| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 25 Jul 2016 10:50:13 +0100 From: Will Deacon <will.deacon@....com> To: Mitchel Humpherys <mitchelh@...eaurora.org> Cc: iommu@...ts.linux-foundation.org, linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org, Robin Murphy <robin.murphy@....com>, Marek Szyprowski <m.szyprowski@...sung.com>, Jordan Crouse <jcrouse@...eaurora.org>, Jeremy Gebben <jgebben@...eaurora.org>, Patrick Daly <pdaly@...eaurora.org>, Pratik Patel <pratikp@...eaurora.org>, Thomas Zeng <tzeng@...eaurora.org> Subject: Re: [PATCH v3 0/6] Add support for privileged mappings On Fri, Jul 22, 2016 at 01:39:45PM -0700, Mitchel Humpherys wrote: > On Fri, Jul 22 2016 at 05:51:07 PM, Will Deacon <will.deacon@....com> wrote: > > On Tue, Jul 19, 2016 at 01:36:49PM -0700, Mitchel Humpherys wrote: > >> The following patch to the ARM SMMU driver: > >> > >> commit d346180e70b91b3d5a1ae7e5603e65593d4622bc > >> Author: Robin Murphy <robin.murphy@....com> > >> Date: Tue Jan 26 18:06:34 2016 +0000 > >> > >> iommu/arm-smmu: Treat all device transactions as unprivileged > >> > >> started forcing all SMMU transactions to come through as "unprivileged". > >> The rationale given was that: > >> > >> (1) There is no way in the IOMMU API to even request privileged mappings. > >> > >> (2) It's difficult to implement a DMA mapper that correctly models the > >> ARM VMSAv8 behavior of unprivileged-writeable => > >> privileged-execute-never. > >> > >> This series rectifies (1) by introducing an IOMMU API for privileged > >> mappings and implements it in io-pgtable-arm. > >> > >> This series rectifies (2) by introducing a new dma attribute > >> (DMA_ATTR_PRIVILEGED) for users of the DMA API that need privileged > >> mappings which are inaccessible to lesser-privileged execution levels, and > >> implements it in the arm64 IOMMU DMA mapper. The one known user (pl330.c) > >> is converted over to the new attribute. > >> > >> Jordan and Jeremy can provide more info on the use case if needed, but the > >> high level is that it's a security feature to prevent attacks such as [1]. > > > > This all looks good to me: > > > > Acked-by: Will Deacon <will.deacon@....com> > > > > It looks pretty fiddly to merge, however. How are you planning to get > > this upstream? > > Fiddly in what way? Do you mean in relation to "dma-mapping: Use > unsigned long for dma_attrs" [1]? I admit I wasn't aware of that > activity until Robin mentioned it. It looks like it's merged on > next/master, shall I rebase/rework on that and resend? Fiddly in that it touches multiple subsystems. I guess routing it via the iommu tree (Joerg) might be the best bet. Will
Powered by blists - more mailing lists