iommu: Add new iommu op to create domains owned by userspace
mainline inclusion from mainline-v6.7-rc1 commit 909f4abd1097769d024c3a9c2e59c2fbe5d2d0c0 category: feature bugzilla: https://gitee.com/openeuler/intel-kernel/issues/I8Y6AM CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?909f4abd1097769d024c3a9c2e59c2fbe5d2d0c0 -------------------------------- Introduce a new iommu_domain op to create domains owned by userspace, e.g. through IOMMUFD. These domains have a few different properties compares to kernel owned domains: - They may be PAGING domains, but created with special parameters. For instance aperture size changes/number of levels, different IOPTE formats, or other things necessary to make a vIOMMU work - We have to track all the memory allocations with GFP_KERNEL_ACCOUNT to make the cgroup sandbox stronger - Device-specialty domains, such as NESTED domains can be created by IOMMUFD. The new op clearly says the domain is being created by IOMMUFD, that the domain is intended for userspace use, and it provides a way to pass user flags or a driver specific uAPI structure to customize the created domain to exactly what the vIOMMU userspace driver requires. iommu drivers that cannot support VFIO/IOMMUFD should not support this op. This includes any driver that cannot provide a fully functional PAGING domain. This new op for now is only supposed to be used by IOMMUFD, hence no wrapper for it. IOMMUFD would call the callback directly. As for domain free, IOMMUFD would use iommu_domain_free(). Intel-SIG: 909f4abd1097 iommu: Add new iommu op to create domains owned by userspace Backport IOMMUFD Dirty Tracking Link: https://lore.kernel.org/r/20230928071528.26258-2-yi.l.liu@intel.com Suggested-by:Jason Gunthorpe <jgg@nvidia.com> Signed-off-by:
Loading
Please sign in to comment