Received: by 2002:a05:7412:3290:b0:fa:6e18:a558 with SMTP id ev16csp711507rdb; Fri, 26 Jan 2024 08:24:24 -0800 (PST) X-Google-Smtp-Source: AGHT+IEfL2hDGBjccOAxzV6AoVSKpOUspi9avCg8p3S0cHbQ05tp1yU60FVpqXBlUa21iCU3D86a X-Received: by 2002:a7b:cd92:0:b0:40e:c534:f53 with SMTP id y18-20020a7bcd92000000b0040ec5340f53mr34032wmj.54.1706286264546; Fri, 26 Jan 2024 08:24:24 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706286264; cv=pass; d=google.com; s=arc-20160816; b=gorWr/+OtzHGNoTnC3xmW+bKpADT8wIUdvYGG/EpijnUNxypJOSuxyICXtOFpDDehd mlZBa8wM4RN0dRxJVYccP0UZ7780YbKuQU7dOj6104Lj5mc17pfo1iwzn2i/Chu4qM7P Ygl4z9E7y2RqDUmv0OcdYAG0pBIUSzNhSbqxvk2DF/7GkaORDI20mfHULG+tnUrJxlqw VGFjrLJyiZaONFhMTLvWqcq6z4nwjOimnwSQbRd5yKgXI8Jh2uizFWrHo1ZkVi5I4C2P 6Stsd065SJuZCIrGKVuKXyuvmd0gS3neiT+NszMPgabOe5EYIsYCbP1U4s6GmrxplNdy Yd5w== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :subject:cc:to:from:date:dkim-signature; bh=naytd94tlArIibvhBvDcL3lygM0pt/UH2fTL9YvY6Qg=; fh=Pt/vLgYoachKTmrGCk8iX6cxHu3EQKHMuGxf+QrSHvI=; b=p5wWlgRLuciqZmpipCgx4S9kHczAYzTR3QurMK2zv920YaDk0C7EkftK+/Yzfn8zZD H+SzQS0rK8WtjIfmZ6lFZiX2CvBUdyjpc2XZIBD/WtdRVaptVkBQCSGhPog9aFigCU72 jiCvvwIw2dW5YE+y3Y12Z9D06FRQ1VhhZMJUVVjmiLBsonZp6oJceCEHu4dCoswdiEj+ sc0RhGxelKaizRwd2v1q0CcfxdKWpQotrjtJBWlzkfBShn4Vq8ojm3SjlzMpWDUPzEqo FgOu4N1rp/FSFzUswA9FrwdW6r/BZ3Q0K9CCLahMEbjMHrS73yAFgXC11z+9vh1bUfFN ZjvA== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@tesarici.cz header.s=mail header.b=gGq0G6Ro; arc=pass (i=1 spf=pass spfdomain=tesarici.cz dkim=pass dkdomain=tesarici.cz dmarc=pass fromdomain=tesarici.cz); spf=pass (google.com: domain of linux-kernel+bounces-40329-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-40329-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=tesarici.cz Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id ch18-20020a170906c2d200b00a349639fa31si748775ejb.769.2024.01.26.08.24.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Jan 2024 08:24:24 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-40329-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@tesarici.cz header.s=mail header.b=gGq0G6Ro; arc=pass (i=1 spf=pass spfdomain=tesarici.cz dkim=pass dkdomain=tesarici.cz dmarc=pass fromdomain=tesarici.cz); spf=pass (google.com: domain of linux-kernel+bounces-40329-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-40329-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=tesarici.cz Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 4BFAB1F256F1 for ; Fri, 26 Jan 2024 16:24:24 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id BC6501D55D; Fri, 26 Jan 2024 16:24:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=tesarici.cz header.i=@tesarici.cz header.b="gGq0G6Ro" Received: from bee.tesarici.cz (bee.tesarici.cz [77.93.223.253]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6049D1DDF1 for ; Fri, 26 Jan 2024 16:23:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=77.93.223.253 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706286240; cv=none; b=owDRfobW+pM6404r9zVmu80Ki5HzApInE0GejdAWtIsiCTlLmcpJ8Nea8AZ1G0hfr7ZRvPcyYIQaDITUr+U9WZYT54EEKTvrA0FeaQ3tjqJSAAsAQwEwdh42L4Vo2BuBYAMh0Gn5+g1nvweLQ66wdo8emk1GPUL5PVZU+AMRYBo= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706286240; c=relaxed/simple; bh=HWHECrUxEnAXknABC0345RvphuEoZt5S3gPRLijbfak=; h=Date:From:To:Cc:Subject:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=VOwEcuCBFzOwODm9VBgcqWNZlE4WiCy5dJb2omwnK+qT6WVUl351GLducyPXdiq8Oc5HijZW1mpjkluwLvikUUokXHKhSshF6XbGp/ImOvAoQHMwnFQq2yBtKkMtTQWKpt7G50RQAyk+YB9p4lQ6K+3ok3X3WEaHYl5D4BULcyw= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=tesarici.cz; spf=pass