From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752004AbbCJXpb (ORCPT ); Tue, 10 Mar 2015 19:45:31 -0400 Received: from mail-pd0-f175.google.com ([209.85.192.175]:45319 "EHLO mail-pd0-f175.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751111AbbCJXp2 (ORCPT ); Tue, 10 Mar 2015 19:45:28 -0400 Message-ID: <54FF8211.5020001@ozlabs.ru> Date: Wed, 11 Mar 2015 10:45:21 +1100 From: Alexey Kardashevskiy User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: Alex Williamson CC: linuxppc-dev@lists.ozlabs.org, Benjamin Herrenschmidt , Paul Mackerras , kvm@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v5 03/29] vfio: powerpc/spapr: Check that TCE page size is equal to it_page_size References: <1425910045-26167-1-git-send-email-aik@ozlabs.ru> <1425910045-26167-4-git-send-email-aik@ozlabs.ru> <1426017408.25026.79.camel@redhat.com> <54FF76F4.5020503@ozlabs.ru> <1426028606.25026.86.camel@redhat.com> In-Reply-To: <1426028606.25026.86.camel@redhat.com> Content-Type: text/plain; charset=koi8-r; format=flowed Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 03/11/2015 10:03 AM, Alex Williamson wrote: > On Wed, 2015-03-11 at 09:57 +1100, Alexey Kardashevskiy wrote: >> On 03/11/2015 06:56 AM, Alex Williamson wrote: >>> On Tue, 2015-03-10 at 01:06 +1100, Alexey Kardashevskiy wrote: >>>> This checks that the TCE table page size is not bigger that the size of >>>> a page we just pinned and going to put its physical address to the table. >>>> >>>> Otherwise the hardware gets unwanted access to physical memory between >>>> the end of the actual page and the end of the aligned up TCE page. >>>> >>>> Since compound_order() and compound_head() work correctly on non-huge >>>> pages, there is no need for additional check whether the page is huge. >>>> >>>> Signed-off-by: Alexey Kardashevskiy >>>> --- >>>> Changes: >>>> v4: >>>> * s/tce_check_page_size/tce_page_is_contained/ >>>> --- >>>> drivers/vfio/vfio_iommu_spapr_tce.c | 22 ++++++++++++++++++++++ >>>> 1 file changed, 22 insertions(+) >>>> >>>> diff --git a/drivers/vfio/vfio_iommu_spapr_tce.c b/drivers/vfio/vfio_iommu_spapr_tce.c >>>> index 756831f..91e7599 100644 >>>> --- a/drivers/vfio/vfio_iommu_spapr_tce.c >>>> +++ b/drivers/vfio/vfio_iommu_spapr_tce.c >>>> @@ -49,6 +49,22 @@ struct tce_container { >>>> bool enabled; >>>> }; >>>> >>>> +static bool tce_page_is_contained(struct page *page, unsigned page_shift) >>>> +{ >>>> + unsigned shift; >>>> + >>>> + /* >>>> + * Check that the TCE table granularity is not bigger than the size of >>>> + * a page we just found. Otherwise the hardware can get access to >>>> + * a bigger memory chunk that it should. >>>> + */ >>>> + shift = PAGE_SHIFT + compound_order(compound_head(page)); >>>> + if (shift >= page_shift) >>>> + return true; >>>> + >>>> + return false; >>> >>> nit, simplified: >>> >>> return (PAGE_SHIFT + compound_order(compound_head(page) >= page_shift); >> >> This won't be "bool" though. > > Yes, it will. Ah, misread as "... - page_shift". And you missed one bracket :) > >> This will (I'll do this) >> >> shift = PAGE_SHIFT + compound_order(compound_head(page)); >> return (shift >= page_shift); >> >> >> >> >>> >>>> +} >>>> + >>>> static int tce_iommu_enable(struct tce_container *container) >>>> { >>>> int ret = 0; >>>> @@ -197,6 +213,12 @@ static long tce_iommu_build(struct tce_container *container, >>>> ret = -EFAULT; >>>> break; >>>> } >>>> + >>>> + if (!tce_page_is_contained(page, tbl->it_page_shift)) { >>>> + ret = -EPERM; >>>> + break; >>>> + } >>>> + >>>> hva = (unsigned long) page_address(page) + >>>> (tce & IOMMU_PAGE_MASK(tbl) & ~PAGE_MASK); >>>> >>> >>> >>> >> >> > > > -- Alexey