + struct phys_vec phys; > > /* Always PAGE_SIZE aligned */ > > unsigned long start; > > struct list_head tracker; > > diff --git a/drivers/iommu/iommufd/iommufd_private.h b/drivers/iommu/iommufd/iommufd_private.h > > index eb6d1a70f673..6ac1965199e9 100644 > > --- a/drivers/iommu/iommufd/iommufd_private.h > > +++ b/drivers/iommu/iommufd/iommufd_private.h > > @@ -20,7 +20,6 @@ struct iommu_group; > > struct iommu_option; > > struct iommufd_device; > > struct dma_buf_attachment; > > -struct dma_buf_phys_vec; > > > > struct iommufd_sw_msi_map { > > struct list_head sw_msi_item; > > @@ -718,7 +717,7 @@ int __init iommufd_test_init(void); > > void iommufd_test_exit(void); > > bool iommufd_selftest_is_mock_dev(struct device *dev); > > int iommufd_test_dma_buf_iommufd_map(struct dma_buf_attachment *attachment, > > - struct dma_buf_phys_vec *phys); > > + struct phys_vec *phys); > > #else > > static inline void iommufd_test_syz_conv_iova_id(struct iommufd_ucmd *ucmd, > > unsigned int ioas_id, > > @@ -742,7 +741,7 @@ static inline bool iommufd_selftest_is_mock_dev(struct device *dev) > > } > > static inline int > > iommufd_test_dma_buf_iommufd_map(struct dma_buf_attachment *attachment, > > - struct dma_buf_phys_vec *phys) > > + struct phys_vec *phys) > > { > > return -EOPNOTSUPP; > > } > > diff --git a/drivers/iommu/iommufd/pages.c b/drivers/iommu/iommufd/pages.c > > index dbe51ecb9a20..bababd564cf9 100644 > > --- a/drivers/iommu/iommufd/pages.c > > +++ b/drivers/iommu/iommufd/pages.c > > @@ -1077,7 +1077,7 @@ static int pfn_reader_user_update_pinned(struct pfn_reader_user *user, > > } > > > > struct pfn_reader_dmabuf { > > - struct dma_buf_phys_vec phys; > > + struct phys_vec phys; > > unsigned long start_offset; > > }; > > > > @@ -1460,7 +1460,7 @@ static struct dma_buf_attach_ops iopt_dmabuf_attach_revoke_ops = { > > */ > > static int > > sym_vfio_pci_dma_buf_iommufd_map(struct dma_buf_attachment *attachment, > > - struct dma_buf_phys_vec *phys) > > + struct phys_vec *phys) > > { > > typeof(&vfio_pci_dma_buf_iommufd_map) fn; > > int rc; > > diff --git a/drivers/iommu/iommufd/selftest.c b/drivers/iommu/iommufd/selftest.c > > index 550ff36dec3a..989d8c4c60a7 100644 > > --- a/drivers/iommu/iommufd/selftest.c > > +++ b/drivers/iommu/iommufd/selftest.c > > @@ -2002,7 +2002,7 @@ static const struct dma_buf_ops iommufd_test_dmabuf_ops = { > > }; > > > > int iommufd_test_dma_buf_iommufd_map(struct dma_buf_attachment *attachment, > > - struct dma_buf_phys_vec *phys) > > + struct phys_vec *phys) > > { > > struct iommufd_test_dma_buf *priv = attachment->dmabuf->priv; > > > > diff --git a/drivers/vfio/pci/nvgrace-gpu/main.c b/drivers/vfio/pci/nvgrace-gpu/main.c > > index 84d142a47ec6..a0f4edd6a30b 100644 > > --- a/drivers/vfio/pci/nvgrace-gpu/main.c > > +++ b/drivers/vfio/pci/nvgrace-gpu/main.c > > @@ -784,7 +784,7 @@ nvgrace_gpu_write(struct vfio_device *core_vdev, > > static int nvgrace_get_dmabuf_phys(struct vfio_pci_core_device *core_vdev, > > struct p2pdma_provider **provider, > > unsigned int region_index, > > - struct dma_buf_phys_vec *phys_vec, > > + struct phys_vec *phys_vec, > > struct vfio_region_dma_range *dma_ranges, > > size_t nr_ranges) > > { > > diff --git a/drivers/vfio/pci/vfio_pci_dmabuf.c b/drivers/vfio/pci/vfio_pci_dmabuf.c > > index d4d0f7d08c53..9a84c238c013 100644 > > --- a/drivers/vfio/pci/vfio_pci_dmabuf.c > > +++ b/drivers/vfio/pci/vfio_pci_dmabuf.c > > @@ -14,7 +14,7 @@ struct vfio_pci_dma_buf { > > struct vfio_pci_core_device *vdev; > > struct list_head dmabufs_elm; > > size_t size; > > - struct dma_buf_phys_vec *phys_vec; > > + struct phys_vec *phys_vec; > > struct p2pdma_provider *provider; > > u32 nr_ranges; > > u8 revoked : 1; > > @@ -94,7 +94,7 @@ static const struct dma_buf_ops vfio_pci_dmabuf_ops = { > > * will fail if it is currently revoked > > */ > > int vfio_pci_dma_buf_iommufd_map(struct dma_buf_attachment *attachment, > > - struct dma_buf_phys_vec *phys) > > + struct phys_vec *phys) > > { > > struct vfio_pci_dma_buf *priv; > > > > @@ -116,7 +116,7 @@ int vfio_pci_dma_buf_iommufd_map(struct dma_buf_attachment *attachment, > > } > > EXPORT_SYMBOL_FOR_MODULES(vfio_pci_dma_buf_iommufd_map, "iommufd"); > > > > -int vfio_pci_core_fill_phys_vec(struct dma_buf_phys_vec *phys_vec, > > +int vfio_pci_core_fill_phys_vec(struct phys_vec *phys_vec, > > struct vfio_region_dma_range *dma_ranges, > > size_t nr_ranges, phys_addr_t start, > > phys_addr_t len) > > @@ -148,7 +148,7 @@ EXPORT_SYMBOL_GPL(vfio_pci_core_fill_phys_vec); > > int vfio_pci_core_get_dmabuf_phys(struct vfio_pci_core_device *vdev, > > struct p2pdma_provider **provider, > > unsigned int region_index, > > - struct dma_buf_phys_vec *phys_vec, > > + struct phys_vec *phys_vec, > > struct vfio_region_dma_range *dma_ranges, > > size_t nr_ranges) > > { > > diff --git a/include/linux/dma-buf-mapping.h b/include/linux/dma-buf-mapping.h > > index a3c0ce2d3a42..09bde3f748e4 100644 > > --- a/include/linux/dma-buf-mapping.h > > +++ b/include/linux/dma-buf-mapping.h > > @@ -9,7 +9,7 @@ > > > > struct sg_table *dma_buf_phys_vec_to_sgt(struct dma_buf_attachment *attach, > > struct p2pdma_provider *provider, > > - struct dma_buf_phys_vec *phys_vec, > > + struct phys_vec *phys_vec, > > size_t nr_ranges, size_t size, > > enum dma_data_direction dir); > > void dma_buf_free_sgt(struct dma_buf_attachment *attach, struct sg_table *sgt, > > diff --git a/include/linux/dma-buf.h b/include/linux/dma-buf.h > > index 0bc492090237..400a5311368e 100644 > > --- a/include/linux/dma-buf.h > > +++ b/include/linux/dma-buf.h > > @@ -531,16 +531,6 @@ struct dma_buf_export_info { > > void *priv; > > }; > > > > -/** > > - * struct dma_buf_phys_vec - describe continuous chunk of memory > > - * @paddr: physical address of that chunk > > - * @len: Length of this chunk > > - */ > > -struct dma_buf_phys_vec { > > - phys_addr_t paddr; > > - size_t len; > > -}; > > - > > /** > > * DEFINE_DMA_BUF_EXPORT_INFO - helper macro for exporters > > * @name: export-info name > > diff --git a/include/linux/vfio_pci_core.h b/include/linux/vfio_pci_core.h > > index 706877f998ff..2ac288bb2c60 100644 > > --- a/include/linux/vfio_pci_core.h > > +++ b/include/linux/vfio_pci_core.h > > @@ -28,7 +28,6 @@ > > struct vfio_pci_core_device; > > struct vfio_pci_region; > > struct p2pdma_provider; > > -struct dma_buf_phys_vec; > > struct dma_buf_attachment; > > > > struct vfio_pci_eventfd { > > @@ -62,25 +61,25 @@ struct vfio_pci_device_ops { > > int (*get_dmabuf_phys)(struct vfio_pci_core_device *vdev, > > struct p2pdma_provider **provider, > > unsigned int region_index, > > - struct dma_buf_phys_vec *phys_vec, > > + struct phys_vec *phys_vec, > > struct vfio_region_dma_range *dma_ranges, > > size_t nr_ranges); > > }; > > > > #if IS_ENABLED(CONFIG_VFIO_PCI_DMABUF) > > -int vfio_pci_core_fill_phys_vec(struct dma_buf_phys_vec *phys_vec, > > +int vfio_pci_core_fill_phys_vec(struct phys_vec *phys_vec, > > struct vfio_region_dma_range *dma_ranges, > > size_t nr_ranges, phys_addr_t start, > > phys_addr_t len); > > int vfio_pci_core_get_dmabuf_phys(struct vfio_pci_core_device *vdev, > > struct p2pdma_provider **provider, > > unsigned int region_index, > > - struct dma_buf_phys_vec *phys_vec, > > + struct phys_vec *phys_vec, > > struct vfio_region_dma_range *dma_ranges, > > size_t nr_ranges); > > #else > > static inline int > > -vfio_pci_core_fill_phys_vec(struct dma_buf_phys_vec *phys_vec, > > +vfio_pci_core_fill_phys_vec(struct phys_vec *phys_vec, > > struct vfio_region_dma_range *dma_ranges, > > size_t nr_ranges, phys_addr_t start, > > phys_addr_t len) > > @@ -89,7 +88,7 @@ vfio_pci_core_fill_phys_vec(struct dma_buf_phys_vec *phys_vec, > > } > > static inline int vfio_pci_core_get_dmabuf_phys( > > struct vfio_pci_core_device *vdev, struct p2pdma_provider **provider, > > - unsigned int region_index, struct dma_buf_phys_vec *phys_vec, > > + unsigned int region_index, struct phys_vec *phys_vec, > > struct vfio_region_dma_range *dma_ranges, size_t nr_ranges) > > { > > return -EOPNOTSUPP; > > @@ -228,6 +227,6 @@ static inline bool is_aligned_for_order(struct vm_area_struct *vma, > > } > > > > int vfio_pci_dma_buf_iommufd_map(struct dma_buf_attachment *attachment, > > - struct dma_buf_phys_vec *phys); > > + struct phys_vec *phys); > > > > #endif /* VFIO_PCI_CORE_H */ > > > > --- > > base-commit: fcf463b92a08686d1aeb1e66674a72eb7a8bfb9b > > change-id: 20260107-convert-to-pvec-bf04dfcf3d12 > > > > Best regards, > > -- > > Leon Romanovsky <leonro(a)nvidia.com> > > > > >

