lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250228173857.GD39591@nvidia.com>
Date: Fri, 28 Feb 2025 13:38:57 -0400
From: Jason Gunthorpe <jgg@...dia.com>
To: Robin Murphy <robin.murphy@....com>
Cc: will@...nel.org, joro@...tes.org, iommu@...ts.linux.dev,
	nicolinc@...dia.com, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] iommu: Sort out domain user data

On Fri, Feb 28, 2025 at 11:31:11AM +0000, Robin Murphy wrote:
> When DMA/MSI cookies were made first-class citizens back in commit
> 46983fcd67ac ("iommu: Pull IOVA cookie management into the core"), there
> was no real need to further expose the two different cookie types.
> However, now that IOMMUFD wants to add a third type of MSI-mapping
> cookie, we do have a nicely compelling reason to properly dismabiguate
> things at the domain level beyond just vaguely guessing from the domain
> type.
> 
> Meanwhile, we also effectively have another "cookie" in the form of the
> anonymous union for other user data, which isn't much better in terms of
> being vague and unenforced. The fact is that all these cookie types are
> mutually exclusive, in the sense that combining them makes zero sense
> and/or would be catastrophic (iommu_set_fault_handler() on an SVA
> domain, anyone?) - the only combination which *might* be reasonable is
> perhaps a fault handler and an MSI cookie, but nobody's doing that at
> the moment, so let's rule it out as well for the sake of being clear and
> robust. To that end, we pull DMA and MSI cookies apart a little more,
> mostly to clear up the ambiguity at domain teardown, then for clarity
> (and to save a little space), move them into the union, whose ownership
> we can then properly describe and enforce entirely unambiguously.
> 
> Signed-off-by: Robin Murphy <robin.murphy@....com>
> ---
>  drivers/iommu/dma-iommu.c | 189 ++++++++++++++++++++------------------
>  drivers/iommu/dma-iommu.h |   5 +
>  drivers/iommu/iommu-sva.c |   1 +
>  drivers/iommu/iommu.c     |  17 +++-
>  include/linux/iommu.h     |  13 ++-
>  5 files changed, 134 insertions(+), 91 deletions(-)

This looks good to me, especially the cleanup of the fault stuff. Do
you want Nicolin to rebase it and combine it with the other bits he
has?

Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