From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B310BC433EF for ; Mon, 15 Nov 2021 20:48:27 +0000 (UTC) Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 58AD463241 for ; Mon, 15 Nov 2021 20:48:27 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 58AD463241 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.linux-foundation.org Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 123A7400CE; Mon, 15 Nov 2021 20:48:27 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tCmzXSGUJt2O; Mon, 15 Nov 2021 20:48:26 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [IPv6:2605:bc80:3010:104::8cd3:938]) by smtp2.osuosl.org (Postfix) with ESMTPS id ABB9A40192; Mon, 15 Nov 2021 20:48:25 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 80B8CC001E; Mon, 15 Nov 2021 20:48:25 +0000 (UTC) Received: from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 69290C0012 for ; Mon, 15 Nov 2021 20:48:24 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 4A6B5607A9 for ; Mon, 15 Nov 2021 20:48:24 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp3.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=kernel.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P6RmCzapEvie for ; Mon, 15 Nov 2021 20:48:23 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp3.osuosl.org (Postfix) with ESMTPS id D39726066E for ; Mon, 15 Nov 2021 20:48:23 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id 29D5C63240; Mon, 15 Nov 2021 20:48:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1637009303; bh=Ab04UsOLuYDaWgm25keP0dnQCwf2wKgMMT8FZu0wdU4=; h=Date:From:To:Cc:Subject:In-Reply-To:From; b=p+hZZ1wwOqkazM54o6HvrGw9tCG0HCBtef7yJtD1WKlY1aVo0bn1uDBS3uH2zcTum F1hwf/F/+qWGyMrgMbPGJi3/MaQbqVkcJiSJTP7Sso6dp1MeM62oJ6EbZ0dqqUw8RC XDutK2ZgWNduVzYoxkXW4dPZOz4gnxdL+xd0lKnEVHgxdeeSml/+l35jc0SDOg+tOe XjdyGPwy4QyA/zVawD0Ox/ObYmU2s2nOfF+1SSCB8gE/nxeeyG6SjuroobyovNR3PQ /jaXEC8b1Lzdog7PhMV6IudqpvicpbPfktdvROHIVrrIIgzgZ/vQ+E8qQd9+N/mJoL fEZElHCplMLLw== Date: Mon, 15 Nov 2021 14:48:21 -0600 From: Bjorn Helgaas To: Lu Baolu Subject: Re: [PATCH 03/11] PCI: pci_stub: Suppress kernel DMA ownership auto-claiming Message-ID: <20211115204821.GA1587269@bhelgaas> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20211115020552.2378167-4-baolu.lu@linux.intel.com> Cc: Kevin Tian , Chaitanya Kulkarni , Ashok Raj , kvm@vger.kernel.org, rafael@kernel.org, Greg Kroah-Hartman , Cornelia Huck , linux-pci@vger.kernel.org, iommu@lists.linux-foundation.org, linux-kernel@vger.kernel.org, Alex Williamson , Jacob jun Pan , Jason Gunthorpe , Diana Craciun , Bjorn Helgaas , Will Deacon X-BeenThere: iommu@lists.linux-foundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Development issues for Linux IOMMU support List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: iommu-bounces@lists.linux-foundation.org Sender: "iommu" On Mon, Nov 15, 2021 at 10:05:44AM +0800, Lu Baolu wrote: > pci_stub allows the admin to block driver binding on a device and make > it permanently shared with userspace. Since pci_stub does not do DMA, > it is safe. Can you elaborate on what "permanently shared with userspace" means here? I assume it's only permanent as long as pci-stub is bound to the device? Also, a few words about what "it is safe" means here would be helpful. > However the admin must understand that using pci_stub allows > userspace to attack whatever device it was bound to. The admin isn't going to read this sentence. Should there be a doc update related to this? What sort of attack does this refer to? > Signed-off-by: Lu Baolu > --- > drivers/pci/pci-stub.