1 hour, 39 minutes

Re: [PATCH v4 8/8] vfio: Validate dma-buf revocation semantics

by Leon Romanovsky

On Wed, Jan 21, 2026 at 02:22:31PM +0000, Pranjal Shrivastava wrote: > On Wed, Jan 21, 2026 at 09:47:12AM -0400, Jason Gunthorpe wrote: > > On Wed, Jan 21, 2026 at 02:59:16PM +0200, Leon Romanovsky wrote: > > > From: Leon Romanovsky <leonro(a)nvidia.com> > > > > > > Use the new dma_buf_attach_revocable() helper to restrict attachments to > > > importers that support mapping invalidation. > > > > > > Signed-off-by: Leon Romanovsky <leonro(a)nvidia.com> > > > --- > > > drivers/vfio/pci/vfio_pci_dmabuf.c | 3 +++ > > > 1 file changed, 3 insertions(+) > > > > > > diff --git a/drivers/vfio/pci/vfio_pci_dmabuf.c b/drivers/vfio/pci/vfio_pci_dmabuf.c > > > index 5fceefc40e27..85056a5a3faf 100644 > > > --- a/drivers/vfio/pci/vfio_pci_dmabuf.c > > > +++ b/drivers/vfio/pci/vfio_pci_dmabuf.c > > > @@ -31,6 +31,9 @@ static int vfio_pci_dma_buf_attach(struct dma_buf *dmabuf, > > > if (priv->revoked) > > > return -ENODEV; > > > > > > + if (!dma_buf_attach_revocable(attachment)) > > > + return -EOPNOTSUPP; > > > + > > > return 0; > > > } > > > > We need to push an urgent -rc fix to implement a pin function here > > that always fails. That was missed and it means things like rdma can > > import vfio when the intention was to block that. It would be bad for > > that uAPI mistake to reach a released kernel. > > > > It's tricky that NULL pin ops means "I support pin" :| > > > > I've been wondering about this for a while now, I've been sitting on the > following: > > diff --git a/drivers/dma-buf/dma-buf.c b/drivers/dma-buf/dma-buf.c > index a4d8f2ff94e4..962bce959366 100644 > --- a/drivers/dma-buf/dma-buf.c > +++ b/drivers/dma-buf/dma-buf.c > @@ -1133,6 +1133,8 @@ int dma_buf_pin(struct dma_buf_attachment *attach) > > if (dmabuf->ops->pin) > ret = dmabuf->ops->pin(attach); > + else > + ret = -EOPNOTSUPP; > > return ret; > } > > But didn't get a chance to dive in the history yet. I thought there's a > good reason we didn't have it? Would it break exisitng dmabuf users? Probably every importer which called to dma_buf_pin() while connecting to existing exporters as many in tree implementation don't have ->pin() implemented. Thanks > > Praan

1 hour, 48 minutes

Re: [PATCH rdma-next 1/2] RDMA/uverbs: Add DMABUF object type and operations

by Jason Gunthorpe

On Thu, Jan 08, 2026 at 01:11:14PM +0200, Edward Srouji wrote: > void rdma_user_mmap_entry_remove(struct rdma_user_mmap_entry *entry) > { > + struct ib_uverbs_dmabuf_file *uverbs_dmabuf, *tmp; > + > if (!entry) > return; > > + mutex_lock(&entry->dmabufs_lock); > xa_lock(&entry->ucontext->mmap_xa); > entry->driver_removed = true; > xa_unlock(&entry->ucontext->mmap_xa); > + list_for_each_entry_safe(uverbs_dmabuf, tmp, &entry->dmabufs, dmabufs_elm) { > + dma_resv_lock(uverbs_dmabuf->dmabuf->resv, NULL); > + list_del(&uverbs_dmabuf->dmabufs_elm); > + uverbs_dmabuf->revoked = true; > + dma_buf_move_notify(uverbs_dmabuf->dmabuf); > + dma_resv_unlock(uverbs_dmabuf->dmabuf->resv); This will need the same wait that Christian pointed out for VFIO.. > diff --git a/drivers/infiniband/core/rdma_core.c b/drivers/infiniband/core/rdma_core.c > index 18918f463361..3e0a8b9cd288 100644 > --- a/drivers/infiniband/core/rdma_core.c > +++ b/drivers/infiniband/core/rdma_core.c > @@ -465,7 +465,7 @@ alloc_begin_fd_uobject(const struct uverbs_api_object *obj, > > fd_type = > container_of(obj->type_attrs, struct uverbs_obj_fd_type, type); > - if (WARN_ON(fd_type->fops->release != &uverbs_uobject_fd_release && > + if (WARN_ON(fd_type->fops && fd_type->fops->release != &uverbs_uobject_fd_release && > fd_type->fops->release != &uverbs_async_event_release)) { > ret = ERR_PTR(-EINVAL); > goto err_fd; > @@ -477,14 +477,16 @@ alloc_begin_fd_uobject(const struct uverbs_api_object *obj, > goto err_fd; > } > > - /* Note that uverbs_uobject_fd_release() is called during abort */ > - filp = anon_inode_getfile(fd_type->name, fd_type->fops, NULL, > - fd_type->flags); > - if (IS_ERR(filp)) { > - ret = ERR_CAST(filp); > - goto err_getfile; > + if (fd_type->fops) { > + /* Note that uverbs_uobject_fd_release() is called during abort */ > + filp = anon_inode_getfile(fd_type->name, fd_type->fops, NULL, > + fd_type->flags); > + if (IS_ERR(filp)) { > + ret = ERR_CAST(filp); > + goto err_getfile; > + } > + uobj->object = filp; > } > - uobj->object = filp; > > uobj->id = new_fd; > return uobj; > @@ -561,7 +563,9 @@ static void alloc_abort_fd_uobject(struct ib_uobject *uobj) > { > struct file *filp = uobj->object; > > - fput(filp); > + if (filp) > + fput(filp); > + > put_unused_fd(uobj->id); This stuff changing hw the uobjects work should probably be in its own patch with its own explanation about creating a uobject that wrappers an externally allocated file descriptor vs this automatic internal allocation. > index 797e2fcc8072..66287e8e7ad7 100644 > --- a/drivers/infiniband/core/uverbs.h > +++ b/drivers/infiniband/core/uverbs.h > @@ -133,6 +133,16 @@ struct ib_uverbs_completion_event_file { > struct ib_uverbs_event_queue ev_queue; > }; > > +struct ib_uverbs_dmabuf_file { > + struct ib_uobject uobj; > + struct dma_buf *dmabuf; > + struct list_head dmabufs_elm; > + struct rdma_user_mmap_entry *mmap_entry; > + struct dma_buf_phys_vec phys_vec; Oh, are we going to have weird merge conflicts with this Leon? > +static int uverbs_dmabuf_attach(struct dma_buf *dmabuf, > + struct dma_buf_attachment *attachment) > +{ > + struct ib_uverbs_dmabuf_file *priv = dmabuf->priv; > + > + if (!attachment->peer2peer) > + return -EOPNOTSUPP; > + > + if (priv->revoked) > + return -ENODEV; This should only be checked in map This should also eventually call the new revoke testing function Leon is adding Jason

