From: Christoph Hellwig <hch@lst.de>
To: iommu@lists.linux-foundation.org
Cc: Robin Murphy <robin.murphy@arm.com>,
David Rientjes <rientjes@google.com>
Subject: [PATCH 03/11] dma-direct: always leak memory that can't be re-encrypted
Date: Thu, 11 Nov 2021 07:50:19 +0100 [thread overview]
Message-ID: <20211111065028.32761-4-hch@lst.de> (raw)
In-Reply-To: <20211111065028.32761-1-hch@lst.de>
We must never unencryped memory go back into the general page pool.
So if we fail to set it back to encrypted when freeing DMA memory, leak
the memory insted and warn the user.
Signed-off-by: Christoph Hellwig <hch@lst.de>
---
kernel/dma/direct.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/kernel/dma/direct.c b/kernel/dma/direct.c
index 996ba4edb2fa3..d7a489be48470 100644
--- a/kernel/dma/direct.c
+++ b/kernel/dma/direct.c
@@ -84,9 +84,14 @@ static int dma_set_decrypted(struct device *dev, void *vaddr, size_t size)
static int dma_set_encrypted(struct device *dev, void *vaddr, size_t size)
{
+ int ret;
+
if (!force_dma_unencrypted(dev))
return 0;
- return set_memory_encrypted((unsigned long)vaddr, 1 << get_order(size));
+ ret = set_memory_encrypted((unsigned long)vaddr, 1 << get_order(size));
+ if (ret)
+ pr_warn_ratelimited("leaking DMA memory that can't be re-encrypted\n");
+ return ret;
}
static void __dma_direct_free_pages(struct device *dev, struct page *page,
@@ -261,7 +266,6 @@ void *dma_direct_alloc(struct device *dev, size_t size,
return ret;
out_encrypt_pages:
- /* If memory cannot be re-encrypted, it must be leaked */
if (dma_set_encrypted(dev, page_address(page), size))
return NULL;
out_free_pages:
@@ -307,7 +311,8 @@ void dma_direct_free(struct device *dev, size_t size,
} else {
if (IS_ENABLED(CONFIG_ARCH_HAS_DMA_CLEAR_UNCACHED))
arch_dma_clear_uncached(cpu_addr, size);
- dma_set_encrypted(dev, cpu_addr, 1 << page_order);
+ if (dma_set_encrypted(dev, cpu_addr, 1 << page_order))
+ return;
}
__dma_direct_free_pages(dev, dma_direct_to_page(dev, dma_addr), size);
@@ -361,7 +366,8 @@ void dma_direct_free_pages(struct device *dev, size_t size,
dma_free_from_pool(dev, vaddr, size))
return;
- dma_set_encrypted(dev, vaddr, 1 << page_order);
+ if (dma_set_encrypted(dev, vaddr, 1 << page_order))
+ return;
__dma_direct_free_pages(dev, page, size);
}
--
2.30.2
_______________________________________________
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu
next prev parent reply other threads:[~2021-11-11 6:50 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-11 6:50 dma-direct fixes and cleanups v3 Christoph Hellwig
2021-11-11 6:50 ` [PATCH 01/11] dma-direct: factor out dma_set_{de,en}crypted helpers Christoph Hellwig
2021-11-11 6:50 ` [PATCH 02/11] dma-direct: don't call dma_set_decrypted for remapped allocations Christoph Hellwig
2021-11-11 6:50 ` Christoph Hellwig [this message]
2021-12-06 16:32 ` [PATCH 03/11] dma-direct: always leak memory that can't be re-encrypted Robin Murphy
2021-12-07 11:48 ` Christoph Hellwig
2021-11-11 6:50 ` [PATCH 04/11] dma-direct: clean up the remapping checks in dma_direct_alloc Christoph Hellwig
2021-12-06 16:33 ` Robin Murphy
2021-12-07 11:49 ` Christoph Hellwig
2021-12-07 12:43 ` Robin Murphy
2021-11-11 6:50 ` [PATCH 05/11] dma-direct: factor out a helper for DMA_ATTR_NO_KERNEL_MAPPING allocations Christoph Hellwig
2021-11-11 6:50 ` [PATCH 06/11] dma-direct: refactor the !coherent checks in dma_direct_alloc Christoph Hellwig
2021-12-06 16:33 ` Robin Murphy
2021-11-11 6:50 ` [PATCH 07/11] dma-direct: fail allocations that can't be made coherent Christoph Hellwig
2021-12-06 16:33 ` Robin Murphy
2021-11-11 6:50 ` [PATCH 08/11] dma-direct: warn if there is no pool for force unencrypted allocations Christoph Hellwig
2021-11-11 6:50 ` [PATCH 09/11] dma-direct: drop two CONFIG_DMA_RESTRICTED_POOL conditionals Christoph Hellwig
2021-11-11 6:50 ` [PATCH 10/11] dma-direct: factor the swiotlb code out of __dma_direct_alloc_pages Christoph Hellwig
2021-11-11 6:50 ` [PATCH 11/11] dma-direct: add a dma_direct_use_pool helper Christoph Hellwig
2021-12-08 15:44 ` Marek Szyprowski
2021-12-08 15:48 ` Christoph Hellwig
2021-11-16 11:31 ` dma-direct fixes and cleanups v3 Robin Murphy
2021-11-17 5:51 ` Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211111065028.32761-4-hch@lst.de \
--to=hch@lst.de \
--cc=iommu@lists.linux-foundation.org \
--cc=rientjes@google.com \
--cc=robin.murphy@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox