From 9b6054a63ebae032cd14dc610ed6d7c21e7e7a2f Mon Sep 17 00:00:00 2001 From: Jan Beulich Date: Fri, 5 Mar 2021 15:34:53 +0100 Subject: [PATCH] gnttab: bypass IOMMU (un)mapping when a domain is (un)mapping its own grant Mappings for a domain's own pages should already be present in the IOMMU. While installing the same mapping again is merely redundant (and inefficient), removing the mapping when the grant mapping gets removed is outright wrong in this case: The mapping was there before the map, so should remain in place after unmapping. This affects - Arm Dom0 in the direct mapped case, - x86 PV Dom0 in the "iommu=dom0-strict" / "dom0-iommu=strict" case, - all x86 PV DomU-s, including driver domains. See the code comment for why it's the original domain and not the page owner that gets compared against. Reported-by: Rahul Singh Signed-off-by: Jan Beulich Reviewed-by: Julien Grall master commit: e8185c5f01c68f7d29d23a4a91bc1be1ff2cc1ca master date: 2021-02-18 13:16:59 +0100 --- xen/common/grant_table.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/xen/common/grant_table.c b/xen/common/grant_table.c index 4a6ae52ae3..5239d1395c 100644 --- a/xen/common/grant_table.c +++ b/xen/common/grant_table.c @@ -1207,7 +1207,14 @@ map_grant_ref( goto undo_out; } - need_iommu = gnttab_need_iommu_mapping(ld); + /* + * This is deliberately not checking the page's owner: get_paged_frame() + * explicitly rejects foreign pages, and all success paths above yield + * either owner == rd or owner == dom_io (the dom_cow case is irrelevant + * as mem-sharing and IOMMU use are incompatible). The dom_io case would + * need checking separately if we compared against owner here. + */ + need_iommu = ld != rd && gnttab_need_iommu_mapping(ld); if ( need_iommu ) { unsigned int kind; @@ -1471,7 +1478,8 @@ unmap_common( if ( put_handle ) put_maptrack_handle(lgt, op->handle); - if ( rc == GNTST_okay && gnttab_need_iommu_mapping(ld) ) + /* See the respective comment in map_grant_ref(). */ + if ( rc == GNTST_okay && ld != rd && gnttab_need_iommu_mapping(ld) ) { unsigned int kind; int err = 0; -- 2.30.2