Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp278923imm;
        Thu, 12 Jul 2018 19:23:53 -0700 (PDT)
X-Google-Smtp-Source: AAOMgpdrzV9zITh/+gds7Ovia4pbZyOcbY4GbPkbRq6FsRateBdgh9fy2TzLguQBg7xkLCq+eXuu
X-Received: by 2002:a17:902:6b4c:: with SMTP id g12-v6mr4427727plt.159.1531448633889;
        Thu, 12 Jul 2018 19:23:53 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1531448633; cv=none;
        d=google.com; s=arc-20160816;
        b=ornFk515XI5zJDYKIUckvWjriybL2CRQxl4ATBtpfaQccAofIRsX3tbL8/YnsyYjU7
         aS2kE6KBMrzkFvoGIjlIigs6HaTra7YQriKtPxclDhUm6cx4dqwB8hhCY1T1B2xKnBS0
         H9yiGjeftADk+pLNZB6Mi30uyFebwKTyKx+/1Uvrnb04pokuTUJJvsBQCPFNdKIXuHtO
         EbLgvKG7tBLIOMt6RKY+wKbPYSYDMLze0u3Ze9fPP0R2BV6UOecFUQK9ODlFUkwdjgfx
         esPrH9fZ5SdLp5bLg3K7gJS6ifapyWGy5b4T61kV497qFfDm/ZQ/10vERHVvYT0dzjva
         otPw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:arc-authentication-results;
        bh=58ZQV5csMYV8Q2HkcXO34UJZMtoGbwkn7STk7QryWFs=;
        b=LEQTQB8886PeeTTBRCR/STqmOGkF534pleHVdtDOPZa+R3QmdHMOdRmjxjhdidCtlc
         adfkTUpwW+7rsv/i1++3qwN95pk02wn1P9MfMH0cPyeJAcHuyIs1W1tfwk26/T3vR+YH
         zNpmTqQOJqevACtI2r9e7YyHsGqDCaraJi3ClDx+0OfLr84tvd7TSCBIRJLVeg+tlto/
         qZvWSIsInUqwNsJScllmM1tz0G4U6jC11orbX4pF/2Umsg22G8+b0ntUHMA8007aTbU0
         njCkJ/vA/ipSkaK21pNkXFy5U6aduSp9J4wsbTKWvJ065UAMwmBcqJhaPiTstx/zortN
         XFEQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 7-v6si23512162pll.212.2018.07.12.19.23.38;
        Thu, 12 Jul 2018 19:23:53 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2388092AbeGMCf2 (ORCPT <rfc822;kerneldev.sdk@gmail.com>
        + 99 others); Thu, 12 Jul 2018 22:35:28 -0400
Received: from szxga06-in.huawei.com ([45.249.212.32]:35249 "EHLO huawei.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S2388021AbeGMCf2 (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 12 Jul 2018 22:35:28 -0400
Received: from DGGEMS414-HUB.china.huawei.com (unknown [172.30.72.58])
        by Forcepoint Email with ESMTP id 221167D74C13E;
        Fri, 13 Jul 2018 10:22:59 +0800 (CST)
Received: from [127.0.0.1] (10.177.223.23) by DGGEMS414-HUB.china.huawei.com
 (10.3.19.214) with Microsoft SMTP Server id 14.3.382.0; Fri, 13 Jul 2018
 10:22:53 +0800
Subject: Re: [PATCH 1/1] iommu/arm-smmu-v3: prevent any devices access to
 memory without registration
To:     "Leizhen (ThunderTown)" <thunder.leizhen@huawei.com>,
        Will Deacon <will.deacon@arm.com>
CC:     Jean-Philippe Brucker <jean-philippe.brucker@arm.com>,
        Robin Murphy <robin.murphy@arm.com>,
        Joerg Roedel <joro@8bytes.org>,
        linux-arm-kernel <linux-arm-kernel@lists.infradead.org>,
        iommu <iommu@lists.linux-foundation.org>,
        linux-kernel <linux-kernel@vger.kernel.org>
References: <1531387723-3592-1-git-send-email-thunder.leizhen@huawei.com>
 <20180712170120.GC26935@arm.com> <5B4804D6.4050508@huawei.com>
From:   Hanjun Guo <guohanjun@huawei.com>
Message-ID: <8067f5d2-b241-d5f2-42f6-466913f04e04@huawei.com>
Date:   Fri, 13 Jul 2018 10:22:51 +0800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101
 Thunderbird/52.5.0
MIME-Version: 1.0
In-Reply-To: <5B4804D6.4050508@huawei.com>
Content-Type: text/plain; charset="windows-1252"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.177.223.23]
X-CFilter-Loop: Reflected
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 2018/7/13 9:48, Leizhen (ThunderTown) wrote:
> 
> 
> On 2018/7/13 1:01, Will Deacon wrote:
>> On Thu, Jul 12, 2018 at 05:28:43PM +0800, Zhen Lei wrote:
>>> Stream bypass is not security. A malicious device can be hot plugged
>>> without match any drivers, but it can access to any memory. So change to
>>> disable bypass by default.
>>>
>>> Signed-off-by: Zhen Lei <thunder.leizhen@huawei.com>
>>> ---
>>>  drivers/iommu/arm-smmu-v3.c | 2 +-
>>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> Whilst this sounds nice, I *bet* you it will break some systems. In
>> particular, those where the SMMU is described but the toplogical information
>> is either incorrect or incomplete.
> 
> Suppose this scene exists, maybe we should consider updating IORT specification,
> to indicate whether a smmu treats all unregistered devices as stream bypass or not, --- global control
> to indicate whether a single device default use stream bypass or not, --- local control
> that will be more flexible. But we still disable bypass by default.

IORT (or dts) is about the hardware feature, if it's only
about the wrong topological information of devices and
SMMU, I think IORT is not the right place to describe such
information, we need correct that information instead.

Thanks
Hanjun