| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2fe7d268-bc9f-9808-29a5-610527a0fd32@arm.com>
Date: Mon, 14 Jun 2021 17:03:31 +0100
From: Robin Murphy <robin.murphy@....com>
To: John Garry <john.garry@...wei.com>, joro@...tes.org,
will@...nel.org, dwmw2@...radead.org, baolu.lu@...ux.intel.com
Cc: linux-kernel@...r.kernel.org, iommu@...ts.linux-foundation.org,
linuxarm@...wei.com, thunder.leizhen@...wei.com,
chenxiang66@...ilicon.com
Subject: Re: [PATCH v12 2/5] iommu: Enhance IOMMU default DMA mode build
options
On 2021-06-11 13:20, John Garry wrote:
> From: Zhen Lei <thunder.leizhen@...wei.com>
>
> First, add build options IOMMU_DEFAULT_{LAZY|STRICT}, so that we have the
> opportunity to set {lazy|strict} mode as default at build time. Then put
> the two config options in an choice, as they are mutually exclusive.
>
> [jpg: Make choice between strict and lazy only (and not passthrough)]
> Signed-off-by: Zhen Lei <thunder.leizhen@...wei.com>
> Signed-off-by: John Garry <john.garry@...wei.com>
> ---
> drivers/iommu/Kconfig | 38 ++++++++++++++++++++++++++++++++++++++
> drivers/iommu/iommu.c | 3 ++-
> 2 files changed, 40 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/iommu/Kconfig b/drivers/iommu/Kconfig
> index 1f111b399bca..2a71347611d4 100644
> --- a/drivers/iommu/Kconfig
> +++ b/drivers/iommu/Kconfig
> @@ -90,6 +90,44 @@ config IOMMU_DEFAULT_PASSTHROUGH
>
> If unsure, say N here.
>
> +choice
> + prompt "IOMMU default DMA mode"
> + depends on IOMMU_DMA
> +
> + default IOMMU_DEFAULT_STRICT
> + help
> + This option allows an IOMMU DMA mode to be chosen at build time, to
> + override the default DMA mode of each ARCH, removing the need to
> + pass in kernel parameters through command line. It is still possible
> + to provide ARCH-specific or common boot options to override this
> + option.
> +
> + If unsure, keep the default.
> +
> +config IOMMU_DEFAULT_STRICT
> + bool "strict"
> + help
> + For every IOMMU DMA unmap operation, the flush operation of IOTLB and
> + the free operation of IOVA are guaranteed to be done in the unmap
> + function.
> +
> +config IOMMU_DEFAULT_LAZY
> + bool "lazy"
> + help
> + Support lazy mode, where for every IOMMU DMA unmap operation, the
> + flush operation of IOTLB and the free operation of IOVA are deferred.
> + They are only guaranteed to be done before the related IOVA will be
> + reused.
> +
> + The isolation provided in this mode is not as secure as STRICT mode,
> + such that a vulnerable time window may be created between the DMA
> + unmap and the mapping finally being torn down in the IOMMU, where the
> + device can still access the system memory. However this mode may
> + provide better performance in high throughput scenarios, and is still
> + considerably more secure than passthrough mode or no IOMMU.
> +
> +endchoice
> +
> config OF_IOMMU
> def_bool y
> depends on OF && IOMMU_API
> diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
> index cf58949cc2f3..ccbd5d4c1a50 100644
> --- a/drivers/iommu/iommu.c
> +++ b/drivers/iommu/iommu.c
> @@ -29,7 +29,8 @@ static struct kset *iommu_group_kset;
> static DEFINE_IDA(iommu_group_ida);
>
> static unsigned int iommu_def_domain_type __read_mostly;
> -static bool iommu_dma_strict __read_mostly = true;
> +static bool iommu_dma_strict __read_mostly =
> + IS_ENABLED(CONFIG_IOMMU_DEFAULT_STRICT);
Nit: I reckon this is a fine place to wield the 100-character
relaxation, but it's not my call in the end.
With the wording tweaks already mentioned,
Reviewed-by: Robin Murphy <robin.murphy@....com>
> static u32 iommu_cmd_line __read_mostly;
>
> struct iommu_group {
>
Powered by blists - more mailing lists