Zhangfei Gao df1b056d48 uacce: use q->mapping to replace inode->i_mapping
The inode can be different in a container, for example, a docker and host
both open the same uacce parent device, which uses the same uacce struct
but different inode, so uacce->inode is not enough.

What's worse, when docker stops, the inode will be destroyed as well,
causing use-after-free in uacce_remove.

So use q->mapping to replace uacce->inode->i_mapping.

Signed-off-by: Weili Qian <qianweili@huawei.com>
Signed-off-by: Zhangfei Gao <zhangfei.gao@linaro.org>
Link: https://lore.kernel.org/r/20230511095921.9331-2-zhangfei.gao@linaro.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-05-31 19:00:26 +01:00

162 lines
4.4 KiB
C

/* SPDX-License-Identifier: GPL-2.0-or-later */
#ifndef _LINUX_UACCE_H
#define _LINUX_UACCE_H
#include <linux/cdev.h>
#include <uapi/misc/uacce/uacce.h>
#define UACCE_NAME "uacce"
#define UACCE_MAX_REGION 2
#define UACCE_MAX_NAME_SIZE 64
#define UACCE_MAX_ERR_THRESHOLD 65535
struct uacce_queue;
struct uacce_device;
/**
* struct uacce_qfile_region - structure of queue file region
* @type: type of the region
*/
struct uacce_qfile_region {
enum uacce_qfrt type;
};
/**
* struct uacce_ops - uacce device operations
* @get_available_instances: get available instances left of the device
* @get_queue: get a queue from the device
* @put_queue: free a queue to the device
* @start_queue: make the queue start work after get_queue
* @stop_queue: make the queue stop work before put_queue
* @is_q_updated: check whether the task is finished
* @mmap: mmap addresses of queue to user space
* @ioctl: ioctl for user space users of the queue
* @get_isolate_state: get the device state after set the isolate strategy
* @isolate_err_threshold_write: stored the isolate error threshold to the device
* @isolate_err_threshold_read: read the isolate error threshold value from the device
*/
struct uacce_ops {
int (*get_available_instances)(struct uacce_device *uacce);
int (*get_queue)(struct uacce_device *uacce, unsigned long arg,
struct uacce_queue *q);
void (*put_queue)(struct uacce_queue *q);
int (*start_queue)(struct uacce_queue *q);
void (*stop_queue)(struct uacce_queue *q);
int (*is_q_updated)(struct uacce_queue *q);
int (*mmap)(struct uacce_queue *q, struct vm_area_struct *vma,
struct uacce_qfile_region *qfr);
long (*ioctl)(struct uacce_queue *q, unsigned int cmd,
unsigned long arg);
enum uacce_dev_state (*get_isolate_state)(struct uacce_device *uacce);
int (*isolate_err_threshold_write)(struct uacce_device *uacce, u32 num);
u32 (*isolate_err_threshold_read)(struct uacce_device *uacce);
};
/**
* struct uacce_interface - interface required for uacce_register()
* @name: the uacce device name. Will show up in sysfs
* @flags: uacce device attributes
* @ops: pointer to the struct uacce_ops
*/
struct uacce_interface {
char name[UACCE_MAX_NAME_SIZE];
unsigned int flags;
const struct uacce_ops *ops;
};
enum uacce_dev_state {
UACCE_DEV_NORMAL,
UACCE_DEV_ISOLATE,
};
enum uacce_q_state {
UACCE_Q_ZOMBIE = 0,
UACCE_Q_INIT,
UACCE_Q_STARTED,
};
/**
* struct uacce_queue
* @uacce: pointer to uacce
* @priv: private pointer
* @wait: wait queue head
* @list: index into uacce queues list
* @qfrs: pointer of qfr regions
* @mutex: protects queue state
* @state: queue state machine
* @pasid: pasid associated to the mm
* @handle: iommu_sva handle returned by iommu_sva_bind_device()
* @mapping: user space mapping of the queue
*/
struct uacce_queue {
struct uacce_device *uacce;
void *priv;
wait_queue_head_t wait;
struct list_head list;
struct uacce_qfile_region *qfrs[UACCE_MAX_REGION];
struct mutex mutex;
enum uacce_q_state state;
u32 pasid;
struct iommu_sva *handle;
struct address_space *mapping;
};
/**
* struct uacce_device
* @algs: supported algorithms
* @api_ver: api version
* @ops: pointer to the struct uacce_ops
* @qf_pg_num: page numbers of the queue file regions
* @parent: pointer to the parent device
* @is_vf: whether virtual function
* @flags: uacce attributes
* @dev_id: id of the uacce device
* @cdev: cdev of the uacce
* @dev: dev of the uacce
* @mutex: protects uacce operation
* @priv: private pointer of the uacce
* @queues: list of queues
*/
struct uacce_device {
const char *algs;
const char *api_ver;
const struct uacce_ops *ops;
unsigned long qf_pg_num[UACCE_MAX_REGION];
struct device *parent;
bool is_vf;
u32 flags;
u32 dev_id;
struct cdev *cdev;
struct device dev;
struct mutex mutex;
void *priv;
struct list_head queues;
};
#if IS_ENABLED(CONFIG_UACCE)
struct uacce_device *uacce_alloc(struct device *parent,
struct uacce_interface *interface);
int uacce_register(struct uacce_device *uacce);
void uacce_remove(struct uacce_device *uacce);
#else /* CONFIG_UACCE */
static inline
struct uacce_device *uacce_alloc(struct device *parent,
struct uacce_interface *interface)
{
return ERR_PTR(-ENODEV);
}
static inline int uacce_register(struct uacce_device *uacce)
{
return -EINVAL;
}
static inline void uacce_remove(struct uacce_device *uacce) {}
#endif /* CONFIG_UACCE */
#endif /* _LINUX_UACCE_H */