| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 29 Jan 2023 08:11:48 +0000
From: "Tian, Kevin" <kevin.tian@...el.com>
To: Jason Gunthorpe <jgg@...dia.com>,
Robin Murphy <robin.murphy@....com>
CC: Nicolin Chen <nicolinc@...dia.com>,
"joro@...tes.org" <joro@...tes.org>,
"will@...nel.org" <will@...nel.org>,
"agross@...nel.org" <agross@...nel.org>,
"andersson@...nel.org" <andersson@...nel.org>,
"konrad.dybcio@...aro.org" <konrad.dybcio@...aro.org>,
"yong.wu@...iatek.com" <yong.wu@...iatek.com>,
"matthias.bgg@...il.com" <matthias.bgg@...il.com>,
"thierry.reding@...il.com" <thierry.reding@...il.com>,
"alex.williamson@...hat.com" <alex.williamson@...hat.com>,
"cohuck@...hat.com" <cohuck@...hat.com>,
"vdumpa@...dia.com" <vdumpa@...dia.com>,
"jonathanh@...dia.com" <jonathanh@...dia.com>,
"iommu@...ts.linux.dev" <iommu@...ts.linux.dev>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-arm-msm@...r.kernel.org" <linux-arm-msm@...r.kernel.org>,
"linux-mediatek@...ts.infradead.org"
<linux-mediatek@...ts.infradead.org>,
"linux-arm-kernel@...ts.infradead.org"
<linux-arm-kernel@...ts.infradead.org>,
"linux-tegra@...r.kernel.org" <linux-tegra@...r.kernel.org>,
"kvm@...r.kernel.org" <kvm@...r.kernel.org>
Subject: RE: [PATCH 1/4] iommu: Add a broken_unmanaged_domain flag in
iommu_ops
> From: Jason Gunthorpe <jgg@...dia.com>
> Sent: Saturday, January 28, 2023 7:54 AM
>
> On Fri, Jan 27, 2023 at 09:58:46PM +0000, Robin Murphy wrote:
>
> > Please just add IOMMU_CAP_IOMMUFD to represent whatever the
> nebulous
> > requirements of IOMMUFD actually are (frankly it's no less informative
> than
> > calling domains "broken"), handle that in the drivers you care about
> > and
>
> I don't want to tie this to iommufd, that isn't the point.
>
> We clearly have drivers that don't implement the iommu kernel API
> properly, because their only use is between the iommu driver and some
> other same-SOC driver.
>
> As a user of the iommu API iommufd and VFIO want to avoid these
> drivers.
>
> We have that acknowledgment already via the IOMMU_DOMAIN_DMA stuff
> protecting the dma_iommu.c from those same drivers.
>
> So, how about this below instead. Imagine it is followed by something along
> the lines of my other sketch:
>
> https://lore.kernel.org/linux-iommu/Y4%2FLsZKmR3iWFphU@nvidia.com/
>
> And we completely delete IOMMU_DOMAIN_DMA/_FQ and get dma-
> iommu.c
> mostly out of driver code.
>
> iommufd/vfio would refuse to work with drivers that don't indicate
> they support dma_iommu.c, that is good enough.
this is a good idea. Just one doubt. Robin mentioned that sprd-iommu
might have a broken unmanaged domains:
" I'd also question sprd-iommu, which hardly has a generally-useful
domain size, and has only just recently gained the ability to unmap
anything successfully."
Want to understand why that restriction is not a problem for DMA API.
what Jason proposed here assumes that existing driver support for
DMA API can be safely applied to vfio/iommufd. But above looks
warning certain exception?
> diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c
> index 59df7e42fd533c..bb34d3f641f17b 100644
> --- a/drivers/iommu/intel/iommu.c
> +++ b/drivers/iommu/intel/iommu.c
> @@ -4165,8 +4165,6 @@ static struct iommu_domain
> *intel_iommu_domain_alloc(unsigned type)
> switch (type) {
> case IOMMU_DOMAIN_BLOCKED:
> return &blocking_domain;
> - case IOMMU_DOMAIN_DMA:
> - case IOMMU_DOMAIN_DMA_FQ:
> case IOMMU_DOMAIN_UNMANAGED:
> dmar_domain = alloc_domain(type);
> if (!dmar_domain) {
> @@ -4761,6 +4759,7 @@ static void intel_iommu_remove_dev_pasid(struct
> device *dev, ioasid_t pasid)
> }
>
> const struct iommu_ops intel_iommu_ops = {
> + .use_dma_iommu = true,
missed:
+ .allow_dma_fq = true,
Powered by blists - more mailing lists