From: Jan Beulich Date: Thu, 18 Feb 2021 12:16:59 +0000 (+0100) Subject: gnttab: bypass IOMMU (un)mapping when a domain is (un)mapping its own grant X-Git-Tag: archive/raspbian/4.16.0+51-g0941d6cb-1+rpi1~2^2~42^2~894 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=e8185c5f01c68f7d29d23a4a91bc1be1ff2cc1ca;p=xen.git gnttab: bypass IOMMU (un)mapping when a domain is (un)mapping its own grant Mappings for a domain's own pages should already be present in the IOMMU. While installing the same mapping again is merely redundant (and inefficient), removing the mapping when the grant mapping gets removed is outright wrong in this case: The mapping was there before the map, so should remain in place after unmapping. This affects - Arm Dom0 in the direct mapped case, - x86 PV Dom0 in the "iommu=dom0-strict" / "dom0-iommu=strict" case, - all x86 PV DomU-s, including driver domains. See the code comment for why it's the original domain and not the page owner that gets compared against. Reported-by: Rahul Singh Signed-off-by: Jan Beulich Reviewed-by: Julien Grall --- diff --git a/xen/common/grant_table.c b/xen/common/grant_table.c index 4902598c8f..f937c1d350 100644 --- a/xen/common/grant_table.c +++ b/xen/common/grant_table.c @@ -1243,7 +1243,14 @@ map_grant_ref( goto undo_out; } - need_iommu = gnttab_need_iommu_mapping(ld); + /* + * This is deliberately not checking the page's owner: get_paged_frame() + * explicitly rejects foreign pages, and all success paths above yield + * either owner == rd or owner == dom_io (the dom_cow case is irrelevant + * as mem-sharing and IOMMU use are incompatible). The dom_io case would + * need checking separately if we compared against owner here. + */ + need_iommu = ld != rd && gnttab_need_iommu_mapping(ld); if ( need_iommu ) { unsigned int kind; @@ -1493,7 +1500,8 @@ unmap_common( if ( put_handle ) put_maptrack_handle(lgt, op->handle); - if ( rc == GNTST_okay && gnttab_need_iommu_mapping(ld) ) + /* See the respective comment in map_grant_ref(). */ + if ( rc == GNTST_okay && ld != rd && gnttab_need_iommu_mapping(ld) ) { unsigned int kind; int err = 0;