[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4dee1bcef8474ebb95a7826a58bb72aa@AcuMS.aculab.com>
Date: Fri, 30 Aug 2019 13:39:51 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Lu Baolu' <baolu.lu@...ux.intel.com>,
David Woodhouse <dwmw2@...radead.org>,
Joerg Roedel <joro@...tes.org>,
Bjorn Helgaas <bhelgaas@...gle.com>,
Christoph Hellwig <hch@....de>
CC: "ashok.raj@...el.com" <ashok.raj@...el.com>,
"jacob.jun.pan@...el.com" <jacob.jun.pan@...el.com>,
"alan.cox@...el.com" <alan.cox@...el.com>,
"kevin.tian@...el.com" <kevin.tian@...el.com>,
"mika.westerberg@...ux.intel.com" <mika.westerberg@...ux.intel.com>,
"Ingo Molnar" <mingo@...hat.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
"pengfei.xu@...el.com" <pengfei.xu@...el.com>,
Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>,
Marek Szyprowski <m.szyprowski@...sung.com>,
"Robin Murphy" <robin.murphy@....com>,
Jonathan Corbet <corbet@....net>,
"Boris Ostrovsky" <boris.ostrovsky@...cle.com>,
Juergen Gross <jgross@...e.com>,
Stefano Stabellini <sstabellini@...nel.org>,
Steven Rostedt <rostedt@...dmis.org>,
"iommu@...ts.linux-foundation.org" <iommu@...ts.linux-foundation.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Jacob Pan <jacob.jun.pan@...ux.intel.com>
Subject: RE: [PATCH v8 7/7] iommu/vt-d: Use bounce buffer for untrusted
devices
From: Lu Baolu
> Sent: 30 August 2019 08:17
> The Intel VT-d hardware uses paging for DMA remapping.
> The minimum mapped window is a page size. The device
> drivers may map buffers not filling the whole IOMMU
> window. This allows the device to access to possibly
> unrelated memory and a malicious device could exploit
> this to perform DMA attacks. To address this, the
> Intel IOMMU driver will use bounce pages for those
> buffers which don't fill whole IOMMU pages.
Won't this completely kill performance?
I'd expect to see something for dma_alloc_coherent() (etc)
that tries to give the driver page sized buffers.
Either that or the driver could allocate page sized buffers
even though it only passes fragments of these buffers to
the dma functions (to avoid excessive cache invalidates).
Since you have to trust the driver, why not actually trust it?
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
Powered by blists - more mailing lists