2 hours, 17 minutes

Re: [PATCH v3 6/7] vfio: Wait for dma-buf invalidation to complete

by Christian König

On 1/20/26 21:44, Matthew Brost wrote: > On Tue, Jan 20, 2026 at 04:07:06PM +0200, Leon Romanovsky wrote: >> From: Leon Romanovsky <leonro(a)nvidia.com> >> >> dma-buf invalidation is performed asynchronously by hardware, so VFIO must >> wait until all affected objects have been fully invalidated. >> >> Fixes: 5d74781ebc86 ("vfio/pci: Add dma-buf export support for MMIO regions") >> Signed-off-by: Leon Romanovsky <leonro(a)nvidia.com> >> --- >> drivers/vfio/pci/vfio_pci_dmabuf.c | 5 +++++ >> 1 file changed, 5 insertions(+) >> >> diff --git a/drivers/vfio/pci/vfio_pci_dmabuf.c b/drivers/vfio/pci/vfio_pci_dmabuf.c >> index d4d0f7d08c53..33bc6a1909dd 100644 >> --- a/drivers/vfio/pci/vfio_pci_dmabuf.c >> +++ b/drivers/vfio/pci/vfio_pci_dmabuf.c >> @@ -321,6 +321,9 @@ void vfio_pci_dma_buf_move(struct vfio_pci_core_device *vdev, bool revoked) >> dma_resv_lock(priv->dmabuf->resv, NULL); >> priv->revoked = revoked; >> dma_buf_move_notify(priv->dmabuf); >> + dma_resv_wait_timeout(priv->dmabuf->resv, >> + DMA_RESV_USAGE_KERNEL, false, >> + MAX_SCHEDULE_TIMEOUT); > > Should we explicitly call out in the dma_buf_move_notify() / > invalidate_mappings kernel-doc that KERNEL slots are the mechanism > for communicating asynchronous dma_buf_move_notify / > invalidate_mappings events via fences? Oh, I missed that! And no that is not correct. This should be DMA_RESV_USAGE_BOOKKEEP so that we wait for everything. Regards, Christian. > > Yes, this is probably implied, but it wouldn’t hurt to state this > explicitly as part of the cross-driver contract. > > Here is what we have now: > > * - Dynamic importers should set fences for any access that they can't > * disable immediately from their &dma_buf_attach_ops.invalidate_mappings > * callback. > > Matt > >> dma_resv_unlock(priv->dmabuf->resv); >> } >> fput(priv->dmabuf->file); >> @@ -342,6 +345,8 @@ void vfio_pci_dma_buf_cleanup(struct vfio_pci_core_device *vdev) >> priv->vdev = NULL; >> priv->revoked = true; >> dma_buf_move_notify(priv->dmabuf); >> + dma_resv_wait_timeout(priv->dmabuf->resv, DMA_RESV_USAGE_KERNEL, >> + false, MAX_SCHEDULE_TIMEOUT); >> dma_resv_unlock(priv->dmabuf->resv); >> vfio_device_put_registration(&vdev->vdev); >> fput(priv->dmabuf->file); >> >> -- >> 2.52.0 >>

5 hours, 29 minutes

Re: [PATCH 5/9] dma-buf: inline spinlock for fence protection v4

by Christian König

On 1/20/26 12:41, Tvrtko Ursulin wrote: > > On 20/01/2026 10:54, Christian König wrote: >> Implement per-fence spinlocks, allowing implementations to not give an >> external spinlock to protect the fence internal statei. Instead a spinlock >> embedded into the fence structure itself is used in this case. >> >> Shared spinlocks have the problem that implementations need to guarantee >> that the lock live at least as long all fences referencing them. >> >> Using a per-fence spinlock allows completely decoupling spinlock producer >> and consumer life times, simplifying the handling in most use cases. >> >> v2: improve naming, coverage and function documentation >> v3: fix one additional locking in the selftests >> v4: separate out some changes to make the patch smaller, >> fix one amdgpu crash found by CI systems >> >> Signed-off-by: Christian König <christian.koenig(a)amd.com> >> --- >> drivers/dma-buf/dma-fence.c | 25 +++++++++++++++++------- >> drivers/dma-buf/sync_debug.h | 2 +- >> drivers/gpu/drm/amd/amdgpu/amdgpu_vm.h | 2 +- >> drivers/gpu/drm/drm_crtc.c | 2 +- >> drivers/gpu/drm/drm_writeback.c | 2 +- >> drivers/gpu/drm/nouveau/nouveau_fence.c | 3 ++- >> drivers/gpu/drm/qxl/qxl_release.c | 3 ++- >> drivers/gpu/drm/vmwgfx/vmwgfx_fence.c | 3 ++- >> drivers/gpu/drm/xe/xe_hw_fence.c | 3 ++- > > i915 needed changes too, based on the kbuild report. Going to take a look now. > Have you seen my note about the RCU sparse warning as well? Nope, I must have missed that mail. ... >> +/** >> + * dma_fence_spinlock - return pointer to the spinlock protecting the fence >> + * @fence: the fence to get the lock from >> + * >> + * Return either the pointer to the embedded or the external spin lock. >> + */ >> +static inline spinlock_t *dma_fence_spinlock(struct dma_fence *fence) >> +{ >> + return test_bit(DMA_FENCE_FLAG_INLINE_LOCK_BIT, &fence->flags) ? >> + &fence->inline_lock : fence->extern_lock; >> +} > > You did not want to move this helper into "dma-buf: abstract fence locking" ? I was avoiding that to keep the pre-requisite patch smaller, cause this change here seemed independent to that. But thinking about it I could make a third patch which introduces dma_fence_spinlock() and changes all the container_of uses. > I think that would have been better to keep everything mechanical in one patch, and then this patch which changes behaviour does not touch any drivers but only dma-fence core. > > Also, what about adding something like dma_fence_container_of() in that patch as well? I would rather like to avoid that. Using the spinlock pointer with container_of seemed to be a bit of a hack to me in the first place and I don't want to encourage people to do that in new code as well. Regards, Christian. > > Regards, > > Tvrtko > >> + >> /** >> * dma_fence_lock_irqsave - irqsave lock the fence >> * @fence: the fence to lock >> @@ -385,7 +403,7 @@ dma_fence_get_rcu_safe(struct dma_fence __rcu **fencep) >> * Lock the fence, preventing it from changing to the signaled state. >> */ >> #define dma_fence_lock_irqsave(fence, flags) \ >> - spin_lock_irqsave(fence->lock, flags) >> + spin_lock_irqsave(dma_fence_spinlock(fence), flags) >> /** >> * dma_fence_unlock_irqrestore - unlock the fence and irqrestore >> @@ -395,7 +413,7 @@ dma_fence_get_rcu_safe(struct dma_fence __rcu **fencep) >> * Unlock the fence, allowing it to change it's state to signaled again. >> */ >> #define dma_fence_unlock_irqrestore(fence, flags) \ >> - spin_unlock_irqrestore(fence->lock, flags) >> + spin_unlock_irqrestore(dma_fence_spinlock(fence), flags) >> #ifdef CONFIG_LOCKDEP >> bool dma_fence_begin_signalling(void); >

