| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <0725585f-525b-d689-4b63-8ffeedfe87d9@arm.com>
Date: Thu, 19 Aug 2021 09:59:09 +0100
From: Robin Murphy <robin.murphy@....com>
To: David Stevens <stevensd@...omium.org>,
Christoph Hellwig <hch@....de>
Cc: Joerg Roedel <joro@...tes.org>, Will Deacon <will@...nel.org>,
Lu Baolu <baolu.lu@...ux.intel.com>,
Tom Murphy <murphyt7@....ie>, iommu@...ts.linux-foundation.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v6 2/7] dma-iommu: fix arch_sync_dma for map
On 2021-08-17 02:38, David Stevens wrote:
> From: David Stevens <stevensd@...omium.org>
>
> When calling arch_sync_dma, we need to pass it the memory that's
> actually being used for dma. When using swiotlb bounce buffers, this is
> the bounce buffer. Move arch_sync_dma into the __iommu_dma_map_swiotlb
> helper, so it can use the bounce buffer address if necessary.
>
> Now that iommu_dma_map_sg delegates to a function which takes care of
> architectural syncing in the untrusted device case, the call to
> iommu_dma_sync_sg_for_device can be moved so it only occurs for trusted
> devices. Doing the sync for untrusted devices before mapping never
> really worked, since it needs to be able to target swiotlb buffers.
>
> This also moves the architectural sync to before the call to
> __iommu_dma_map, to guarantee that untrusted devices can't see stale
> data they shouldn't see.
Reviewed-by: Robin Murphy <robin.murphy@....com>
> Fixes: 82612d66d51d ("iommu: Allow the dma-iommu api to use bounce buffers")
> Signed-off-by: David Stevens <stevensd@...omium.org>
> Reviewed-by: Christoph Hellwig <hch@....de>
> ---
> drivers/iommu/dma-iommu.c | 16 +++++++---------
> 1 file changed, 7 insertions(+), 9 deletions(-)
>
> diff --git a/drivers/iommu/dma-iommu.c b/drivers/iommu/dma-iommu.c
> index 968e0150c95e..8098ce593640 100644
> --- a/drivers/iommu/dma-iommu.c
> +++ b/drivers/iommu/dma-iommu.c
> @@ -576,6 +576,9 @@ static dma_addr_t __iommu_dma_map_swiotlb(struct device *dev, phys_addr_t phys,
> memset(padding_start, 0, padding_size);
> }
>
> + if (!coherent && !(attrs & DMA_ATTR_SKIP_CPU_SYNC))
> + arch_sync_dma_for_device(phys, org_size, dir);
> +
> iova = __iommu_dma_map(dev, phys, aligned_size, prot, dma_mask);
> if (iova == DMA_MAPPING_ERROR && is_swiotlb_buffer(phys))
> swiotlb_tbl_unmap_single(dev, phys, org_size, dir, attrs);
> @@ -842,14 +845,9 @@ static dma_addr_t iommu_dma_map_page(struct device *dev, struct page *page,
> {
> phys_addr_t phys = page_to_phys(page) + offset;
> bool coherent = dev_is_dma_coherent(dev);
> - dma_addr_t dma_handle;
>
> - dma_handle = __iommu_dma_map_swiotlb(dev, phys, size, dma_get_mask(dev),
> + return __iommu_dma_map_swiotlb(dev, phys, size, dma_get_mask(dev),
> coherent, dir, attrs);
> - if (!coherent && !(attrs & DMA_ATTR_SKIP_CPU_SYNC) &&
> - dma_handle != DMA_MAPPING_ERROR)
> - arch_sync_dma_for_device(phys, size, dir);
> - return dma_handle;
> }
>
> static void iommu_dma_unmap_page(struct device *dev, dma_addr_t dma_handle,
> @@ -992,12 +990,12 @@ static int iommu_dma_map_sg(struct device *dev, struct scatterlist *sg,
> iommu_deferred_attach(dev, domain))
> return 0;
>
> - if (!(attrs & DMA_ATTR_SKIP_CPU_SYNC))
> - iommu_dma_sync_sg_for_device(dev, sg, nents, dir);
> -
> if (dev_is_untrusted(dev))
> return iommu_dma_map_sg_swiotlb(dev, sg, nents, dir, attrs);
>
> + if (!(attrs & DMA_ATTR_SKIP_CPU_SYNC))
> + iommu_dma_sync_sg_for_device(dev, sg, nents, dir);
> +
> /*
> * Work out how much IOVA space we need, and align the segments to
> * IOVA granules for the IOMMU driver to handle. With some clever
>
Powered by blists - more mailing lists