From: Laura Abbott <labbott@redhat.com>
To: Rob Clark <robdclark@gmail.com>
Cc: "Daniel Vetter" <daniel.vetter@ffwll.ch>,
"Benjamin Gaignard" <benjamin.gaignard@linaro.org>,
devel@driverdev.osuosl.org, "Rom Lemarchand" <romlem@google.com>,
"Linux Kernel Mailing List" <linux-kernel@vger.kernel.org>,
"Riley Andrews" <riandrews@android.com>,
"dri-devel@lists.freedesktop.org"
<dri-devel@lists.freedesktop.org>,
"Michal Hocko" <mhocko@kernel.org>,
"linaro-mm-sig@lists.linaro.org" <linaro-mm-sig@lists.linaro.org>,
"Linux MM" <linux-mm@kvack.org>,
"Arve Hjønnevåg" <arve@android.com>,
"Mark Brown" <broonie@kernel.org>,
"Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
"Daniel Vetter" <daniel.vetter@intel.com>,
"linux-arm-kernel@lists.infradead.org"
<linux-arm-kernel@lists.infradead.org>,
"linux-media@vger.kernel.org" <linux-media@vger.kernel.org>
Subject: Re: [RFC PATCH 00/12] Ion cleanup in preparation for moving out of staging
Date: Mon, 13 Mar 2017 14:59:23 -0700 [thread overview]
Message-ID: <ef8ae526-d0e8-83dd-c2d8-656d356ebd91@redhat.com> (raw)
In-Reply-To: <CAF6AEGvs0qVr_=pSp5FYoxM4XNaKLtYB-uhBmDheYcgxgv1_2g@mail.gmail.com>
On 03/13/2017 02:29 PM, Rob Clark wrote:
> On Mon, Mar 13, 2017 at 5:09 PM, Laura Abbott <labbott@redhat.com> wrote:
>>> Hm, we might want to expose all the heaps as individual
>>> /dev/ion_$heapname nodes? Should we do this from the start, since
>>> we're massively revamping the uapi anyway (imo not needed, current
>>> state seems to work too)?
>>> -Daniel
>>>
>>
>> I thought about that. One advantage with separate /dev/ion_$heap
>> is that we don't have to worry about a limit of 32 possible
>> heaps per system (32-bit heap id allocation field). But dealing
>> with an ioctl seems easier than names. Userspace might be less
>> likely to hardcode random id numbers vs. names as well.
>
>
> other advantage, I think, is selinux (brought up elsewhere on this
> thread).. heaps at known fixed PAs are useful for certain sorts of
> attacks so being able to restrict access more easily seems like a good
> thing
>
> BR,
> -R
>
Some other kind of filtering (BPF/LSM/???) might work as well
(http://kernsec.org/files/lss2015/vanderstoep.pdf ?)
The fixed PA issue is a larger problem. We're never going to
be able to get away from "this heap must exist at address X"
problems but the location of CMA in general should be
randomized. I haven't actually come up with a good proposal
to this though.
I'd like for Ion to be a framework for memory allocation and
not security exploits. Hopefully this isn't a pipe dream.
Thanks,
Laura
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2017-03-13 21:59 UTC|newest]
Thread overview: 74+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-02 21:44 [RFC PATCH 00/12] Ion cleanup in preparation for moving out of staging Laura Abbott
2017-03-02 21:44 ` [RFC PATCH 01/12] staging: android: ion: Remove dmap_cnt Laura Abbott
2017-03-02 21:44 ` [RFC PATCH 02/12] staging: android: ion: Remove alignment from allocation field Laura Abbott
2017-03-02 21:44 ` [RFC PATCH 03/12] staging: android: ion: Duplicate sg_table Laura Abbott
2017-03-03 8:18 ` Hillf Danton
2017-03-03 18:41 ` Laura Abbott
2017-03-02 21:44 ` [RFC PATCH 04/12] staging: android: ion: Call dma_map_sg for syncing and mapping Laura Abbott
2017-03-03 11:04 ` Dan Carpenter
2017-03-03 11:58 ` Eric Engestrom
2017-03-03 16:37 ` Laurent Pinchart
