Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp3401298ybi; Mon, 10 Jun 2019 09:37:26 -0700 (PDT) X-Google-Smtp-Source: APXvYqwN2JQKl21Dec4atbZOERmF3x6fr+H/oMh8muz7qm8HedMxv9dk16C7TgMDMSW28wKG6mGk X-Received: by 2002:a62:f20b:: with SMTP id m11mr22919461pfh.125.1560184646728; Mon, 10 Jun 2019 09:37:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560184646; cv=none; d=google.com; s=arc-20160816; b=S/nsxnrwh9/pF2xFj4Zpu+MOI7drRhh6DZXqFWIR/I1TGI9API+UNaCLTdglu71P02 7pKpokKho6ooV6Y90+zJ+xP1Ee3cmbcp5x+Ge39/b62lSd53GZOv+LMTbNDvCLZGgCMv XY6R0PEbAhb5ox1KKFKlsrlcB35lN7kaKebeiPkz/X/39tsZ0+PjF6LLFc0abvfYyHnE /BrVc3/zR8iZW6hp/5UGLtaTs36aEQnMrbpzhVkvlunvL9Xjm3xk2JiN6+iWdZkNTiLf /R8OMrwOckMIm361RUgwBr6COpJO4TBr6ceDV9zNDbmvIV7mg5dgGbKunU374tDCQEeS myhA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=On8N8xLx5bySBhtfklW/jVPpdxRw8n8hUrnegNsG56A=; b=W9teWkCIblctktDzlNEwHHsimFlpOOsQuCpPHC98CTVqErU6LQuyTv4uVpphvRPlP7 YBJ7g2+uSSY/DTN50e/ZDi+xQ9+MBZanTBb8eJHzCUG4G2aoRJrt1g/2Bi0qP4mf4Z8U iHK6gF89j+hCr4KO3Ww9lnIrQ5L+sEvT8i+ZyPWVyXKXDvmqeEq89LvhYUasEmfoiU3/ OXomvxPIvZOz/yItGoJoSnLw7C/10OHv/dg7DhnJcAWKKAebMAmksWPEJMIh1s3T2L4t SeVegpjzuvbVQ0rdNjRER9vqPn+0hjBarbHBSPalRz1etLwnMlUMv5lTHSwUuhNMjDrD xGoQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b="p/11d3fZ"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q26si8460336pgl.114.2019.06.10.09.37.12; Mon, 10 Jun 2019 09:37:26 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@oracle.com header.s=corp-2018-07-02 header.b="p/11d3fZ"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=oracle.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2391254AbfFJPrS (ORCPT + 99 others); Mon, 10 Jun 2019 11:47:18 -0400 Received: from userp2130.oracle.com ([156.151.31.86]:40554 "EHLO userp2130.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390445AbfFJPrS (ORCPT ); Mon, 10 Jun 2019 11:47:18 -0400 Received: from pps.filterd (userp2130.oracle.com [127.0.0.1]) by userp2130.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x5AFdV6B161235; Mon, 10 Jun 2019 15:44:33 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=date : from : to : cc : subject : message-id : references : mime-version : content-type : in-reply-to; s=corp-2018-07-02; bh=On8N8xLx5bySBhtfklW/jVPpdxRw8n8hUrnegNsG56A=; b=p/11d3fZWqgw6ec6faSYbql5IRRZrISP+FormimufKnKfD4oejFLbQaz8rO+MPz90WQH CLna2EtuzO9psBaVjiz7fqDeAoQte4NQV1apg4hTTAxccnllpf8kDLezBCyH0kuMShXM kN60z3OLNhGI+exe51OHF9g5X2IV3InBDG5BW/zCx7hujEoEF0gDm4QKxhw3WEpDNtqi O7v4pnoNCyCrObAeKJUcHvgmJyZAkdqeM7l9QGwrznr2BR/mx3+iJ2r07o9ryWubXCez QCZHgwvQ3CCsCfHMWc041w0QAh5xkQI0QlN1YDqgujvEnkI+NMH0kRGezP2tywgLtLhE eQ== Received: from userp3020.oracle.com (userp3020.oracle.com [156.151.31.79]) by userp2130.oracle.com with ESMTP id 2t04etfrau-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 10 Jun 2019 15:44:33 +0000 Received: from pps.filterd (userp3020.oracle.com [127.0.0.1]) by userp3020.oracle.com (8.16.0.27/8.16.0.27) with SMTP id x5AFgjd4157509; Mon, 10 Jun 2019 15:44:32 GMT