lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <a5e18b46-cccc-a2f7-91ae-aa5c942cd887@linux.intel.com>
Date:   Wed, 27 Sep 2023 10:04:51 +0800
From:   Baolu Lu <baolu.lu@...ux.intel.com>
To:     Yi Liu <yi.l.liu@...el.com>, joro@...tes.org,
        alex.williamson@...hat.com, jgg@...dia.com, kevin.tian@...el.com,
        robin.murphy@....com
Cc:     baolu.lu@...ux.intel.com, cohuck@...hat.com, eric.auger@...hat.com,
        nicolinc@...dia.com, kvm@...r.kernel.org, mjrosato@...ux.ibm.com,
        chao.p.peng@...ux.intel.com, yi.y.sun@...ux.intel.com,
        peterx@...hat.com, jasowang@...hat.com,
        shameerali.kolothum.thodi@...wei.com, lulu@...hat.com,
        suravee.suthikulpanit@....com, iommu@...ts.linux.dev,
        linux-kernel@...r.kernel.org, linux-kselftest@...r.kernel.org,
        zhenzhong.duan@...el.com, joao.m.martins@...cle.com
Subject: Re: [RFC 1/8] iommu: Introduce a replace API for device pasid

On 9/26/23 5:26 PM, Yi Liu wrote:
> From: Lu Baolu <baolu.lu@...ux.intel.com>
> 
> Provide a high-level API to allow replacements of one domain with
> another for specific pasid of a device. This is similar to
> iommu_group_replace_domain() and it is also expected to be used
> only by IOMMUFD.
> 
> Signed-off-by: Lu Baolu <baolu.lu@...ux.intel.com>
> Signed-off-by: Yi Liu <yi.l.liu@...el.com>
> ---
>   drivers/iommu/iommu-priv.h |  2 ++
>   drivers/iommu/iommu.c      | 73 ++++++++++++++++++++++++++++++--------
>   2 files changed, 60 insertions(+), 15 deletions(-)
> 

[...]

> @@ -3433,8 +3443,8 @@ EXPORT_SYMBOL_GPL(iommu_attach_device_pasid);
>    * The @domain must have been attached to @pasid of the @dev with
>    * iommu_attach_device_pasid().
>    */
> -void iommu_detach_device_pasid(struct iommu_domain *domain, struct device *dev,
> -			       ioasid_t pasid)
> +void iommu_detach_device_pasid(struct iommu_domain *domain,
> +			       struct device *dev, ioasid_t pasid)

Above change is irrelevant.

>   {
>   	struct iommu_group *group = iommu_group_get(dev);
>   
> @@ -3447,6 +3457,39 @@ void iommu_detach_device_pasid(struct iommu_domain *domain, struct device *dev,
>   }
>   EXPORT_SYMBOL_GPL(iommu_detach_device_pasid);
>   
> +/**
> + * iommu_replace_device_pasid - replace the domain that a pasid is attached to
> + * @domain: new IOMMU domain to replace with
> + * @dev: the physical device
> + * @pasid: pasid that will be attached to the new domain
> + *
> + * This API allows the pasid to switch domains. Return 0 on success, or an
> + * error. The pasid will roll back to use the old domain if failure. The
> + * caller could call iommu_detach_device_pasid() before free the old domain
> + * in order to avoid use-after-free case.

The comment does not match the actual behavior of the code. We need to
discuss and agree on which state the PASID should park in if replacing
the domain fails.

> + */
> +int iommu_replace_device_pasid(struct iommu_domain *domain,
> +			       struct device *dev, ioasid_t pasid)
> +{
> +	struct iommu_group *group = dev->iommu_group;
> +	int ret;
> +
> +	if (!domain)
> +		return -EINVAL;
> +
> +	if (!group)
> +		return -ENODEV;
> +
> +	mutex_lock(&group->mutex);
> +	__iommu_remove_group_pasid(group, pasid);
> +	xa_erase(&group->pasid_array, pasid);
> +	ret = __iommu_group_attach_pasid(domain, group, pasid);
> +	mutex_unlock(&group->mutex);
> +
> +	return ret;
> +}
> +EXPORT_SYMBOL_NS_GPL(iommu_replace_device_pasid, IOMMUFD_INTERNAL);
> +
>   /*
>    * iommu_get_domain_for_dev_pasid() - Retrieve domain for @pasid of @dev
>    * @dev: the queried device

Best regards,
baolu

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