7 hours, 25 minutes

Re: [PATCH v3 6/7] vfio: Wait for dma-buf invalidation to complete

by Leon Romanovsky

On Tue, Jan 20, 2026 at 12:44:50PM -0800, Matthew Brost wrote: > On Tue, Jan 20, 2026 at 04:07:06PM +0200, Leon Romanovsky wrote: > > From: Leon Romanovsky <leonro(a)nvidia.com> > > > > dma-buf invalidation is performed asynchronously by hardware, so VFIO must > > wait until all affected objects have been fully invalidated. > > > > Fixes: 5d74781ebc86 ("vfio/pci: Add dma-buf export support for MMIO regions") > > Signed-off-by: Leon Romanovsky <leonro(a)nvidia.com> > > --- > > drivers/vfio/pci/vfio_pci_dmabuf.c | 5 +++++ > > 1 file changed, 5 insertions(+) > > > > diff --git a/drivers/vfio/pci/vfio_pci_dmabuf.c b/drivers/vfio/pci/vfio_pci_dmabuf.c > > index d4d0f7d08c53..33bc6a1909dd 100644 > > --- a/drivers/vfio/pci/vfio_pci_dmabuf.c > > +++ b/drivers/vfio/pci/vfio_pci_dmabuf.c > > @@ -321,6 +321,9 @@ void vfio_pci_dma_buf_move(struct vfio_pci_core_device *vdev, bool revoked) > > dma_resv_lock(priv->dmabuf->resv, NULL); > > priv->revoked = revoked; > > dma_buf_move_notify(priv->dmabuf); > > + dma_resv_wait_timeout(priv->dmabuf->resv, > > + DMA_RESV_USAGE_KERNEL, false, > > + MAX_SCHEDULE_TIMEOUT); > > Should we explicitly call out in the dma_buf_move_notify() / > invalidate_mappings kernel-doc that KERNEL slots are the mechanism > for communicating asynchronous dma_buf_move_notify / > invalidate_mappings events via fences? > > Yes, this is probably implied, but it wouldn’t hurt to state this > explicitly as part of the cross-driver contract. > > Here is what we have now: > > * - Dynamic importers should set fences for any access that they can't > * disable immediately from their &dma_buf_attach_ops.invalidate_mappings > * callback. I believe I documented this in patch 4: https://lore.kernel.org/all/20260120-dmabuf-revoke-v3-4-b7e0b07b8214@nvidia…" Is there anything else that should be added? 1275 /** 1276 * dma_buf_move_notify - notify attachments that DMA-buf is moving 1277 * 1278 * @dmabuf: [in] buffer which is moving 1279 * 1280 * Informs all attachments that they need to destroy and recreate all their 1281 * mappings. If the attachment is dynamic then the dynamic importer is expected 1282 * to invalidate any caches it has of the mapping result and perform a new 1283 * mapping request before allowing HW to do any further DMA. 1284 * 1285 * If the attachment is pinned then this informs the pinned importer that 1286 * the underlying mapping is no longer available. Pinned importers may take 1287 * this is as a permanent revocation so exporters should not trigger it 1288 * lightly. 1289 * 1290 * For legacy pinned importers that cannot support invalidation this is a NOP. 1291 * Drivers can call dma_buf_attach_revocable() to determine if the importer 1292 * supports this. 1293 * 1294 * NOTE: The invalidation triggers asynchronous HW operation and the callers 1295 * need to wait for this operation to complete by calling 1296 * to dma_resv_wait_timeout(). 1297 */ Thanks > > Matt > > > dma_resv_unlock(priv->dmabuf->resv); > > } > > fput(priv->dmabuf->file); > > @@ -342,6 +345,8 @@ void vfio_pci_dma_buf_cleanup(struct vfio_pci_core_device *vdev) > > priv->vdev = NULL; > > priv->revoked = true; > > dma_buf_move_notify(priv->dmabuf); > > + dma_resv_wait_timeout(priv->dmabuf->resv, DMA_RESV_USAGE_KERNEL, > > + false, MAX_SCHEDULE_TIMEOUT); > > dma_resv_unlock(priv->dmabuf->resv); > > vfio_device_put_registration(&vdev->vdev); > > fput(priv->dmabuf->file); > > > > -- > > 2.52.0 > >

