| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Jan 2021 14:42:05 +0000
From: Robin Murphy <robin.murphy@....com>
To: Moritz Fischer <mdf@...nel.org>, lorenzo.pieralisi@....com
Cc: guohanjun@...wei.com, rjw@...ysocki.net,
linux-kernel@...r.kernel.org, linux-acpi@...r.kernel.org,
moritzf@...gle.com, sudeep.holla@....com, will@...nel.org,
linux-arm-kernel@...ts.infradead.org
Subject: Re: [PATCH v2] ACPI/IORT: Do not blindly trust DMA masks from
firmware
On 2021-01-22 01:24, Moritz Fischer wrote:
> Address issue observed on real world system with suboptimal IORT table
> where DMA masks of PCI devices would get set to 0 as result.
>
> iort_dma_setup() would query the root complex'/named component IORT
> entry for a DMA mask, and use that over the one the device has been
> configured with earlier.
>
> Ideally we want to use the minimum mask of what the IORT contains for
> the root complex and what the device was configured with.
>
> Fixes: 5ac65e8c8941 ("ACPI/IORT: Support address size limit for root complexes")
> Signed-off-by: Moritz Fischer <mdf@...nel.org>
> ---
>
> Changes from v1:
> - Changed warning to FW_BUG
> - Warn for both Named Component or Root Complex
> - Replaced min_not_zero() with min()
>
> ---
> drivers/acpi/arm64/iort.c | 14 ++++++++++++--
> 1 file changed, 12 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/acpi/arm64/iort.c b/drivers/acpi/arm64/iort.c
> index d4eac6d7e9fb..2494138a6905 100644
> --- a/drivers/acpi/arm64/iort.c
> +++ b/drivers/acpi/arm64/iort.c
> @@ -1107,6 +1107,11 @@ static int nc_dma_get_range(struct device *dev, u64 *size)
>
> ncomp = (struct acpi_iort_named_component *)node->node_data;
>
> + if (!ncomp->memory_address_limit) {
> + pr_warn(FW_BUG "Named component missing memory address limit\n");
> + return -EINVAL;
> + }
> +
> *size = ncomp->memory_address_limit >= 64 ? U64_MAX :
> 1ULL<<ncomp->memory_address_limit;
>
> @@ -1126,6 +1131,11 @@ static int rc_dma_get_range(struct device *dev, u64 *size)
>
> rc = (struct acpi_iort_root_complex *)node->node_data;
>
> + if (!rc->memory_address_limit) {
> + pr_warn(FW_BUG "Root complex missing memory address limit\n");
> + return -EINVAL;
> + }
> +
> *size = rc->memory_address_limit >= 64 ? U64_MAX :
> 1ULL<<rc->memory_address_limit;
>
> @@ -1173,8 +1183,8 @@ void iort_dma_setup(struct device *dev, u64 *dma_addr, u64 *dma_size)
> end = dmaaddr + size - 1;
> mask = DMA_BIT_MASK(ilog2(end) + 1);
> dev->bus_dma_limit = end;
> - dev->coherent_dma_mask = mask;
> - *dev->dma_mask = mask;
> + dev->coherent_dma_mask = min(dev->coherent_dma_mask, mask);
> + *dev->dma_mask = min(*dev->dma_mask, mask);
Oops, I got so distracted by the "not_zero" aspect in v1 that I ended up
thinking purely about smaller-than-default masks, but of course this
*does* matter the other way round. And it is what we've always done on
the DT side, so at least it makes us consistent.
FWIW I've already started writing up a patch to kill off this bit
entirely, but either way we still can't meaningfully interpret a
supposed DMA limit of 0 bits in a table describing DMA-capable devices,
so for this patch as a fix,
Reviewed-by: Robin Murphy <robin.murphy@....com>
Thanks,
Robin.
> }
>
> *dma_addr = dmaaddr;
>
Powered by blists - more mailing lists