lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 31 Dec 2021 09:06:34 +0800
From:   Lu Baolu <baolu.lu@...ux.intel.com>
To:     Bjorn Helgaas <helgaas@...nel.org>
Cc:     baolu.lu@...ux.intel.com,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Joerg Roedel <joro@...tes.org>,
        Alex Williamson <alex.williamson@...hat.com>,
        Bjorn Helgaas <bhelgaas@...gle.com>,
        Jason Gunthorpe <jgg@...dia.com>,
        Christoph Hellwig <hch@...radead.org>,
        Kevin Tian <kevin.tian@...el.com>,
        Ashok Raj <ashok.raj@...el.com>, Will Deacon <will@...nel.org>,
        Robin Murphy <robin.murphy@....com>,
        Dan Williams <dan.j.williams@...el.com>, rafael@...nel.org,
        Diana Craciun <diana.craciun@....nxp.com>,
        Cornelia Huck <cohuck@...hat.com>,
        Eric Auger <eric.auger@...hat.com>,
        Liu Yi L <yi.l.liu@...el.com>,
        Jacob jun Pan <jacob.jun.pan@...el.com>,
        Chaitanya Kulkarni <kch@...dia.com>,
        Stuart Yoder <stuyoder@...il.com>,
        Laurentiu Tudor <laurentiu.tudor@....com>,
        Thierry Reding <thierry.reding@...il.com>,
        David Airlie <airlied@...ux.ie>,
        Daniel Vetter <daniel@...ll.ch>,
        Jonathan Hunter <jonathanh@...dia.com>,
        Li Yang <leoyang.li@....com>,
        Dmitry Osipenko <digetx@...il.com>,
        iommu@...ts.linux-foundation.org, linux-pci@...r.kernel.org,
        kvm@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v4 03/13] PCI: pci_stub: Suppress kernel DMA ownership
 auto-claiming

On 12/31/21 6:24 AM, Bjorn Helgaas wrote:
> On Thu, Dec 30, 2021 at 01:34:27PM +0800, Lu Baolu wrote:
>> Hi Bjorn,
>>
>> On 12/30/21 4:42 AM, Bjorn Helgaas wrote:
>>> On Fri, Dec 17, 2021 at 02:36:58PM +0800, Lu Baolu wrote:
>>>> The pci_dma_configure() marks the iommu_group as containing only devices
>>>> with kernel drivers that manage DMA.
>>>
>>> I'm looking at pci_dma_configure(), and I don't see the connection to
>>> iommu_groups.
>>
>> The 2nd patch "driver core: Set DMA ownership during driver bind/unbind"
>> sets all drivers' DMA to be kernel-managed by default except a few ones
>> which has a driver flag set. So by default, all iommu groups contains
>> only devices with kernel drivers managing DMA.
> 
> It looks like that happens in device_dma_configure(), not
> pci_dma_configure().
> 
>>>> Avoid this default behavior for the
>>>> pci_stub because it does not program any DMA itself.  This allows the
>>>> pci_stub still able to be used by the admin to block driver binding after
>>>> applying the DMA ownership to vfio.
>>>
>>>>
>>>> Signed-off-by: Lu Baolu <baolu.lu@...ux.intel.com>
>>>> ---
>>>>    drivers/pci/pci-stub.c | 3 +++
>>>>    1 file changed, 3 insertions(+)
>>>>
>>>> diff --git a/drivers/pci/pci-stub.c b/drivers/pci/pci-stub.c
>>>> index e408099fea52..6324c68602b4 100644
>>>> --- a/drivers/pci/pci-stub.c
>>>> +++ b/drivers/pci/pci-stub.c
>>>> @@ -36,6 +36,9 @@ static struct pci_driver stub_driver = {
>>>>    	.name		= "pci-stub",
>>>>    	.id_table	= NULL,	/* only dynamic id's */
>>>>    	.probe		= pci_stub_probe,
>>>> +	.driver		= {
>>>> +		.suppress_auto_claim_dma_owner = true,
>>>
>>> The new .suppress_auto_claim_dma_owner controls whether we call
>>> iommu_device_set_dma_owner().  I guess you added
>>> .suppress_auto_claim_dma_owner because iommu_device_set_dma_owner()
>>> must be done *before* we call the driver's .probe() method?
>>
>> As explained above, all drivers are set to kernel-managed dma by
>> default. For those vfio and vfio-approved drivers,
>> suppress_auto_claim_dma_owner is used to tell the driver core that "this
>> driver is attached to device for userspace assignment purpose, do not
>> claim it for kernel-management dma".
>>
>>> Otherwise, we could call some new interface from .probe() instead of
>>> adding the flag to struct device_driver.
>>
>> Most device drivers are of the kernel-managed DMA type. Only a few vfio
>> and vfio-approved drivers need to use this flag. That's the reason why
>> we claim kernel-managed DMA by default.
> 
> Yes.  But you didn't answer the question of whether this must be done
> by a new flag in struct device_driver, or whether it could be done by
> having these few VFIO and "VFIO-approved" (whatever that means)
> drivers call a new interface.
> 
> I was speculating that maybe the DMA ownership claiming must be done
> *before* the driver's .probe() method?  If so, that would require a
> new flag.  But I don't know whether that's the case.  If DMA
> ownership could be claimed by the .probe() method, we wouldn't need
> the new flag in struct device_driver.

Yes. It's feasible. Hence we can remove the suppress flag which is only
for some special drivers. I will come up with a new version so that you
can further comment with the real code. Thank you!

> 
> Bjorn
> 

Best regards,
baolu

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