| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 2 May 2019 14:06:24 +0100
From: Lorenzo Pieralisi <lorenzo.pieralisi@....com>
To: Robin Murphy <robin.murphy@....com>
Cc: Srinath Mannam <srinath.mannam@...adcom.com>,
Bjorn Helgaas <bhelgaas@...gle.com>,
Eric Auger <eric.auger@...hat.com>,
Joerg Roedel <joro@...tes.org>, poza@...eaurora.org,
Ray Jui <rjui@...adcom.com>,
bcm-kernel-feedback-list@...adcom.com, linux-pci@...r.kernel.org,
iommu@...ts.linux-foundation.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v5 2/3] iommu/dma: Reserve IOVA for PCIe inaccessible DMA
address
On Thu, May 02, 2019 at 12:27:02PM +0100, Robin Murphy wrote:
> Hi Lorenzo,
>
> On 02/05/2019 12:01, Lorenzo Pieralisi wrote:
> > On Wed, May 01, 2019 at 11:06:25PM +0530, Srinath Mannam wrote:
> > > dma_ranges field of PCI host bridge structure has resource entries in
> > > sorted order of address range given through dma-ranges DT property. This
> > > list is the accessible DMA address range. So that this resource list will
> > > be processed and reserve IOVA address to the inaccessible address holes in
> > > the list.
> > >
> > > This method is similar to PCI IO resources address ranges reserving in
> > > IOMMU for each EP connected to host bridge.
> > >
> > > Signed-off-by: Srinath Mannam <srinath.mannam@...adcom.com>
> > > Based-on-patch-by: Oza Pawandeep <oza.oza@...adcom.com>
> > > Reviewed-by: Oza Pawandeep <poza@...eaurora.org>
> > > Acked-by: Robin Murphy <robin.murphy@....com>
> > > ---
> > > drivers/iommu/dma-iommu.c | 19 +++++++++++++++++++
> > > 1 file changed, 19 insertions(+)
> > >
> > > diff --git a/drivers/iommu/dma-iommu.c b/drivers/iommu/dma-iommu.c
> > > index 77aabe6..da94844 100644
> > > --- a/drivers/iommu/dma-iommu.c
> > > +++ b/drivers/iommu/dma-iommu.c
> > > @@ -212,6 +212,7 @@ static void iova_reserve_pci_windows(struct pci_dev *dev,
> > > struct pci_host_bridge *bridge = pci_find_host_bridge(dev->bus);
> > > struct resource_entry *window;
> > > unsigned long lo, hi;
> > > + phys_addr_t start = 0, end;
> > > resource_list_for_each_entry(window, &bridge->windows) {
> > > if (resource_type(window->res) != IORESOURCE_MEM)
> > > @@ -221,6 +222,24 @@ static void iova_reserve_pci_windows(struct pci_dev *dev,
> > > hi = iova_pfn(iovad, window->res->end - window->offset);
> > > reserve_iova(iovad, lo, hi);
> > > }
> > > +
> > > + /* Get reserved DMA windows from host bridge */
> > > + resource_list_for_each_entry(window, &bridge->dma_ranges) {
> >
> > If this list is not sorted it seems to me the logic in this loop is
> > broken and you can't rely on callers to sort it because it is not a
> > written requirement and it is not enforced (you know because you
> > wrote the code but any other developer is not supposed to guess
> > it).
> >
> > Can't we rewrite this loop so that it does not rely on list
> > entries order ?
>
> The original idea was that callers should be required to provide a sorted
> list, since it keeps things nice and simple...
I understand, if it was self-contained in driver code that would be fine
but in core code with possible multiple consumers this must be
documented/enforced, somehow.
> > I won't merge this series unless you sort it, no pun intended.
> >
> > Lorenzo
> >
> > > + end = window->res->start - window->offset;
>
> ...so would you consider it sufficient to add
>
> if (end < start)
> dev_err(...);
We should also revert any IOVA reservation we did prior to this
error, right ?
Anyway, I think it is best to ensure it *is* sorted.
> here, plus commenting the definition of pci_host_bridge::dma_ranges
> that it must be sorted in ascending order?
I don't think that commenting dma_ranges would help much, I am more
keen on making it work by construction.
> [ I guess it might even make sense to factor out the parsing and list
> construction from patch #3 into an of_pci core helper from the beginning, so
> that there's even less chance of another driver reimplementing it
> incorrectly in future. ]
This makes sense IMO and I would like to take this approach if you
don't mind.
Either this or we move the whole IOVA reservation and dma-ranges
parsing into PCI IProc.
> Failing that, although I do prefer the "simple by construction"
> approach, I'd have no objection to just sticking a list_sort() call in
> here instead, if you'd rather it be entirely bulletproof.
I think what you outline above is a sensible way forward - if we
miss the merge window so be it.
Thanks,
Lorenzo
> Robin.
>
> > > +resv_iova:
> > > + if (end - start) {
> > > + lo = iova_pfn(iovad, start);
> > > + hi = iova_pfn(iovad, end);
> > > + reserve_iova(iovad, lo, hi);
> > > + }
> > > + start = window->res->end - window->offset + 1;
> > > + /* If window is last entry */
> > > + if (window->node.next == &bridge->dma_ranges &&
> > > + end != ~(dma_addr_t)0) {
> > > + end = ~(dma_addr_t)0;
> > > + goto resv_iova;
> > > + }
> > > + }
> > > }
> > > static int iova_reserve_iommu_regions(struct device *dev,
> > > --
> > > 2.7.4
> > >
Powered by blists - more mailing lists