[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <dbca06fa-d708-3c76-2890-82ca5a781366@linux.intel.com>
Date: Thu, 3 Jun 2021 05:36:53 -0700
From: Andi Kleen <ak@...ux.intel.com>
To: Robin Murphy <robin.murphy@....com>, mst@...hat.com
Cc: jasowang@...hat.com, virtualization@...ts.linux-foundation.org,
hch@....de, m.szyprowski@...sung.com,
iommu@...ts.linux-foundation.org, x86@...nel.org,
sathyanarayanan.kuppuswamy@...ux.intel.com, jpoimboe@...hat.com,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1 6/8] dma: Add return value to dma_unmap_page
>
> What it looks like to me is abusing SWIOTLB's internal housekeeping to
> keep track of virtio-specific state. The DMA API does not attempt to
> validate calls in general since in many cases the additional overhead
> would be prohibitive. It has always been callers' responsibility to
> keep track of what they mapped and make sure sync/unmap calls match,
> and there are many, many, subtle and not-so-subtle ways for things to
> go wrong if they don't. If virtio is not doing a good enough job of
> that, what's the justification for making it the DMA API's problem?
In this case it's not prohibitive at all. Just adding a few error
returns, and checking the overlap (which seems to have been already
solved anyways) I would argue the error returns are good practice
anyways, so that API users can check that something bad happening and
abort. The DMA API was never very good at proper error handling, but
there's no reason at all to continue being bad it forever.
AFAIK the rest just works anyways, so it's not really a new problem to
be solved.
>
>> A new callback is used to avoid changing all the IOMMU drivers.
>
> Nit: presumably by "IOMMU drivers" you actually mean arch DMA API
> backends?
Yes
>
> Furthermore, AFAICS it's still not going to help against exfiltrating
> guest memory by over-unmapping the original SWIOTLB slot *without*
> going past the end of the whole buffer,
That would be just exfiltrating data that is already shared, unless I'm
misunderstanding you.
-Andi
Powered by blists - more mailing lists