| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <TYTP286MB3564BA78F5ED7E8FE4DEEE93CAC1A@TYTP286MB3564.JPNP286.PROD.OUTLOOK.COM>
Date: Thu, 28 Sep 2023 16:57:37 +0800
From: Dawei Li <set_pte_at@...look.com>
To: Baolu Lu <baolu.lu@...ux.intel.com>
Cc: joro@...tes.org, will@...nel.org, robin.murphy@....com,
jgg@...dia.com, iommu@...ts.linux.dev, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] iommu: Sanity check on param list for
iommu_get_resv_regions
Hi,
Thanks for reviewing,
On Thu, Sep 28, 2023 at 09:33:29AM +0800, Baolu Lu wrote:
> On 9/27/23 10:25 PM, Dawei Li wrote:
> > In iommu_get_resv_regions(), param list is an argument supplied by caller,
> > into which callee is supposed to insert resv regions.
> >
> > In other words, this 'list' argument is expected to be an empty list,
> > so make an explicit annotation on it.
> >
> > Signed-off-by: Dawei Li <set_pte_at@...look.com>
> > ---
> > drivers/iommu/iommu.c | 9 +++++----
> > 1 file changed, 5 insertions(+), 4 deletions(-)
> >
> > diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
> > index 1ecac2b5c54f..a01c4a7a9d19 100644
> > --- a/drivers/iommu/iommu.c
> > +++ b/drivers/iommu/iommu.c
> > @@ -813,7 +813,7 @@ int iommu_get_group_resv_regions(struct iommu_group *group,
> > mutex_lock(&group->mutex);
> > for_each_group_device(group, device) {
> > - struct list_head dev_resv_regions;
> > + LIST_HEAD(dev_resv_regions);
> > /*
> > * Non-API groups still expose reserved_regions in sysfs,
> > @@ -822,7 +822,6 @@ int iommu_get_group_resv_regions(struct iommu_group *group,
> > if (!device->dev->iommu)
> > break;
> > - INIT_LIST_HEAD(&dev_resv_regions);
> > iommu_get_resv_regions(device->dev, &dev_resv_regions);
> > ret = iommu_insert_device_resv_regions(&dev_resv_regions, head);
> > iommu_put_resv_regions(device->dev, &dev_resv_regions);
> > @@ -1061,12 +1060,11 @@ static int iommu_create_device_direct_mappings(struct iommu_domain *domain,
> > struct device *dev)
> > {
> > struct iommu_resv_region *entry;
> > - struct list_head mappings;
> > unsigned long pg_size;
> > + LIST_HEAD(mappings);
> > int ret = 0;
> > pg_size = domain->pgsize_bitmap ? 1UL << __ffs(domain->pgsize_bitmap) : 0;
> > - INIT_LIST_HEAD(&mappings);
> > if (WARN_ON_ONCE(iommu_is_dma_domain(domain) && !pg_size))
> > return -EINVAL;
> > @@ -2813,6 +2811,9 @@ void iommu_get_resv_regions(struct device *dev, struct list_head *list)
> > {
> > const struct iommu_ops *ops = dev_iommu_ops(dev);
> > + if (WARN_ON(!list_empty(list)))
> > + return;
>
> I don't understand why the input list *must* be empty. This interface
Because @list is an output-only argument, which is supposed to be filled
by caller(inserting elements into it). If it's not empty, it's an inputing
argument, in which case caller will take existing node (in @list) into account,
and insert new nodes before/after them.
Please lemme put it another way, if list argment is not empty:
Before calling:
list: head->A
After calling
list: head->A->B->C
It will confuse caller cuz it can't tell whether A is a valid returned
by callee.
> has already been exported, so please update the comment to explain this
> new requirement.
>
> > +
> > if (ops->get_resv_regions)
> > ops->get_resv_regions(dev, list);
> > }
>
> Best regards,
> baolu
Powered by blists - more mailing lists