smtp.mailfrom=tesarici.cz; dkim=pass (2048-bit key) header.d=tesarici.cz header.i=@tesarici.cz header.b=gGq0G6Ro; arc=none smtp.client-ip=77.93.223.253 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=tesarici.cz Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=tesarici.cz Received: from meshulam.tesarici.cz (dynamic-2a00-1028-83b8-1e7a-4427-cc85-6706-c595.ipv6.o2.cz [IPv6:2a00:1028:83b8:1e7a:4427:cc85:6706:c595]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by bee.tesarici.cz (Postfix) with ESMTPSA id 50C5B18D336; Fri, 26 Jan 2024 17:23:56 +0100 (CET) Authentication-Results: mail.tesarici.cz; dmarc=fail (p=none dis=none) header.from=tesarici.cz DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tesarici.cz; s=mail; t=1706286236; bh=HWHECrUxEnAXknABC0345RvphuEoZt5S3gPRLijbfak=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=gGq0G6Roj85qDR2Ro+IDlZrvafFDPbSBEuSRgblf82c8pOMeu1VK+X/R1gX4F6x/Q +rmjbEuZVB1F66+lttX2g6ywm24XFY0eIyvfZ101NBg6bPo5+zGbIKSoDTRgRwtcp3 dAr6+nKnEzKkH7G1Uoc1aJniogfkbcohQYT+BXgTpLDC0ZETGEDP29PLlkzvJERAPt rgZt3AtlyLvdFCr/BmY2r+mCXcp2esmmwgs2G+qdU7snj06FTyPjnZI4SqxC/Bv5mH WkSLugQdOpQ7LHZTfcwSz6GZ2dhHGgtSuSfn2Ij1nlaE/dnXK6NJcRYf4Y+9RScuS1 QTSMjard6I8IA== Date: Fri, 26 Jan 2024 17:23:55 +0100 From: Petr =?UTF-8?B?VGVzYcWZw61r?= To: Will Deacon Cc: linux-kernel@vger.kernel.org, kernel-team@android.com, iommu@lists.linux.dev, Christoph Hellwig , Marek Szyprowski , Robin Murphy , Petr Tesarik , Dexuan Cui Subject: Re: [PATCH 2/2] swiotlb: Enforce page alignment in swiotlb_alloc() Message-ID: <20240126172355.22a03d13@meshulam.tesarici.cz> In-Reply-To: <20240126151956.10014-3-will@kernel.org> References: <20240126151956.10014-1-will@kernel.org> <20240126151956.10014-3-will@kernel.org> X-Mailer: Claws Mail 4.2.0 (GTK 3.24.39; x86_64-suse-linux-gnu) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Fri, 26 Jan 2024 15:19:56 +0000 Will Deacon wrote: > When allocating pages from a restricted DMA pool in swiotlb_alloc(), > the buffer address is blindly converted to a 'struct page *' that is > returned to the caller. In the unlikely event of an allocation bug, > page-unaligned addresses are not detected and slots can silently be > double-allocated. > > Add a simple check of the buffer alignment in swiotlb_alloc() to make > debugging a little easier if something has gone wonky. > > Cc: Christoph Hellwig > Cc: Marek Szyprowski > Cc: Robin Murphy > Cc: Petr Tesarik > Cc: Dexuan Cui > Signed-off-by: Will Deacon > --- > kernel/dma/swiotlb.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/kernel/dma/swiotlb.c b/kernel/dma/swiotlb.c > index 25febb9e670c..92433ea9f2d2 100644 > --- a/kernel/dma/swiotlb.c > +++ b/kernel/dma/swiotlb.c > @@ -1647,6 +1647,12 @@ struct page *swiotlb_alloc(struct device *dev, size_t size) > return NULL; > > tlb_addr = slot_addr(pool->start, index); > + if (!PAGE_ALIGNED(tlb_addr)) { > + dev_WARN_ONCE(dev, 1, "Cannot return 'struct page *' for non page-aligned swiotlb addr 0x%pa.\n", > + &tlb_addr); > + swiotlb_release_slots(dev, tlb_addr); > + return NULL; > + } Is there a reason not to use BUG_ON()? If yes, I would at least go for: + if (unlikely(!PAGE_ALIGNED(tlb_addr))) { Other than that, yes, such cheap sanity checking looks like a good idea. Petr T