| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <a9f959ed-b528-681d-f941-d615360c0be3@linux.intel.com>
Date: Wed, 7 Sep 2022 17:58:53 +0800
From: Ethan Zhao <haifeng.zhao@...ux.intel.com>
To: John Garry <john.garry@...wei.com>,
Robin Murphy <robin.murphy@....com>, joro@...tes.org,
will@...nel.org
Cc: iommu@...ts.linux.dev, linux-kernel@...r.kernel.org,
linuxarm@...wei.com
Subject: Re: [PATCH v2 1/2] iova: Remove some magazine pointer NULL checks
John,
在 2022/9/7 16:46, John Garry 写道:
> On 06/09/2022 19:25, Robin Murphy wrote:
>>>
>>> Caveat: on the chance that the IOVA domain init fails due to the
>>> rcache init failing, then, if there were another device in the group
>>> which probes later, its probe would be ok as the start_pfn is set.
>>> Not Good.
>>
>> Yeah, there's a lot not to like about iommu_dma_init_domain() - I've
>> been banking on it all getting cleaned up when I get to refactoring
>> that area of probing (remember the issue you reported years ago with
>> PCI groups being built in the wrong order? All related...), but in
>> fact since the cookie management got pulled into core code, we can
>> probably tie the IOVA domain setup to that right now without much
>> other involvement. That could be a cheap win, so I'll give it a go soon.
>
> ok, great.
>
> On a related topic, another thing to consider is that errors in IOVA
> domain init are not handled gracefully in terms of how we deal with
> the device probe and setting dma mapping ops, ref
> iommu_setup_dma_ops(). I assume you know all this.
>
>>
>>> - vdpa just fails to create the domain in vduse_domain_create()
>>>
>>>> That makes a fair amount of sense, but does mean that we're missing
>>>> the equivalent in iova_rcache_insert() for it to actually work. Or
>>>> we just remove it and tighten up the documentation to say that's
>>>> not valid
>>>
>>> I'd be more inclined to remove it. I would rather remove fathpath
>>> checks as much as possible and have robust error handling in the
>>> domain init.
>>>
>>> Afterall I do have the "remove check" craze going.
>>
>> Sure, like I say I'm happy to be consistent either way. If I do end
>> up reinstating such a check I think I'd prefer to have it explicit in
>> {alloc,free}_iova_fast() anyway, rather than buried in internal
>> implementation details.
>
> I'm not sure what you would like to see now, if anything.
>
> I could just remove the iovad->rcache check in iova_rcache_get().
> It's pretty useless (on its own) since we don't have the same check on
> the "insert" path.
>
> Or also add this:
>
> diff --git a/drivers/iommu/dma-iommu.c b/drivers/iommu/dma-iommu.c
> index 0d6d8edf782d..e8f0b8f47f45 100644
> --- a/drivers/iommu/dma-iommu.c
> +++ b/drivers/iommu/dma-iommu.c
> @@ -578,6 +578,12 @@ static int iommu_dma_init_domain(struct
> iommu_domain *domain, dma_addr_t base,
> goto done_unlock;
> }
>
> + if (!iovad->rcaches) {
> + pr_warn("IOVA domain rcache not properly initialised\n");
> + ret = -EFAULT;
> + goto done_unlock;
> + }
> +
> ret = 0;
> goto done_unlock;
>
If the iovad->rcaches allocation failed, will skip iommu domain dma ops,
so no need *any* iovad,->rcaches check, right ?
and there is already warning about the fallback.
Thanks,
Ethan
>
> But I figure that you don't want more crud there now, considering the
> work you mention above.
>
> Thanks,
> John
>
>
>
--
"firm, enduring, strong, and long-lived"
Powered by blists - more mailing lists