| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 19 Apr 2016 18:04:25 -0700 From: Stephen Boyd <stephen.boyd@...aro.org> To: linux-kernel@...r.kernel.org Cc: linux-arm@...ts.infradead.org, Robin Murphy <robin.murphy@....com>, Laura Abbott <labbott@...hat.com>, Arnd Bergmann <arnd@...db.de>, Marek Szyprowski <m.szyprowski@...sung.com>, Mimi Zohar <zohar@...ux.vnet.ibm.com>, Andrew Morton <akpm@...ux-foundation.org>, Mark Brown <broonie@...nel.org>, Catalin Marinas <catalin.marinas@....com>, Will Deacon <will.deacon@....com>, Ming Lei <ming.lei@...onical.com> Subject: [RFC/PATCHv2 v2 0/4] request_firmware() on memory constrained devices I'm sending this again to solicit feedback on if this is even the right approach. After Mimi's patches that change where firmware loading code is done, I've had to modify fs/exec.c and add a struct to linux/fs.h, and that feels wrong. If that is OK, then my only other concern is doing the security checks a page at at time vs. all at once on the whole buffer. If there isn't any opposition to doing that I'll start working on the necessary changes. Some systems are memory constrained but they need to load very large firmwares. The firmware subsystem allows drivers to request this firmware be loaded from the filesystem, but this requires that the entire firmware be loaded into kernel memory first before it's provided to the driver. This can lead to a situation where we map the firmware twice, once to load the firmware into kernel memory and once to copy the firmware into the final resting place. This design creates needless memory pressure and delays loading because we have to copy from kernel memory to somewhere else. This patch sets adds support to the request firmware and DMA APIs to map DMA buffers a page at a time and load the firmware directly into those pages, skipping the intermediate copying step and alleviating memory pressure during firmware loading. The drawback is that we can't use the firmware caching feature because the memory for the firmware cache is never allocated. Patches based on v4.6-rc1. Changes since v1: * Rebased onto v4.6-rc1 (large conflicts due to movement of code from Mimi) * Added some CONFIG_HAS_DMA ifdefs around code that's using DMA ops TODO: * Performance metrics for DMA vs. non-DMA based loading * Test on tiny memory parts with big firmwares * Integrate/test with IMA/security checks Laura Abbott (1): dma-mapping: Add dma_remap() APIs Stephen Boyd (2): ARM64: dma: Add support for NO_KERNEL_MAPPING attribute firmware: Support requesting firmware directly into DMA memory Vikram Mulukutla (1): firmware_class: Provide infrastructure to make fw caching optional arch/arm64/mm/dma-mapping.c | 78 ++++++++++++++-- drivers/base/firmware_class.c | 192 +++++++++++++++++++++++++++++----------- fs/exec.c | 95 +++++++++++++++----- include/linux/dma-mapping.h | 35 ++++++++ include/linux/firmware.h | 13 +++ include/linux/fs.h | 14 ++- security/integrity/ima/ima_fs.c | 3 +- 7 files changed, 347 insertions(+), 83 deletions(-) -- 2.8.0.rc4
Powered by blists - more mailing lists