Received: from userv0121.oracle.com (userv0121.oracle.com [156.151.31.72]) by userp3020.oracle.com with ESMTP id 2t1jpgxjdy-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 10 Jun 2019 15:44:32 +0000 Received: from abhmp0019.oracle.com (abhmp0019.oracle.com [141.146.116.25]) by userv0121.oracle.com (8.14.4/8.13.8) with ESMTP id x5AFiUwV024636; Mon, 10 Jun 2019 15:44:31 GMT Received: from char.us.oracle.com (/10.152.32.25) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 10 Jun 2019 08:44:30 -0700 Received: by char.us.oracle.com (Postfix, from userid 1000) id A93F86A00FC; Mon, 10 Jun 2019 11:45:53 -0400 (EDT) Date: Mon, 10 Jun 2019 11:45:53 -0400 From: Konrad Rzeszutek Wilk To: Lu Baolu Cc: David Woodhouse , Joerg Roedel , Bjorn Helgaas , Christoph Hellwig , ashok.raj@intel.com, jacob.jun.pan@intel.com, alan.cox@intel.com, kevin.tian@intel.com, mika.westerberg@linux.intel.com, Ingo Molnar , Greg Kroah-Hartman , pengfei.xu@intel.com, Marek Szyprowski , Robin Murphy , Jonathan Corbet , Boris Ostrovsky , Juergen Gross , Stefano Stabellini , Steven Rostedt , iommu@lists.linux-foundation.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v4 3/9] swiotlb: Zero out bounce buffer for untrusted device Message-ID: <20190610154553.GT28796@char.us.oracle.com> References: <20190603011620.31999-1-baolu.lu@linux.intel.com> <20190603011620.31999-4-baolu.lu@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190603011620.31999-4-baolu.lu@linux.intel.com> User-Agent: Mutt/1.9.1 (2017-09-22) X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9284 signatures=668687 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1906100107 X-Proofpoint-Virus-Version: vendor=nai engine=6000 definitions=9284 signatures=668687 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1906100107 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jun 03, 2019 at 09:16:14AM +0800, Lu Baolu wrote: > This is necessary to avoid exposing valid kernel data to any > milicious device. malicious > > Suggested-by: Christoph Hellwig > Signed-off-by: Lu Baolu > --- > kernel/dma/swiotlb.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/kernel/dma/swiotlb.c b/kernel/dma/swiotlb.c > index f956f785645a..ed41eb7f6131 100644 > --- a/kernel/dma/swiotlb.c > +++ b/kernel/dma/swiotlb.c > @@ -35,6 +35,7 @@ > #include > #include > #include > +#include > #ifdef CONFIG_DEBUG_FS > #include > #endif > @@ -560,6 +561,11 @@ phys_addr_t swiotlb_tbl_map_single(struct device *hwdev, > */ > for (i = 0; i < nslots; i++) > io_tlb_orig_addr[index+i] = orig_addr + (i << IO_TLB_SHIFT); > + > + /* Zero out the bounce buffer if the consumer is untrusted. */ > + if (dev_is_untrusted(hwdev)) > + memset(phys_to_virt(tlb_addr), 0, alloc_size); What if the alloc_size is less than a PAGE? Should this at least have ALIGN or such? > + > if (!(attrs & DMA_ATTR_SKIP_CPU_SYNC) && > (dir == DMA_TO_DEVICE || dir == DMA_BIDIRECTIONAL)) > swiotlb_bounce(orig_addr, tlb_addr, mapping_size, DMA_TO_DEVICE); > -- > 2.17.1 >