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/drivers/pci/pci-stub.c b/drivers/pci/pci-stub.c > index e408099fea52..6324c68602b4 100644 > --- a/drivers/pci/pci-stub.c > +++ b/drivers/pci/pci-stub.c > @@ -36,6 +36,9 @@ static struct pci_driver stub_driver = { > .name = "pci-stub", > .id_table = NULL, /* only dynamic id's */ > .probe = pci_stub_probe, > + .driver = { > + .suppress_auto_claim_dma_owner = true, > + }, > }; > > static int __init pci_stub_init(void) > -- > 2.25.1 > _______________________________________________ iommu mailing list iommu@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/iommu From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id EA25CC433F5 for ; Tue, 16 Nov 2021 00:07:16 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id D3D0E61027 for ; Tue, 16 Nov 2021 00:07:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1349620AbhKPAKI (ORCPT ); Mon, 15 Nov 2021 19:10:08 -0500 Received: from mail.kernel.org ([198.145.29.99]:52354 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1352978AbhKOUvT (ORCPT ); Mon, 15 Nov 2021 15:51:19 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id 29D5C63240; Mon, 15 Nov 2021 20:48:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1637009303; bh=Ab04UsOLuYDaWgm25keP0dnQCwf2wKgMMT8FZu0wdU4=; h=Date:From:To:Cc:Subject:In-Reply-To:From; b=p+hZZ1wwOqkazM54o6HvrGw9tCG0HCBtef7yJtD1WKlY1aVo0bn1uDBS3uH2zcTum F1hwf/F/+qWGyMrgMbPGJi3/MaQbqVkcJiSJTP7Sso6dp1MeM62oJ6EbZ0dqqUw8RC XDutK2ZgWNduVzYoxkXW4dPZOz4gnxdL+xd0lKnEVHgxdeeSml/+l35jc0SDOg+tOe XjdyGPwy4QyA/zVawD0Ox/ObYmU2s2nOfF+1SSCB8gE/nxeeyG6SjuroobyovNR3PQ /jaXEC8b1Lzdog7PhMV6IudqpvicpbPfktdvROHIVrrIIgzgZ/vQ+E8qQd9+N/mJoL fEZElHCplMLLw== Date: Mon, 15 Nov 2021 14:48:21 -0600 From: Bjorn Helgaas To: Lu Baolu Cc: Greg Kroah-Hartman , Joerg Roedel , Alex Williamson , Bjorn Helgaas , Jason Gunthorpe , Kevin Tian , Ashok Raj , Will Deacon , rafael@kernel.org, Diana Craciun , Cornelia Huck , Eric Auger , Liu Yi L , Jacob jun Pan , Chaitanya Kulkarni , iommu@lists.linux-foundation.org, linux-pci@vger.kernel.org, kvm@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH 03/11] PCI: pci_stub: Suppress kernel DMA ownership auto-claiming Message-ID: <20211115204821.GA1587269@bhelgaas> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20211115020552.2378167-4-baolu.lu@linux.intel.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Nov 15, 2021 at 10:05:44AM +0800, Lu Baolu wrote: > pci_stub allows the admin to block driver binding on a device and make > it permanently shared with userspace. Since pci_stub does not do DMA, > it is safe. Can you elaborate on what "permanently shared with userspace" means here? I assume it's only permanent as long as pci-stub is bound to the device? Also, a few words about what "it is safe" means here would be helpful. > However the admin must understand that using pci_stub allows > userspace to attack whatever device it was bound to. The admin isn't going to read this sentence. Should there be a doc update related to this? What sort of attack does this refer to? > Signed-off-by: Lu Baolu > --- > drivers/pci/pci-stub.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/drivers/pci/pci-stub.c b/drivers/pci/pci-stub.c > index e408099fea52..6324c68602b4 100644 > --- a/drivers/pci/pci-stub.c > +++ b/drivers/pci/pci-stub.c > @@ -36,6 +36,9 @@ static struct pci_driver stub_driver = { > .name = "pci-stub", > .id_table = NULL, /* only dynamic id's */ > .probe = pci_stub_probe, > + .driver = { > + .suppress_auto_claim_dma_owner = true, > + }, > }; > > static int __init pci_stub_init(void) > -- > 2.25.1 >