lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <d9fa9a62-6522-7d26-0cca-16f6886136ec@arm.com>
Date:   Tue, 6 Jul 2021 10:27:43 +0100
From:   Robin Murphy <robin.murphy@....com>
To:     Kai-Heng Feng <kai.heng.feng@...onical.com>, joro@...tes.org,
        will@...nel.org
Cc:     "open list:IOMMU DRIVERS" <iommu@...ts.linux-foundation.org>,
        open list <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] iommu: Fallback to default setting when def_domain_type()
 callback returns 0

On 2021-07-06 07:51, Kai-Heng Feng wrote:
> Commit 28b41e2c6aeb ("iommu: Move def_domain type check for untrusted
> device into core") not only moved the check for untrusted device to
> IOMMU core, it also introduced a behavioral change by returning
> def_domain_type() directly without checking its return value. That makes
> many devices no longer use the default IOMMU setting.
> 
> So revert back to the old behavior which defaults to
> iommu_def_domain_type when driver callback returns 0.
> 
> Fixes: 28b41e2c6aeb ("iommu: Move def_domain type check for untrusted device into core")

Are you sure about that? From that same commit:

@@ -1507,7 +1509,7 @@ static int iommu_alloc_default_domain(struct 
iommu_group *group,
         if (group->default_domain)
                 return 0;

-       type = iommu_get_def_domain_type(dev);
+       type = iommu_get_def_domain_type(dev) ? : iommu_def_domain_type;

         return iommu_group_alloc_default_domain(dev->bus, group, type);
  }

AFAICS the other two callers should also handle 0 correctly. Have you 
seen a problem in practice?

Robin.

> Signed-off-by: Kai-Heng Feng <kai.heng.feng@...onical.com>
> ---
>   drivers/iommu/iommu.c | 5 +++--
>   1 file changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
> index 5419c4b9f27a..faac4f795025 100644
> --- a/drivers/iommu/iommu.c
> +++ b/drivers/iommu/iommu.c
> @@ -1507,14 +1507,15 @@ EXPORT_SYMBOL_GPL(fsl_mc_device_group);
>   static int iommu_get_def_domain_type(struct device *dev)
>   {
>   	const struct iommu_ops *ops = dev->bus->iommu_ops;
> +	unsigned int type = 0;
>   
>   	if (dev_is_pci(dev) && to_pci_dev(dev)->untrusted)
>   		return IOMMU_DOMAIN_DMA;
>   
>   	if (ops->def_domain_type)
> -		return ops->def_domain_type(dev);
> +		type = ops->def_domain_type(dev);
>   
> -	return 0;
> +	return (type == 0) ? iommu_def_domain_type : type;
>   }
>   
>   static int iommu_group_alloc_default_domain(struct bus_type *bus,
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