| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 9 Sep 2022 05:00:16 +0000
From: "Tian, Kevin" <kevin.tian@...el.com>
To: Nicolin Chen <nicolinc@...dia.com>, Joerg Roedel <joro@...tes.org>,
"Jason Gunthorpe" <jgg@...dia.com>
CC: "will@...nel.org" <will@...nel.org>,
"robin.murphy@....com" <robin.murphy@....com>,
"alex.williamson@...hat.com" <alex.williamson@...hat.com>,
"suravee.suthikulpanit@....com" <suravee.suthikulpanit@....com>,
"marcan@...can.st" <marcan@...can.st>,
"sven@...npeter.dev" <sven@...npeter.dev>,
"alyssa@...enzweig.io" <alyssa@...enzweig.io>,
"robdclark@...il.com" <robdclark@...il.com>,
"dwmw2@...radead.org" <dwmw2@...radead.org>,
"baolu.lu@...ux.intel.com" <baolu.lu@...ux.intel.com>,
"mjrosato@...ux.ibm.com" <mjrosato@...ux.ibm.com>,
"gerald.schaefer@...ux.ibm.com" <gerald.schaefer@...ux.ibm.com>,
"orsonzhai@...il.com" <orsonzhai@...il.com>,
"baolin.wang@...ux.alibaba.com" <baolin.wang@...ux.alibaba.com>,
"zhang.lyra@...il.com" <zhang.lyra@...il.com>,
"thierry.reding@...il.com" <thierry.reding@...il.com>,
"vdumpa@...dia.com" <vdumpa@...dia.com>,
"jonathanh@...dia.com" <jonathanh@...dia.com>,
"jean-philippe@...aro.org" <jean-philippe@...aro.org>,
"cohuck@...hat.com" <cohuck@...hat.com>,
"tglx@...utronix.de" <tglx@...utronix.de>,
"shameerali.kolothum.thodi@...wei.com"
<shameerali.kolothum.thodi@...wei.com>,
"thunder.leizhen@...wei.com" <thunder.leizhen@...wei.com>,
"christophe.jaillet@...adoo.fr" <christophe.jaillet@...adoo.fr>,
"yangyingliang@...wei.com" <yangyingliang@...wei.com>,
"jon@...id-run.com" <jon@...id-run.com>,
"iommu@...ts.linux.dev" <iommu@...ts.linux.dev>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"asahi@...ts.linux.dev" <asahi@...ts.linux.dev>,
"linux-arm-kernel@...ts.infradead.org"
<linux-arm-kernel@...ts.infradead.org>,
"linux-arm-msm@...r.kernel.org" <linux-arm-msm@...r.kernel.org>,
"linux-s390@...r.kernel.org" <linux-s390@...r.kernel.org>,
"linux-tegra@...r.kernel.org" <linux-tegra@...r.kernel.org>,
"virtualization@...ts.linux-foundation.org"
<virtualization@...ts.linux-foundation.org>,
"kvm@...r.kernel.org" <kvm@...r.kernel.org>
Subject: RE: [PATCH v6 1/5] iommu: Return -EMEDIUMTYPE for incompatible domain
and device/group
> From: Nicolin Chen <nicolinc@...dia.com>
> Sent: Friday, September 9, 2022 11:17 AM
>
> On Thu, Sep 08, 2022 at 01:14:42PM -0300, Jason Gunthorpe wrote:
>
> > > I am wondering if this can be solved by better defining what the return
> > > codes mean and adjust the call-back functions to match the definition.
> > > Something like:
> > >
> > > -ENODEV : Device not mapped my an IOMMU
> > > -EBUSY : Device attached and domain can not be changed
> > > -EINVAL : Device and domain are incompatible
> > > ...
> >
> > Yes, this was gone over in a side thread the pros/cons, so lets do
> > it. Nicolin will come with something along these lines.
>
> I have started this effort by combining this list and the one from
> the side thread:
>
> @@ -266,6 +266,13 @@ struct iommu_ops {
> /**
> * struct iommu_domain_ops - domain specific operations
> * @attach_dev: attach an iommu domain to a device
> + * Rules of its return errno:
> + * ENOMEM - Out of memory
> + * EINVAL - Device and domain are incompatible
> + * EBUSY - Device is attached to a domain and cannot be changed
With this definition then probably @attach_dev should not return -EBUSY
at all given it's already checked in the start of __iommu_attach_group():
if (group->domain && group->domain != group->default_domain &&
group->domain != group->blocking_domain)
return -EBUSY;
> + * ENODEV - Device or domain is messed up: device is not mapped
> + * to an IOMMU, no domain can attach, and etc.
if domain is messed up then should return -EINVAL given using another domain
might just work. IMHO here -ENODEV should only cover device specific problems
preventing this device from being attached to by any domain.
> + * <others> - Same behavior as ENODEV, use is discouraged
didn't get the "Same behavior" part. Does it suggest all other errnos should
be converted to ENODEV?
btw what about -ENOSPC? It's sane to allocate some resource in the attach
path while the resource might be not available, e.g.:
intel_iommu_attach_device()
domain_add_dev_info()
domain_attach_iommu():
int num, ret = -ENOSPC;
...
ndomains = cap_ndoms(iommu->cap);
num = find_first_zero_bit(iommu->domain_ids, ndomains);
if (num >= ndomains) {
pr_err("%s: No free domain ids\n", iommu->name);
goto err_unlock;
}
As discussed in a side thread a note might be added to exempt calling
kAPI outside of the iommu driver.
> * @detach_dev: detach an iommu domain from a device
> * @map: map a physically contiguous memory region to an iommu domain
> * @map_pages: map a physically contiguous set of pages of the same size
> to
>
> I am now going through every single return value of ->attach_dev to
> make sure the list above applies. And I will also incorporate things
> like Robin's comments at the AMD IOMMU driver.
>
> And if the change occurs to be bigger, I guess that separating it to
> be an IOMMU series from this VFIO one might be better.
>
> Thanks
> Nic
Powered by blists - more mailing lists