lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <TYTP286MB3564BA78F5ED7E8FE4DEEE93CAC1A@TYTP286MB3564.JPNP286.PROD.OUTLOOK.COM>
Date:   Thu, 28 Sep 2023 16:57:37 +0800
From:   Dawei Li <set_pte_at@...look.com>
To:     Baolu Lu <baolu.lu@...ux.intel.com>
Cc:     joro@...tes.org, will@...nel.org, robin.murphy@....com,
        jgg@...dia.com, iommu@...ts.linux.dev, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] iommu: Sanity check on param list for
 iommu_get_resv_regions

Hi,
Thanks for reviewing,

On Thu, Sep 28, 2023 at 09:33:29AM +0800, Baolu Lu wrote:
> On 9/27/23 10:25 PM, Dawei Li wrote:
> > In iommu_get_resv_regions(), param list is an argument supplied by caller,
> > into which callee is supposed to insert resv regions.
> > 
> > In other words, this 'list' argument is expected to be an empty list,
> > so make an explicit annotation on it.
> > 
> > Signed-off-by: Dawei Li <set_pte_at@...look.com>
> > ---
> >   drivers/iommu/iommu.c | 9 +++++----
> >   1 file changed, 5 insertions(+), 4 deletions(-)
> > 
> > diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c
> > index 1ecac2b5c54f..a01c4a7a9d19 100644
> > --- a/drivers/iommu/iommu.c
> > +++ b/drivers/iommu/iommu.c
> > @@ -813,7 +813,7 @@ int iommu_get_group_resv_regions(struct iommu_group *group,
> >   	mutex_lock(&group->mutex);
> >   	for_each_group_device(group, device) {
> > -		struct list_head dev_resv_regions;
> > +		LIST_HEAD(dev_resv_regions);
> >   		/*
> >   		 * Non-API groups still expose reserved_regions in sysfs,
> > @@ -822,7 +822,6 @@ int iommu_get_group_resv_regions(struct iommu_group *group,
> >   		if (!device->dev->iommu)
> >   			break;
> > -		INIT_LIST_HEAD(&dev_resv_regions);
> >   		iommu_get_resv_regions(device->dev, &dev_resv_regions);
> >   		ret = iommu_insert_device_resv_regions(&dev_resv_regions, head);
> >   		iommu_put_resv_regions(device->dev, &dev_resv_regions);
> > @@ -1061,12 +1060,11 @@ static int iommu_create_device_direct_mappings(struct iommu_domain *domain,
> >   					       struct device *dev)
> >   {
> >   	struct iommu_resv_region *entry;
> > -	struct list_head mappings;
> >   	unsigned long pg_size;
> > +	LIST_HEAD(mappings);
> >   	int ret = 0;
> >   	pg_size = domain->pgsize_bitmap ? 1UL << __ffs(domain->pgsize_bitmap) : 0;
> > -	INIT_LIST_HEAD(&mappings);
> >   	if (WARN_ON_ONCE(iommu_is_dma_domain(domain) && !pg_size))
> >   		return -EINVAL;
> > @@ -2813,6 +2811,9 @@ void iommu_get_resv_regions(struct device *dev, struct list_head *list)
> >   {
> >   	const struct iommu_ops *ops = dev_iommu_ops(dev);
> > +	if (WARN_ON(!list_empty(list)))
> > +		return;
> 
> I don't understand why the input list *must* be empty. This interface

Because @list is an output-only argument, which is supposed to be filled                                                                                                       
by caller(inserting elements into it). If it's not empty, it's an inputing                                                                                                     
argument, in which case caller will take existing node (in @list) into account,
and insert new nodes before/after them.                                                                                                                                            
Please lemme put it another way, if list argment is not empty:                                                                                                                 

Before calling:                                                                                                                                                                
list: head->A                                                                                                                                                                  

After calling                                                                                                                                                                  
list: head->A->B->C                                                                                                                                                            

It will confuse caller cuz it can't tell whether A is a valid returned
by callee.

> has already been exported, so please update the comment to explain this
> new requirement.
> 
> > +
> >   	if (ops->get_resv_regions)
> >   		ops->get_resv_regions(dev, list);
> >   }
> 
> Best regards,
> baolu

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