lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 27 Jan 2023 12:04:16 -0800
From:   Nicolin Chen <nicolinc@...dia.com>
To:     <jgg@...dia.com>, <kevin.tian@...el.com>, <robin.murphy@....com>,
        <joro@...tes.org>, <will@...nel.org>, <agross@...nel.org>,
        <andersson@...nel.org>, <konrad.dybcio@...aro.org>,
        <yong.wu@...iatek.com>, <matthias.bgg@...il.com>,
        <thierry.reding@...il.com>, <alex.williamson@...hat.com>,
        <cohuck@...hat.com>
CC:     <vdumpa@...dia.com>, <jonathanh@...dia.com>,
        <iommu@...ts.linux.dev>, <linux-kernel@...r.kernel.org>,
        <linux-arm-msm@...r.kernel.org>,
        <linux-mediatek@...ts.infradead.org>,
        <linux-arm-kernel@...ts.infradead.org>,
        <linux-tegra@...r.kernel.org>, <kvm@...r.kernel.org>
Subject: [PATCH 0/4] iommu: Reject drivers with broken_unmanaged_domain

Hi all,

Both IOMMU_DOMAIN_UNMANAGED and IOMMU_DOMAIN_DMA require the support
of __IOMMU_DOMAIN_PAGING capability, i.e. iommu_map/unmap. However,
some older iommu drivers do not fully support that, and these drivers
also do not advertise support for dma-iommu.c via IOMMU_DOMAIN_DMA,
or use arm_iommu_create_mapping(), so largely their implementations
of IOMMU_DOMAIN_UNMANAGED are untested. This means that a user like
vfio/iommufd does not likely work with them.

Thus, mark all these drivers as having "broken" UNAMANGED domains and
add a new device_iommu_unmanaged_supported() API for vfio/iommufd and
dma-iommu to refuse to work with these drivers.

These are preparatory changes for a new IOMMU API that will be used by
iommufd. Having this flag allows us to prevent any use of the new API
in iommufd, to keep things clean.

You can also find this series on Github:
https://github.com/nicolinc/iommufd/commits/broken_unmanaged_domain

Thank you
Nicolin Chen

Nicolin Chen (4):
  iommu: Add a broken_unmanaged_domain flag in iommu_ops
  iommu/dma: Do not init domain if broken_unmanaged_domain
  iommufd: Do not allocate device object if broken_unmanaged_domain
  vfio: Do not allocate domain if broken_unmanaged_domain

 drivers/iommu/dma-iommu.c       |  3 +++
 drivers/iommu/fsl_pamu_domain.c |  1 +
 drivers/iommu/iommu.c           | 24 ++++++++++++++++++++++++
 drivers/iommu/iommufd/device.c  |  3 +++
 drivers/iommu/msm_iommu.c       |  1 +
 drivers/iommu/mtk_iommu_v1.c    |  1 +
 drivers/iommu/omap-iommu.c      |  1 +
 drivers/iommu/tegra-gart.c      |  1 +
 drivers/iommu/tegra-smmu.c      |  1 +
 drivers/vfio/vfio_iommu_type1.c |  5 ++++-
 include/linux/iommu.h           | 11 +++++++++++
 11 files changed, 51 insertions(+), 1 deletion(-)

-- 
2.39.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