From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-11.6 required=3.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI, MENTIONS_GIT_HOSTING,SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id AB526C47E49 for ; Wed, 30 Oct 2019 18:26:15 +0000 (UTC) Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 73DB52067D for ; Wed, 30 Oct 2019 18:26:15 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="KiufJgbr" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 73DB52067D Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=chromium.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=iommu-bounces@lists.linux-foundation.org Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id 2F4FFBA4; Wed, 30 Oct 2019 18:26:15 +0000 (UTC) Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id D9CE4B5F for ; Wed, 30 Oct 2019 18:26:13 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-pl1-f196.google.com (mail-pl1-f196.google.com [209.85.214.196]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 704D787B for ; Wed, 30 Oct 2019 18:26:13 +0000 (UTC) Received: by mail-pl1-f196.google.com with SMTP id y8so1370927plk.0 for ; Wed, 30 Oct 2019 11:26:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=DtrACqPWLXMscKFC3fwao3dgzXOornE3kvjDu6sEkLA=; b=KiufJgbrRj86zsIMV1otcowQqEIoRGhhadz0y1H4HBU5AssCVh8qhcYYFYmDKdSq+S 3WQhFQE3NXpBBvl5Dq+sqppxJ+6ZTiIVYrSB4h7tULFSM7DjtsCFkiE9aZZ8TRdkPfx2 FXHuk3epmTxo8mMNAjdAagwx0oLzAv9l8YdjM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=DtrACqPWLXMscKFC3fwao3dgzXOornE3kvjDu6sEkLA=; b=M/9AOcXyJpx9N7tXksOmKGMzPY+abUv5GG3lIL28/CEA3gEbDyzL6Z5K7K1GxIPvrP Oc8JLq7rozQRjk1DSKg18UxOeO0zVHHvxXMiwkBPHCw/MP3V+4HAKlwsnmrd46mmVBwi 1FLxfcUF+gIWRpeAqy5ru/yQWsytGKUW9oYLIFKJx+9ZekRAEzWbnKS+S9QilJpWK63S deLEWl65LCq2ZNMbxuFABxP9L96/eDEP4FstnVoW12jEwgbRApxiCZ8wNRt59b5A4ziv 9jI4g0lgJLeJskoQ6kllc68uRgBGQCrtL4gsu6WG26TTHFG0z3h2biq1lUS+3g/9Bg/J fAKQ== X-Gm-Message-State: APjAAAXO1Ps8avvxsLCgaTu5viB7smYDG/zKLFqjgaKbBXV/JKMOEx2j i1oyN8dRaSMtdMRnIDI/hlWdHA== X-Google-Smtp-Source: APXvYqz+gOml2V+1TkezZQvv3jWGc6cqrvBZVedrnNeCwDK/e+32G9IWArX+9+GEEwDFFkiQOHkacQ== X-Received: by 2002:a17:902:bf0a:: with SMTP id bi10mr120764plb.56.1572459972890; Wed, 30 Oct 2019 11:26:12 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id i16sm594315pfa.184.2019.10.30.11.26.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 30 Oct 2019 11:26:11 -0700 (PDT) Date: Wed, 30 Oct 2019 11:26:10 -0700 From: Kees Cook To: Christoph Hellwig Subject: Re: [PATCH v4 1/2] dma-mapping: Add vmap checks to dma_map_single() Message-ID: <201910301125.A1DD6D5F53@keescook> References: <20191029213423.28949-1-keescook@chromium.org> <20191029213423.28949-2-keescook@chromium.org> <20191030091849.GA637042@kroah.com> <20191030180921.GB19366@lst.de> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20191030180921.GB19366@lst.de> Cc: Greg Kroah-Hartman , linux-kernel@vger.kernel.org, Stephen Boyd , iommu@lists.linux-foundation.org, Semmle Security Reports , Dan Carpenter , Jesper Dangaard Brouer , Thomas Gleixner , Laura Abbott , Robin Murphy , Allison Randal X-BeenThere: iommu@lists.linux-foundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Development issues for Linux IOMMU support List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: iommu-bounces@lists.linux-foundation.org Errors-To: iommu-bounces@lists.linux-foundation.org On Wed, Oct 30, 2019 at 07:09:21PM +0100, Christoph Hellwig wrote: > On Wed, Oct 30, 2019 at 10:18:49AM +0100, Greg Kroah-Hartman wrote: > > On Tue, Oct 29, 2019 at 02:34:22PM -0700, Kees Cook wrote: > > > As we've seen from USB and other areas[1], we need to always do runtime > > > checks for DMA operating on memory regions that might be remapped. This > > > adds vmap checks (similar to those already in USB but missing in other > > > places) into dma_map_single() so all callers benefit from the checking. > > > > > > [1] https://git.kernel.org/linus/3840c5b78803b2b6cc1ff820100a74a092c40cbb > > > > > > Suggested-by: Laura Abbott > > > Signed-off-by: Kees Cook > > > --- > > > include/linux/dma-mapping.h | 6 ++++++ > > > 1 file changed, 6 insertions(+) > > > > > > diff --git a/include/linux/dma-mapping.h b/include/linux/dma-mapping.h > > > index 4a1c4fca475a..54de3c496407 100644 > > > --- a/include/linux/dma-mapping.h > > > +++ b/include/linux/dma-mapping.h > > > @@ -583,6 +583,12 @@ static inline unsigned long dma_get_merge_boundary(struct device *dev) > > > static inline dma_addr_t dma_map_single_attrs(struct device *dev, void *ptr, > > > size_t size, enum dma_data_direction dir, unsigned long attrs) > > > { > > > + /* DMA must never operate on areas that might be remapped. */ > > > + if (dev_WARN_ONCE(dev, is_vmalloc_addr(ptr), > > > + "wanted %zu bytes mapped in vmalloc\n", size)) { > > > + return DMA_MAPPING_ERROR; > > > + } > > > > That's a very odd error string, I know if I saw it for the first time, I > > would have no idea what it meant. The USB message at least gives you a > > bit more context as to what went wrong and how to fix it. > > > > How about something like "Memory is not DMA capabable, please fix the > > allocation of it to be correct", or "non-dma-able memory was attempted > > to be mapped, but this is impossible to to" or something else. > > I've fixed the message to "rejecting DMA map of vmalloc memory" and > applied the patch. Great; thank you! -- Kees Cook _______________________________________________ iommu mailing list iommu@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/iommu