From mboxrd@z Thu Jan 1 00:00:00 1970 From: Dmitry Osipenko Subject: Re: [PATCH 14/22] gpu: host1x: Forbid relocation address shifting in the firewall Date: Thu, 1 Jun 2017 22:15:14 +0300 Message-ID: <5b5cf2e7-cf70-3a58-12e4-8f83628af695@gmail.com> References: <15311f1c044c3ff26624e2a980b0c477b1cf33b2.1495498184.git.digetx@gmail.com> <56ee62e7-a53b-0270-837a-2ae6f0a848cc@kapsi.fi> <0a4181f5-2e19-31ed-2a8b-3314a0481c81@gmail.com> <58379261-a17a-fc59-e29b-c670eafbbce5@gmail.com> <34b2d0b4-0e53-98b6-6859-34b8f3e32251@kapsi.fi> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <34b2d0b4-0e53-98b6-6859-34b8f3e32251-/1wQRMveznE@public.gmane.org> Content-Language: en-US Sender: linux-tegra-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org To: Mikko Perttunen , Thierry Reding Cc: linux-tegra-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, DRI Development , Erik Faye-Lund List-Id: linux-tegra@vger.kernel.org On 01.06.2017 21:51, Mikko Perttunen wrote: > On 06/01/2017 09:44 PM, Dmitry Osipenko wrote: >> On 01.06.2017 21:37, Dmitry Osipenko wrote: >>> On 01.06.2017 20:39, Mikko Perttunen wrote: >>>> Reviewed-by: Mikko Perttunen >>>> >>>> On 05/23/2017 03:14 AM, Dmitry Osipenko wrote: >>>>> Incorrectly shifted relocation address will cause a lower memory corruption >>>>> and likely a hang on a write or a read of an arbitrary data in case of IOMMU >>>>> absent. As of now there is no use for the address shifting (at least on >>>>> Tegra20) and adding a proper shifting / sizes validation is much more work. >>>> >>>> Perhaps change to "As of now there is no use for the address shifting on >>>> Tegra20" if you post another revision. >>>> >>> I'll post a new revision of the series after getting comments to the all >>> patches, to not churn the ML. Thank you very much for the reviews! >>> >> >> However, given your previous comments to this patch, I'll probably add a bypass >> of the shit checking in case of IOMMU presence. >> The IOMMU presence checking probably wouldn't be enough. Better to check the Host1x version instead, to not break the non-IOMMU case on modern Tegras. > > I don't think that's needed - the firewall will deny pretty much all VIC > submissions due to is_addr_reg not being implemented so it cannot reasonably be > used on modern Tegras anyway. Either firewall should be completely avoided on newer Tegras or it should perform at least some checks and not break the newer Tegras. -- Dmitry