2017-03-03 18:40 ` Laura Abbott
2017-03-02 21:44 ` [RFC PATCH 05/12] staging: android: ion: Remove page faulting support Laura Abbott
2017-03-02 21:44 ` [RFC PATCH 06/12] staging: android: ion: Remove crufty cache support Laura Abbott
2017-03-03 9:56 ` Daniel Vetter
2017-03-03 16:39 ` Laurent Pinchart
2017-03-03 18:46 ` Laura Abbott
2017-03-06 10:29 ` Daniel Vetter
2017-03-06 17:00 ` Emil Velikov
2017-03-06 19:20 ` Laura Abbott
2017-03-02 21:44 ` [RFC PATCH 07/12] staging: android: ion: Remove old platform support Laura Abbott
2017-03-03 10:31 ` Daniel Vetter
2017-03-02 21:44 ` [RFC PATCH 08/12] cma: Store a name in the cma structure Laura Abbott
2017-03-10 8:53 ` Sumit Semwal
2017-03-17 18:02 ` Laura Abbott
2017-03-02 21:44 ` [RFC PATCH 09/12] cma: Introduce cma_for_each_area Laura Abbott
2017-03-02 21:44 ` [RFC PATCH 10/12] staging: android: ion: Use CMA APIs directly Laura Abbott
2017-03-03 16:41 ` Laurent Pinchart
2017-03-03 18:50 ` Laura Abbott
2017-03-06 10:32 ` Daniel Vetter
2017-03-06 13:43 ` Laurent Pinchart
2017-03-06 15:52 ` Daniel Vetter
2017-03-06 19:14 ` Laura Abbott
2017-03-02 21:44 ` [RFC PATCH 11/12] staging: android: ion: Make Ion heaps selectable Laura Abbott
2017-03-03 10:33 ` Daniel Vetter
2017-03-03 19:10 ` Laura Abbott
2017-03-02 21:44 ` [RFC PATCH 12/12] staging; android: ion: Enumerate all available heaps Laura Abbott
2017-03-03 10:39 ` Daniel Vetter
2017-03-03 10:04 ` [RFC PATCH 00/12] Ion cleanup in preparation for moving out of staging Daniel Vetter
2017-03-03 10:27 ` Daniel Vetter
2017-03-03 12:54 ` Benjamin Gaignard
2017-03-03 16:45 ` Laurent Pinchart
2017-03-03 19:16 ` Laura Abbott
2017-03-06 10:38 ` Daniel Vetter
2017-03-06 15:02 ` Laurent Pinchart
2017-03-06 16:01 ` Daniel Vetter
2017-03-03 13:29 ` Michal Hocko
2017-03-03 17:37 ` Laura Abbott
2017-03-06 7:42 ` Michal Hocko
2017-03-06 10:40 ` Daniel Vetter
2017-03-06 10:58 ` Mark Brown
2017-03-06 16:04 ` Daniel Vetter
2017-03-09 10:00 ` Benjamin Gaignard
2017-03-09 17:38 ` Laura Abbott
2017-03-10 10:31 ` Brian Starkey
2017-03-10 11:46 ` Robin Murphy
2017-03-10 14:27 ` Brian Starkey
2017-03-10 16:46 ` Laura Abbott
2017-03-10 12:40 ` Daniel Vetter
2017-03-10 13:56 ` Rob Clark
2017-03-12 13:34 ` Benjamin Gaignard
2017-03-12 19:05 ` Daniel Vetter
2017-03-13 21:09 ` Laura Abbott
2017-03-13 21:29 ` Rob Clark
2017-03-13 21:59 ` Laura Abbott [this message]
2017-03-14 14:47 ` Benjamin Gaignard
2017-03-14 19:45 ` Laura Abbott
2017-03-14 20:28 ` Nicolas Dufresne
2017-03-13 10:54 ` Brian Starkey
2017-03-13 13:21 ` Mark Brown
2017-03-13 21:45 ` Laura Abbott
2017-03-13 21:29 ` Laura Abbott
2017-03-06 13:34 ` Michal Hocko
2017-03-03 16:25 ` Laurent Pinchart
2017-03-03 19:14 ` Laura Abbott
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ef8ae526-d0e8-83dd-c2d8-656d356ebd91@redhat.com \
--to=labbott@redhat.com \
--cc=arve@android.com \
--cc=benjamin.gaignard@linaro.org \
--cc=broonie@kernel.org \
--cc=daniel.vetter@ffwll.ch \
--cc=daniel.vetter@intel.com \
--cc=devel@driverdev.osuosl.org \
--cc=dri-devel@lists.freedesktop.org \
--cc=gregkh@linuxfoundation.org \
--cc=linaro-mm-sig@lists.linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-media@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mhocko@kernel.org \
--cc=riandrews@android.com \
--cc=robdclark@gmail.com \
--cc=romlem@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).