Re: [PATCH v2 02/17] driver core: Add dma_unconfigure callback in bus_type

From: Greg Kroah-Hartman
Date: Sun Nov 28 2021 - 03:06:53 EST

Next message: Greg Kroah-Hartman: "Re: [PATCH v2 04/17] driver core: platform: Add driver dma ownership management"
Previous message: Greg Kroah-Hartman: "Re: [PATCH 3/9] all: replace bitmap_weigth() with bitmap_{empty,full,eq,gt,le}"
In reply to: Lu Baolu: "[PATCH v2 02/17] driver core: Add dma_unconfigure callback in bus_type"
Next in thread: Lu Baolu: "Re: [PATCH v2 02/17] driver core: Add dma_unconfigure callback in bus_type"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Nov 28, 2021 at 10:50:36AM +0800, Lu Baolu wrote:
> The bus_type structure defines dma_configure() callback for bus drivers
> to configure DMA on the devices. This adds the paired dma_unconfigure()
> callback and calls it during driver unbinding so that bus drivers can do
> some cleanup work.
>
> One use case for this paired DMA callbacks is for the bus driver to check
> for DMA ownership conflicts during driver binding, where multiple devices
> belonging to a same IOMMU group (the minimum granularity of isolation and
> protection) may be assigned to kernel drivers or user space respectively.
>
> Without this change, for example, the vfio driver has to listen to a bus
> BOUND_DRIVER event and then BUG_ON() in case of dma ownership conflict.
> This leads to bad user experience since careless driver binding operation
> may crash the system if the admin overlooks the group restriction. Aside
> from bad design, this leads to a security problem as a root user, even with
> lockdown=integrity, can force the kernel to BUG.
>
> With this change, the bus driver could check and set the DMA ownership in
> driver binding process and fail on ownership conflicts. The DMA ownership
> should be released during driver unbinding.
>
> Suggested-by: Jason Gunthorpe <jgg@xxxxxxxxxx>
> Link: https://lore.kernel.org/linux-iommu/20210922123931.GI327412@xxxxxxxxxx/
> Link: https://lore.kernel.org/linux-iommu/20210928115751.GK964074@xxxxxxxxxx/
> Signed-off-by: Lu Baolu <baolu.lu@xxxxxxxxxxxxxxx>
> ---
> include/linux/device/bus.h | 3 +++
> drivers/base/dd.c | 7 ++++++-
> 2 files changed, 9 insertions(+), 1 deletion(-)
>
> diff --git a/include/linux/device/bus.h b/include/linux/device/bus.h
> index a039ab809753..ef54a71e5f8f 100644
> --- a/include/linux/device/bus.h
> +++ b/include/linux/device/bus.h
> @@ -59,6 +59,8 @@ struct fwnode_handle;
> * bus supports.
> * @dma_configure: Called to setup DMA configuration on a device on
> * this bus.
> + * @dma_unconfigure: Called to cleanup DMA configuration on a device on
> + * this bus.

"dma_cleanup()" is a better name for this, don't you think?

thanks,

greg k-h

Next message: Greg Kroah-Hartman: "Re: [PATCH v2 04/17] driver core: platform: Add driver dma ownership management"
Previous message: Greg Kroah-Hartman: "Re: [PATCH 3/9] all: replace bitmap_weigth() with bitmap_{empty,full,eq,gt,le}"
In reply to: Lu Baolu: "[PATCH v2 02/17] driver core: Add dma_unconfigure callback in bus_type"
Next in thread: Lu Baolu: "Re: [PATCH v2 02/17] driver core: Add dma_unconfigure callback in bus_type"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]