lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 28 Nov 2022 09:29:51 -0400 From: Jason Gunthorpe <jgg@...dia.com> To: Niklas Schnelle <schnelle@...ux.ibm.com> Cc: Baolu Lu <baolu.lu@...ux.intel.com>, Matthew Rosato <mjrosato@...ux.ibm.com>, Gerd Bayer <gbayer@...ux.ibm.com>, iommu@...ts.linux.dev, Joerg Roedel <joro@...tes.org>, Will Deacon <will@...nel.org>, Robin Murphy <robin.murphy@....com>, Wenjia Zhang <wenjia@...ux.ibm.com>, Pierre Morel <pmorel@...ux.ibm.com>, linux-s390@...r.kernel.org, borntraeger@...ux.ibm.com, hca@...ux.ibm.com, gor@...ux.ibm.com, gerald.schaefer@...ux.ibm.com, agordeev@...ux.ibm.com, svens@...ux.ibm.com, linux-kernel@...r.kernel.org, Julian Ruess <julianr@...ux.ibm.com> Subject: Re: [PATCH v2 4/7] iommu: Let iommu.strict override ops->def_domain_type On Mon, Nov 28, 2022 at 12:10:39PM +0100, Niklas Schnelle wrote: > On Thu, 2022-11-17 at 09:55 +0800, Baolu Lu wrote: > > On 2022/11/17 1:16, Niklas Schnelle wrote: > > > When iommu.strict=1 is set or iommu_set_dma_strict() was called we > > > should use IOMMU_DOMAIN_DMA irrespective of ops->def_domain_type. > > > > > > Signed-off-by: Niklas Schnelle <schnelle@...ux.ibm.com> > > > --- > > > drivers/iommu/iommu.c | 3 +++ > > > 1 file changed, 3 insertions(+) > > > > > > diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c > > > index 65a3b3d886dc..d9bf94d198df 100644 > > > --- a/drivers/iommu/iommu.c > > > +++ b/drivers/iommu/iommu.c > > > @@ -1562,6 +1562,9 @@ static int iommu_get_def_domain_type(struct device *dev) > > > { > > > const struct iommu_ops *ops = dev_iommu_ops(dev); > > > > > > + if (iommu_dma_strict) > > > + return IOMMU_DOMAIN_DMA; > > > > If any quirky device must work in IOMMU identity mapping mode, this > > might introduce functional regression. At least for VT-d platforms, some > > devices do require IOMMU identity mapping mode for functionality. > > That's a good point. How about instead of unconditionally returning > IOMMU_DOMAIN_DMA we just do so if the domain type returned by ops- > >def_domain_type uses a flush queue (i.e. the __IOMMU_DOMAIN_DMA_FQ bit > is set). That way a device that only supports identity mapping gets to > set that but iommu_dma_strict at least always prevents use of an IOVA > flush queue. I would prefer we create some formal caps in iommu_ops to describe whatever it is you are trying to do. Jason
Powered by blists - more mailing lists