lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20190502130624.GA10470@e121166-lin.cambridge.arm.com>
Date:   Thu, 2 May 2019 14:06:24 +0100
From:   Lorenzo Pieralisi <lorenzo.pieralisi@....com>
To:     Robin Murphy <robin.murphy@....com>
Cc:     Srinath Mannam <srinath.mannam@...adcom.com>,
        Bjorn Helgaas <bhelgaas@...gle.com>,
        Eric Auger <eric.auger@...hat.com>,
        Joerg Roedel <joro@...tes.org>, poza@...eaurora.org,
        Ray Jui <rjui@...adcom.com>,
        bcm-kernel-feedback-list@...adcom.com, linux-pci@...r.kernel.org,
        iommu@...ts.linux-foundation.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v5 2/3] iommu/dma: Reserve IOVA for PCIe inaccessible DMA
 address

On Thu, May 02, 2019 at 12:27:02PM +0100, Robin Murphy wrote:
> Hi Lorenzo,
> 
> On 02/05/2019 12:01, Lorenzo Pieralisi wrote:
> > On Wed, May 01, 2019 at 11:06:25PM +0530, Srinath Mannam wrote:
> > > dma_ranges field of PCI host bridge structure has resource entries in
> > > sorted order of address range given through dma-ranges DT property. This
> > > list is the accessible DMA address range. So that this resource list will
> > > be processed and reserve IOVA address to the inaccessible address holes in
> > > the list.
> > > 
> > > This method is similar to PCI IO resources address ranges reserving in
> > > IOMMU for each EP connected to host bridge.
> > > 
> > > Signed-off-by: Srinath Mannam <srinath.mannam@...adcom.com>
> > > Based-on-patch-by: Oza Pawandeep <oza.oza@...adcom.com>
> > > Reviewed-by: Oza Pawandeep <poza@...eaurora.org>
> > > Acked-by: Robin Murphy <robin.murphy@....com>
> > > ---
> > >   drivers/iommu/dma-iommu.c | 19 +++++++++++++++++++
> > >   1 file changed, 19 insertions(+)
> > > 
> > > diff --git a/drivers/iommu/dma-iommu.c b/drivers/iommu/dma-iommu.c
> > > index 77aabe6..da94844 100644
> > > --- a/drivers/iommu/dma-iommu.c
> > > +++ b/drivers/iommu/dma-iommu.c
> > > @@ -212,6 +212,7 @@ static void iova_reserve_pci_windows(struct pci_dev *dev,
> > >   	struct pci_host_bridge *bridge = pci_find_host_bridge(dev->bus);
> > >   	struct resource_entry *window;
> > >   	unsigned long lo, hi;
> > > +	phys_addr_t start = 0, end;
> > >   	resource_list_for_each_entry(window, &bridge->windows) {
> > >   		if (resource_type(window->res) != IORESOURCE_MEM)
> > > @@ -221,6 +222,24 @@ static void iova_reserve_pci_windows(struct pci_dev *dev,
> > >   		hi = iova_pfn(iovad, window->res->end - window->offset);
> > >   		reserve_iova(iovad, lo, hi);
> > >   	}
> > > +
> > > +	/* Get reserved DMA windows from host bridge */
> > > +	resource_list_for_each_entry(window, &bridge->dma_ranges) {
> > 
> > If this list is not sorted it seems to me the logic in this loop is
> > broken and you can't rely on callers to sort it because it is not a
> > written requirement and it is not enforced (you know because you
> > wrote the code but any other developer is not supposed to guess
> > it).
> > 
> > Can't we rewrite this loop so that it does not rely on list
> > entries order ?
> 
> The original idea was that callers should be required to provide a sorted
> list, since it keeps things nice and simple...

I understand, if it was self-contained in driver code that would be fine
but in core code with possible multiple consumers this must be
documented/enforced, somehow.

> > I won't merge this series unless you sort it, no pun intended.
> > 
> > Lorenzo
> > 
> > > +		end = window->res->start - window->offset;
> 
> ...so would you consider it sufficient to add
> 
> 		if (end < start)
> 			dev_err(...);

We should also revert any IOVA reservation we did prior to this
error, right ?

Anyway, I think it is best to ensure it *is* sorted.

> here, plus commenting the definition of pci_host_bridge::dma_ranges
> that it must be sorted in ascending order?

I don't think that commenting dma_ranges would help much, I am more
keen on making it work by construction.

> [ I guess it might even make sense to factor out the parsing and list
> construction from patch #3 into an of_pci core helper from the beginning, so
> that there's even less chance of another driver reimplementing it
> incorrectly in future. ]

This makes sense IMO and I would like to take this approach if you
don't mind.

Either this or we move the whole IOVA reservation and dma-ranges
parsing into PCI IProc.

> Failing that, although I do prefer the "simple by construction"
> approach, I'd have no objection to just sticking a list_sort() call in
> here instead, if you'd rather it be entirely bulletproof.

I think what you outline above is a sensible way forward - if we
miss the merge window so be it.

Thanks,
Lorenzo

> Robin.
> 
> > > +resv_iova:
> > > +		if (end - start) {
> > > +			lo = iova_pfn(iovad, start);
> > > +			hi = iova_pfn(iovad, end);
> > > +			reserve_iova(iovad, lo, hi);
> > > +		}
> > > +		start = window->res->end - window->offset + 1;
> > > +		/* If window is last entry */
> > > +		if (window->node.next == &bridge->dma_ranges &&
> > > +		    end != ~(dma_addr_t)0) {
> > > +			end = ~(dma_addr_t)0;
> > > +			goto resv_iova;
> > > +		}
> > > +	}
> > >   }
> > >   static int iova_reserve_iommu_regions(struct device *dev,
> > > -- 
> > > 2.7.4
> > > 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