iommufd: Add iommufd_object_tombstone_user() helper
Add the iommufd_object_tombstone_user() helper, which allows the caller to destroy an iommufd object created by userspace. This is useful on some destroy paths when the kernel caller finds the object should have been removed by userspace but is still alive. With this helper, the caller destroys the object but leave the object ID reserved (so called tombstone). The tombstone prevents repurposing the object ID without awareness of the original user. Since this happens for abnormal userspace behavior, for simplicity, the tombstoned object ID would be permanently leaked until iommufd_fops_release(). I.e. the original user gets an error when calling ioctl(IOMMU_DESTROY) on that ID. The first use case would be to ensure the iommufd_vdevice can't outlive the associated iommufd_device. Link: https://patch.msgid.link/r/20250716070349.1807226-3-yilun.xu@linux.intel.com Suggested-by:Jason Gunthorpe <jgg@nvidia.com> Reviewed-by:
Lu Baolu <baolu.lu@linux.intel.com> Reviewed-by:
Nicolin Chen <nicolinc@nvidia.com> Reviewed-by:
Kevin Tian <kevin.tian@intel.com> Reviewed-by:
"Aneesh Kumar K.V (Arm)" <aneesh.kumar@kernel.org> Signed-off-by:
Xu Yilun <yilun.xu@linux.intel.com> Signed-off-by:
Loading
Please sign in to comment