8 hours, 14 minutes

[PATCH] dma-buf: Remove DMA-BUF sysfs stats

by T.J. Mercier

Commit bdb8d06dfefd ("dmabuf: Add the capability to expose DMA-BUF stats in sysfs") added dmabuf statistics to sysfs in 2021 under CONFIG_DMABUF_SYSFS_STATS. After being used in production, performance problems were discovered leading to its deprecation in 2022 in commit e0a9f1fe206a ("dma-buf: deprecate DMABUF_SYSFS_STATS"). Some of the problems with this interface were discussed in my LPC 2025 talk. [1][2] Android was probably the last user of the interface, which has since been migrated to use the dmabuf BPF iterator [3] to obtain the same information more cheaply. As promised in that series, now that the longterm stable 6.18 kernel has been released let's remove the sysfs dmabuf statistics from the kernel. [1] https://www.youtube.com/watch?v=D83qygudq9c [2] https://lpc.events/event/19/contributions/2118/ [3] https://lore.kernel.org/all/20250522230429.941193-1-tjmercier@google.com/ Signed-off-by: T.J. Mercier <tjmercier(a)google.com> --- .../ABI/testing/sysfs-kernel-dmabuf-buffers | 24 --- Documentation/driver-api/dma-buf.rst | 5 - drivers/dma-buf/Kconfig | 15 -- drivers/dma-buf/Makefile | 1 - drivers/dma-buf/dma-buf-sysfs-stats.c | 202 ------------------ drivers/dma-buf/dma-buf-sysfs-stats.h | 35 --- drivers/dma-buf/dma-buf.c | 18 -- include/linux/dma-buf.h | 12 -- 8 files changed, 312 deletions(-) delete mode 100644 Documentation/ABI/testing/sysfs-kernel-dmabuf-buffers delete mode 100644 drivers/dma-buf/dma-buf-sysfs-stats.c delete mode 100644 drivers/dma-buf/dma-buf-sysfs-stats.h diff --git a/Documentation/ABI/testing/sysfs-kernel-dmabuf-buffers b/Documentation/ABI/testing/sysfs-kernel-dmabuf-buffers deleted file mode 100644 index 5d3bc997dc64..000000000000 --- a/Documentation/ABI/testing/sysfs-kernel-dmabuf-buffers +++ /dev/null @@ -1,24 +0,0 @@ -What: /sys/kernel/dmabuf/buffers -Date: May 2021 -KernelVersion: v5.13 -Contact: Hridya Valsaraju <hridya(a)google.com> -Description: The /sys/kernel/dmabuf/buffers directory contains a - snapshot of the internal state of every DMA-BUF. - /sys/kernel/dmabuf/buffers/<inode_number> will contain the - statistics for the DMA-BUF with the unique inode number - <inode_number> -Users: kernel memory tuning/debugging tools - -What: /sys/kernel/dmabuf/buffers/<inode_number>/exporter_name -Date: May 2021 -KernelVersion: v5.13 -Contact: Hridya Valsaraju <hridya(a)google.com> -Description: This file is read-only and contains the name of the exporter of - the DMA-BUF. - -What: /sys/kernel/dmabuf/buffers/<inode_number>/size -Date: May 2021 -KernelVersion: v5.13 -Contact: Hridya Valsaraju <hridya(a)google.com> -Description: This file is read-only and specifies the size of the DMA-BUF in - bytes. diff --git a/Documentation/driver-api/dma-buf.rst b/Documentation/driver-api/dma-buf.rst index 29abf1eebf9f..2f36c21d9948 100644 --- a/Documentation/driver-api/dma-buf.rst +++ b/Documentation/driver-api/dma-buf.rst @@ -125,11 +125,6 @@ Implicit Fence Poll Support .. kernel-doc:: drivers/dma-buf/dma-buf.c :doc: implicit fence polling -DMA-BUF statistics -~~~~~~~~~~~~~~~~~~ -.. kernel-doc:: drivers/dma-buf/dma-buf-sysfs-stats.c - :doc: overview - DMA Buffer ioctls ~~~~~~~~~~~~~~~~~ diff --git a/drivers/dma-buf/Kconfig b/drivers/dma-buf/Kconfig index fdd823e446cc..012d22e941d6 100644 --- a/drivers/dma-buf/Kconfig +++ b/drivers/dma-buf/Kconfig @@ -75,21 +75,6 @@ menuconfig DMABUF_HEAPS allows userspace to allocate dma-bufs that can be shared between drivers. -menuconfig DMABUF_SYSFS_STATS - bool "DMA-BUF sysfs statistics (DEPRECATED)" - depends on DMA_SHARED_BUFFER - help - Choose this option to enable DMA-BUF sysfs statistics - in location /sys/kernel/dmabuf/buffers. - - /sys/kernel/dmabuf/buffers/<inode_number> will contain - statistics for the DMA-BUF with the unique inode number - <inode_number>. - - This option is deprecated and should sooner or later be removed. - Android is the only user of this and it turned out that this resulted - in quite some performance problems. - source "drivers/dma-buf/heaps/Kconfig" endmenu diff --git a/drivers/dma-buf/Makefile b/drivers/dma-buf/Makefile index 2008fb7481b3..7a85565d906b 100644 --- a/drivers/dma-buf/Makefile +++ b/drivers/dma-buf/Makefile @@ -6,7 +6,6 @@ obj-$(CONFIG_DMABUF_HEAPS) += heaps/ obj-$(CONFIG_SYNC_FILE) += sync_file.o obj-$(CONFIG_SW_SYNC) += sw_sync.o sync_debug.o obj-$(CONFIG_UDMABUF) += udmabuf.o -obj-$(CONFIG_DMABUF_SYSFS_STATS) += dma-buf-sysfs-stats.o dmabuf_selftests-y := \ selftest.o \ diff --git a/drivers/dma-buf/dma-buf-sysfs-stats.c b/drivers/dma-buf/dma-buf-sysfs-stats.c