| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87k1bpzrfl.fsf@morokweng.localdomain>
Date: Tue, 06 Aug 2019 22:37:34 -0300
From: Thiago Jung Bauermann <bauerman@...ux.ibm.com>
To: Christoph Hellwig <hch@....de>
Cc: linuxppc-dev@...ts.ozlabs.org, linux-kernel@...r.kernel.org,
Alexey Kardashevskiy <aik@...abs.ru>,
Anshuman Khandual <anshuman.linux@...il.com>,
Benjamin Herrenschmidt <benh@...nel.crashing.org>,
Michael Ellerman <mpe@...erman.id.au>,
Mike Anderson <andmike@...ux.ibm.com>,
Paul Mackerras <paulus@...ba.org>,
Ram Pai <linuxram@...ibm.com>,
Claudio Carvalho <cclaudio@...ux.ibm.com>
Subject: Re: [PATCH v3 13/16] powerpc/pseries/iommu: Don't use dma_iommu_ops on secure guests
Hello Christoph,
Thanks for your review.
Christoph Hellwig <hch@....de> writes:
> On Tue, Aug 06, 2019 at 02:22:34AM -0300, Thiago Jung Bauermann wrote:
>> @@ -1318,7 +1319,10 @@ void iommu_init_early_pSeries(void)
>> of_reconfig_notifier_register(&iommu_reconfig_nb);
>> register_memory_notifier(&iommu_mem_nb);
>>
>> - set_pci_dma_ops(&dma_iommu_ops);
>> + if (is_secure_guest())
>> + set_pci_dma_ops(NULL);
>> + else
>> + set_pci_dma_ops(&dma_iommu_ops);
>
> Shoudn't:
>
> if (!is_secure_guest())
> set_pci_dma_ops(&dma_iommu_ops);
>
> be enough here, given that NULL is the default?
Indeed, it is enough.
> Also either way I think this conditional needs a comment explaining
> why it is there.
Good point. I added the commit message as a comment in the code.
New version of this patch below.
>From 5dc3914efa4765eef2869d554d4ea1c676bb1e75 Mon Sep 17 00:00:00 2001
From: Thiago Jung Bauermann <bauerman@...ux.ibm.com>
Date: Thu, 24 Jan 2019 22:40:16 -0200
Subject: [PATCH] powerpc/pseries/iommu: Don't use dma_iommu_ops on secure
guests
Secure guest memory is inacessible to devices so regular DMA isn't
possible.
In that case set devices' dma_map_ops to NULL so that the generic
DMA code path will use SWIOTLB to bounce buffers for DMA.
Signed-off-by: Thiago Jung Bauermann <bauerman@...ux.ibm.com>
---
arch/powerpc/platforms/pseries/iommu.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/platforms/pseries/iommu.c b/arch/powerpc/platforms/pseries/iommu.c
index 889dc2e44b89..8d9c2b17ad54 100644
--- a/arch/powerpc/platforms/pseries/iommu.c
+++ b/arch/powerpc/platforms/pseries/iommu.c
@@ -36,6 +36,7 @@
#include <asm/udbg.h>
#include <asm/mmzone.h>
#include <asm/plpar_wrappers.h>
+#include <asm/svm.h>
#include "pseries.h"
@@ -1318,7 +1319,15 @@ void iommu_init_early_pSeries(void)
of_reconfig_notifier_register(&iommu_reconfig_nb);
register_memory_notifier(&iommu_mem_nb);
- set_pci_dma_ops(&dma_iommu_ops);
+ /*
+ * Secure guest memory is inacessible to devices so regular DMA isn't
+ * possible.
+ *
+ * In that case keep devices' dma_map_ops as NULL so that the generic
+ * DMA code path will use SWIOTLB to bounce buffers for DMA.
+ */
+ if (!is_secure_guest())
+ set_pci_dma_ops(&dma_iommu_ops);
}
static int __init disable_multitce(char *str)
Powered by blists - more mailing lists