lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 12 Jan 2021 17:29:19 +0000
From:   Robin Murphy <robin.murphy@....com>
To:     lijiang <lijiang@...hat.com>, linux-kernel@...r.kernel.org
Cc:     "Lendacky, Thomas" <thomas.lendacky@....com>, jroedel@...e.de,
        iommu@...ts.linux-foundation.org, will@...nel.org
Subject: Re: [PATCH] iommu: check for the deferred attach when attaching a
 device

On 2021-01-05 07:52, lijiang wrote:
> 在 2021年01月05日 11:55, lijiang 写道:
>> Hi,
>>
>> Also add Joerg to cc list.
>>
> 
> Also add more people to cc list, Jerry Snitselaar and Tom Lendacky.
> 
> Thanks.
> 
>> Thanks.
>> Lianbo
>> 在 2020年12月26日 13:39, Lianbo Jiang 写道:
>>> Currently, because domain attach allows to be deferred from iommu
>>> driver to device driver, and when iommu initializes, the devices
>>> on the bus will be scanned and the default groups will be allocated.
>>>
>>> Due to the above changes, some devices could be added to the same
>>> group as below:
>>>
>>> [    3.859417] pci 0000:01:00.0: Adding to iommu group 16
>>> [    3.864572] pci 0000:01:00.1: Adding to iommu group 16
>>> [    3.869738] pci 0000:02:00.0: Adding to iommu group 17
>>> [    3.874892] pci 0000:02:00.1: Adding to iommu group 17
>>>
>>> But when attaching these devices, it doesn't allow that a group has
>>> more than one device, otherwise it will return an error. This conflicts
>>> with the deferred attaching. Unfortunately, it has two devices in the
>>> same group for my side, for example:
>>>
>>> [    9.627014] iommu_group_device_count(): device name[0]:0000:01:00.0
>>> [    9.633545] iommu_group_device_count(): device name[1]:0000:01:00.1
>>> ...
>>> [   10.255609] iommu_group_device_count(): device name[0]:0000:02:00.0
>>> [   10.262144] iommu_group_device_count(): device name[1]:0000:02:00.1
>>>
>>> Finally, which caused the failure of tg3 driver when tg3 driver calls
>>> the dma_alloc_coherent() to allocate coherent memory in the tg3_test_dma().
>>>
>>> [    9.660310] tg3 0000:01:00.0: DMA engine test failed, aborting
>>> [    9.754085] tg3: probe of 0000:01:00.0 failed with error -12
>>> [    9.997512] tg3 0000:01:00.1: DMA engine test failed, aborting
>>> [   10.043053] tg3: probe of 0000:01:00.1 failed with error -12
>>> [   10.288905] tg3 0000:02:00.0: DMA engine test failed, aborting
>>> [   10.334070] tg3: probe of 0000:02:00.0 failed with error -12
>>> [   10.578303] tg3 0000:02:00.1: DMA engine test failed, aborting
>>> [   10.622629] tg3: probe of 0000:02:00.1 failed with error -12
>>>
>>> In addition, the similar situations also occur in other drivers such
>>> as the bnxt_en driver. That can be reproduced easily in kdump kernel
>>> when SME is active.
>>>
>>> Add a check for the deferred attach in the iommu_attach_device() and
>>> allow to attach the deferred device regardless of how many devices
>>> are in a group.

Is this iommu_attach_device() call is coming from iommu-dma? (if not, 
then whoever's calling it probably shouldn't be)

Assuming so, then probably what should happen is to move the handling 
currently in iommu_dma_deferred_attach() into the core so that it can 
call __iommu_attach_device() directly - the intent is just to replay 
that exact call skipped in iommu_group_add_device(), so the legacy 
external iommu_attach_device() interface isn't really the right tool for 
the job anyway. That's just slightly awkward since ideally it wants to 
be done in a way that doesn't result in a redundant out-of-line call for 
!kdump.

Alternatively I suppose it *could* just call ops->attach_dev directly, 
but then we miss out on the tracepoint, and deferred attach is arguably 
one of the cases where that's most useful :/

Robin.

>>>
>>> Signed-off-by: Lianbo Jiang <lijiang@...hat.com>
>>> ---
>>>   drivers/iommu/iommu.c | 5 ++++-
>>>   1 file changed, 4 insertions(+), 1 deletion(-)
>>>
>>> diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
>>> index ffeebda8d6de..dccab7b133fb 100644
>>> --- a/drivers/iommu/iommu.c
>>> +++ b/drivers/iommu/iommu.c
>>> @@ -1967,8 +1967,11 @@ int iommu_attach_device(struct iommu_domain *domain, struct device *dev)
>>>   	 */
>>>   	mutex_lock(&group->mutex);
>>>   	ret = -EINVAL;
>>> -	if (iommu_group_device_count(group) != 1)
>>> +	if (!iommu_is_attach_deferred(domain, dev) &&
>>> +	    iommu_group_device_count(group) != 1) {
>>> +		dev_err_ratelimited(dev, "Group has more than one device\n");
>>>   		goto out_unlock;
>>> +	}
>>>   
>>>   	ret = __iommu_attach_group(domain, group);
>>>   
>>>
> 
> _______________________________________________
> iommu mailing list
> iommu@...ts.linux-foundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/iommu
> 

Powered by blists - more mailing lists