deleted file mode 100644 index b5b62e40ccc1..000000000000 --- a/drivers/dma-buf/dma-buf-sysfs-stats.c +++ /dev/null @@ -1,202 +0,0 @@ -// SPDX-License-Identifier: GPL-2.0-only -/* - * DMA-BUF sysfs statistics. - * - * Copyright (C) 2021 Google LLC. - */ - -#include <linux/dma-buf.h> -#include <linux/dma-resv.h> -#include <linux/kobject.h> -#include <linux/printk.h> -#include <linux/slab.h> -#include <linux/sysfs.h> - -#include "dma-buf-sysfs-stats.h" - -#define to_dma_buf_entry_from_kobj(x) container_of(x, struct dma_buf_sysfs_entry, kobj) - -/** - * DOC: overview - * - * ``/sys/kernel/debug/dma_buf/bufinfo`` provides an overview of every DMA-BUF - * in the system. However, since debugfs is not safe to be mounted in - * production, procfs and sysfs can be used to gather DMA-BUF statistics on - * production systems. - * - * The ``/proc/<pid>/fdinfo/<fd>`` files in procfs can be used to gather - * information about DMA-BUF fds. Detailed documentation about the interface - * is present in Documentation/filesystems/proc.rst. - * - * Unfortunately, the existing procfs interfaces can only provide information - * about the DMA-BUFs for which processes hold fds or have the buffers mmapped - * into their address space. This necessitated the creation of the DMA-BUF sysfs - * statistics interface to provide per-buffer information on production systems. - * - * The interface at ``/sys/kernel/dmabuf/buffers`` exposes information about - * every DMA-BUF when ``CONFIG_DMABUF_SYSFS_STATS`` is enabled. - * - * The following stats are exposed by the interface: - * - * * ``/sys/kernel/dmabuf/buffers/<inode_number>/exporter_name`` - * * ``/sys/kernel/dmabuf/buffers/<inode_number>/size`` - * - * The information in the interface can also be used to derive per-exporter - * statistics. The data from the interface can be gathered on error conditions - * or other important events to provide a snapshot of DMA-BUF usage. - * It can also be collected periodically by telemetry to monitor various metrics. - * - * Detailed documentation about the interface is present in - * Documentation/ABI/testing/sysfs-kernel-dmabuf-buffers. - */ - -struct dma_buf_stats_attribute { - struct attribute attr; - ssize_t (*show)(struct dma_buf *dmabuf, - struct dma_buf_stats_attribute *attr, char *buf); -}; -#define to_dma_buf_stats_attr(x) container_of(x, struct dma_buf_stats_attribute, attr) - -static ssize_t dma_buf_stats_attribute_show(struct kobject *kobj, - struct attribute *attr, - char *buf) -{ - struct dma_buf_stats_attribute *attribute; - struct dma_buf_sysfs_entry *sysfs_entry; - struct dma_buf *dmabuf; - - attribute = to_dma_buf_stats_attr(attr); - sysfs_entry = to_dma_buf_entry_from_kobj(kobj); - dmabuf = sysfs_entry->dmabuf; - - if (!dmabuf || !attribute->show) - return -EIO; - - return attribute->show(dmabuf, attribute, buf); -} - -static const struct sysfs_ops dma_buf_stats_sysfs_ops = { - .show = dma_buf_stats_attribute_show, -}; - -static ssize_t exporter_name_show(struct dma_buf *dmabuf, - struct dma_buf_stats_attribute *attr, - char *buf) -{ - return sysfs_emit(buf, "%s\n", dmabuf->exp_name); -} - -static ssize_t size_show(struct dma_buf *dmabuf, - struct dma_buf_stats_attribute *attr, - char *buf) -{ - return sysfs_emit(buf, "%zu\n", dmabuf->size); -} - -static struct dma_buf_stats_attribute exporter_name_attribute = - __ATTR_RO(exporter_name); -static struct dma_buf_stats_attribute size_attribute = __ATTR_RO(size); - -static struct attribute *dma_buf_stats_default_attrs[] = { - &exporter_name_attribute.attr, - &size_attribute.attr, - NULL, -}; -ATTRIBUTE_GROUPS(dma_buf_stats_default); - -static void dma_buf_sysfs_release(struct kobject *kobj) -{ - struct dma_buf_sysfs_entry *sysfs_entry; - - sysfs_entry = to_dma_buf_entry_from_kobj(kobj); - kfree(sysfs_entry); -} - -static const struct kobj_type dma_buf_ktype = { - .sysfs_ops = &dma_buf_stats_sysfs_ops, - .release = dma_buf_sysfs_release, - .default_groups = dma_buf_stats_default_groups, -}; - -void dma_buf_stats_teardown(struct dma_buf *dmabuf) -{ - struct dma_buf_sysfs_entry *sysfs_entry; - - sysfs_entry = dmabuf->sysfs_entry; - if (!sysfs_entry) - return; - - kobject_del(&sysfs_entry->kobj); - kobject_put(&sysfs_entry->kobj); -} - - -/* Statistics files do not need to send uevents. */ -static int dmabuf_sysfs_uevent_filter(const struct kobject *kobj) -{ - return 0; -} - -static const struct kset_uevent_ops dmabuf_sysfs_no_uevent_ops = { - .filter = dmabuf_sysfs_uevent_filter, -}; - -static struct kset *dma_buf_stats_kset; -static struct kset *dma_buf_per_buffer_stats_kset; -int dma_buf_init_sysfs_statistics(void) -{ - dma_buf_stats_kset = kset_create_and_add("dmabuf", - &dmabuf_sysfs_no_uevent_ops, - kernel_kobj); - if (!dma_buf_stats_kset) - return -ENOMEM; - - dma_buf_per_buffer_stats_kset = kset_create_and_add("buffers", - &dmabuf_sysfs_no_uevent_ops, - &dma_buf_stats_kset->kobj); - if (!dma_buf_per_buffer_stats_kset) { - kset_unregister(dma_buf_stats_kset); - return -ENOMEM; - } - - return 0; -} - -void dma_buf_uninit_sysfs_statistics(void) -{ - kset_unregister(dma_buf_per_buffer_stats_kset); - kset_unregister(dma_buf_stats_kset); -} - -int dma_buf_stats_setup(struct dma_buf *dmabuf, struct file *file) -{ - struct dma_buf_sysfs_entry *sysfs_entry; - int ret; - - if (!dmabuf->exp_name) { - pr_err("exporter name must not be empty if stats needed\n"); - return -EINVAL; - } - - sysfs_entry = kzalloc(sizeof(struct dma_buf_sysfs_entry), GFP_KERNEL); - if (!sysfs_entry) - return -ENOMEM; - - sysfs_entry->kobj.kset = dma_buf_per_buffer_stats_kset; - sysfs_entry->dmabuf = dmabuf; - - dmabuf->sysfs_entry = sysfs_entry; - - /* create the directory for buffer stats */ - ret = kobject_init_and_add(&sysfs_entry->kobj, &dma_buf_ktype, NULL, - "%lu", file_inode(file)->i_ino); - if (ret) - goto err_sysfs_dmabuf; - - return 0; - -err_sysfs_dmabuf: - kobject_put(&sysfs_entry->kobj); - dmabuf->sysfs_entry = NULL; - return ret; -} diff --git a/drivers/dma-buf/dma-buf-sysfs-stats.h b/drivers/dma-buf/dma-buf-sysfs-stats.h deleted file mode 100644 index 7a8a995b75ba..000000000000 --- a/drivers/dma-buf/dma-buf-sysfs-stats.h +++ /dev/null @@ -1,35 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0-only */ -/* - * DMA-BUF sysfs statistics. - * - * Copyright (C) 2021 Google LLC. - */ - -#ifndef _DMA_BUF_SYSFS_STATS_H -#define _DMA_BUF_SYSFS_STATS_H - -#ifdef CONFIG_DMABUF_SYSFS_STATS - -int dma_buf_init_sysfs_statistics(void); -void dma_buf_uninit_sysfs_statistics(void); - -int dma_buf_stats_setup(struct dma_buf *dmabuf, struct file *file); - -void dma_buf_stats_teardown(struct dma_buf *dmabuf); -#else - -static inline int dma_buf_init_sysfs_statistics(void) -{ - return 0; -} - -static inline void dma_buf_uninit_sysfs_statistics(void) {} - -static inline int dma_buf_stats_setup(struct dma_buf *dmabuf, struct file *file) -{ - return 0; -} - -static inline void dma_buf_stats_teardown(struct dma_buf *dmabuf) {} -#endif -#endif // _DMA_BUF_SYSFS_STATS_H diff --git a/drivers/dma-buf/dma-buf.c b/drivers/dma-buf/dma-buf.c index a4d8f2ff94e4..8e23580f1754 100644 --- a/drivers/dma-buf/dma-buf.c +++ b/drivers/dma-buf/dma-buf.c @@ -33,8 +33,6 @@ #include <uapi/linux/dma-buf.h> #include <uapi/linux/magic.h> -#include "dma-buf-sysfs-stats.h" - #define CREATE_TRACE_POINTS #include <trace/events/dma_buf.h> @@ -184,7 +182,6 @@ static void dma_buf_release(struct dentry *dentry) */ BUG_ON(dmabuf->cb_in.active || dmabuf->cb_out.active); - dma_buf_stats_teardown(dmabuf); dmabuf->ops->release(dmabuf); if (dmabuf->resv == (struct dma_resv *)&dmabuf[1]) @@ -765,10 +762,6 @@ struct dma_buf *dma_buf_export(const struct dma_buf_export_info *exp_info) dmabuf->resv = resv; } - ret = dma_buf_stats_setup(dmabuf, file); - if (ret) - goto err_dmabuf; - file->private_data = dmabuf; file->f_path.dentry->d_fsdata = dmabuf; dmabuf->file = file; @@ -779,10 +772,6 @@ struct dma_buf *dma_buf_export(const struct dma_buf_export_info *exp_info) return dmabuf; -err_dmabuf: - if (!resv) - dma_resv_fini(dmabuf->resv); - kfree(dmabuf); err_file: fput(file); err_module: @@ -1802,12 +1791,6 @@ static inline void dma_buf_uninit_debugfs(void) static int __init dma_buf_init(void) { - int ret; - - ret = dma_buf_init_sysfs_statistics(); - if (ret) - return ret; - dma_buf_mnt = kern_mount(&dma_buf_fs_type); if (IS_ERR(dma_buf_mnt)) return PTR_ERR(dma_buf_mnt); @@ -1821,6 +1804,5 @@ static void __exit dma_buf_deinit(void) { dma_buf_uninit_debugfs(); kern_unmount(dma_buf_mnt); - dma_buf_uninit_sysfs_statistics(); } __exitcall(dma_buf_deinit); diff --git a/include/linux/dma-buf.h b/include/linux/dma-buf.h index 0bc492090237..91f4939db89b 100644 --- a/include/linux/dma-buf.h +++ b/include/linux/dma-buf.h @@ -429,18 +429,6 @@ struct dma_buf { __poll_t active; } cb_in, cb_out; -#ifdef CONFIG_DMABUF_SYSFS_STATS - /** - * @sysfs_entry: - * - * For exposing information about this buffer in sysfs. See also - * `DMA-BUF statistics`_ for the uapi this enables. - */ - struct dma_buf_sysfs_entry { - struct kobject kobj; - struct dma_buf *dmabuf; - } *sysfs_entry; -#endif }; /** base-commit: 26b4309a3ab82a0697751cde52eb336c29c19035 -- 2.52.0.457.g6b5491de43-goog

18 hours, 18 minutes

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

Linaro-mm-sig