* [PATCH] iommu/iova: Don't BUG on invalid PFNs
@ 2020-06-02 13:08 Robin Murphy
2020-06-10 9:27 ` guptap
2020-06-30 8:42 ` Joerg Roedel
0 siblings, 2 replies; 4+ messages in thread
From: Robin Murphy @ 2020-06-02 13:08 UTC (permalink / raw)
To: joro; +Cc: iommu, linux-kernel, Prakash Gupta
Unlike the other instances which represent a complete loss of
consistency within the rcache mechanism itself, or a fundamental
and obvious misconfiguration by an IOMMU driver, the BUG_ON() in
iova_magazine_free_pfns() can be provoked at more or less any time
in a "spooky action-at-a-distance" manner by any old device driver
passing nonsense to dma_unmap_*() which then propagates through to
queue_iova().
Not only is this well outside the IOVA layer's control, it's also
nowhere near fatal enough to justify panicking anyway - all that
really achieves is to make debugging the offending driver more
difficult. Let's simply WARN and otherwise ignore bogus PFNs.
Reported-by: Prakash Gupta <guptap@codeaurora.org>
Signed-off-by: Robin Murphy <robin.murphy@arm.com>
---
drivers/iommu/iova.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/iommu/iova.c b/drivers/iommu/iova.c
index 0e6a9536eca6..612cbf668adf 100644
--- a/drivers/iommu/iova.c
+++ b/drivers/iommu/iova.c
@@ -811,7 +811,9 @@ iova_magazine_free_pfns(struct iova_magazine *mag, struct iova_domain *iovad)
for (i = 0 ; i < mag->size; ++i) {
struct iova *iova = private_find_iova(iovad, mag->pfns[i]);
- BUG_ON(!iova);
+ if (WARN_ON(!iova))
+ continue;
+
private_free_iova(iovad, iova);
}
--
2.23.0.dirty
_______________________________________________
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] iommu/iova: Don't BUG on invalid PFNs
2020-06-02 13:08 [PATCH] iommu/iova: Don't BUG on invalid PFNs Robin Murphy
@ 2020-06-10 9:27 ` guptap
2020-06-10 10:12 ` Robin Murphy
2020-06-30 8:42 ` Joerg Roedel
1 sibling, 1 reply; 4+ messages in thread
From: guptap @ 2020-06-10 9:27 UTC (permalink / raw)
To: Robin Murphy; +Cc: iommu, stable, linux-kernel
On 2020-06-02 18:38, Robin Murphy wrote:
> Unlike the other instances which represent a complete loss of
> consistency within the rcache mechanism itself, or a fundamental
> and obvious misconfiguration by an IOMMU driver, the BUG_ON() in
> iova_magazine_free_pfns() can be provoked at more or less any time
> in a "spooky action-at-a-distance" manner by any old device driver
> passing nonsense to dma_unmap_*() which then propagates through to
> queue_iova().
>
> Not only is this well outside the IOVA layer's control, it's also
> nowhere near fatal enough to justify panicking anyway - all that
> really achieves is to make debugging the offending driver more
> difficult. Let's simply WARN and otherwise ignore bogus PFNs.
>
> Reported-by: Prakash Gupta <guptap@codeaurora.org>
> Signed-off-by: Robin Murphy <robin.murphy@arm.com>
> ---
> drivers/iommu/iova.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
Copying stable@vger.kernel.org
You can add
Reviewed-by: Prakash Gupta <guptap@codeaurora.org>
> diff --git a/drivers/iommu/iova.c b/drivers/iommu/iova.c
> index 0e6a9536eca6..612cbf668adf 100644
> --- a/drivers/iommu/iova.c
> +++ b/drivers/iommu/iova.c
> @@ -811,7 +811,9 @@ iova_magazine_free_pfns(struct iova_magazine *mag,
> struct iova_domain *iovad)
> for (i = 0 ; i < mag->size; ++i) {
> struct iova *iova = private_find_iova(iovad, mag->pfns[i]);
>
> - BUG_ON(!iova);
> + if (WARN_ON(!iova))
> + continue;
> +
> private_free_iova(iovad, iova);
> }
_______________________________________________
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] iommu/iova: Don't BUG on invalid PFNs
2020-06-10 9:27 ` guptap
@ 2020-06-10 10:12 ` Robin Murphy
0 siblings, 0 replies; 4+ messages in thread
From: Robin Murphy @ 2020-06-10 10:12 UTC (permalink / raw)
To: guptap; +Cc: iommu, stable, linux-kernel
On 2020-06-10 10:27, guptap@codeaurora.org wrote:
> On 2020-06-02 18:38, Robin Murphy wrote:
>> Unlike the other instances which represent a complete loss of
>> consistency within the rcache mechanism itself, or a fundamental
>> and obvious misconfiguration by an IOMMU driver, the BUG_ON() in
>> iova_magazine_free_pfns() can be provoked at more or less any time
>> in a "spooky action-at-a-distance" manner by any old device driver
>> passing nonsense to dma_unmap_*() which then propagates through to
>> queue_iova().
>>
>> Not only is this well outside the IOVA layer's control, it's also
>> nowhere near fatal enough to justify panicking anyway - all that
>> really achieves is to make debugging the offending driver more
>> difficult. Let's simply WARN and otherwise ignore bogus PFNs.
>>
>> Reported-by: Prakash Gupta <guptap@codeaurora.org>
>> Signed-off-by: Robin Murphy <robin.murphy@arm.com>
>> ---
>> drivers/iommu/iova.c | 4 +++-
>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>
>
> Copying stable@vger.kernel.org
Per Documentation/process/stable-kernel-rules.rst, I'm not convinced
this meets the criteria for stable, which is why I deliberately left
that out. This change isn't fixing any bug in itself, it is merely
relaxing a behaviour that only comes into play if a serious and
effectively unrecoverable bug has already occurred elsewhere.
If Joerg feels like sending it to stable anyway then fair enough, but
FYI there is no relevant "Fixes" tag.
> You can add
> Reviewed-by: Prakash Gupta <guptap@codeaurora.org>
Thanks,
Robin.
>> diff --git a/drivers/iommu/iova.c b/drivers/iommu/iova.c
>> index 0e6a9536eca6..612cbf668adf 100644
>> --- a/drivers/iommu/iova.c
>> +++ b/drivers/iommu/iova.c
>> @@ -811,7 +811,9 @@ iova_magazine_free_pfns(struct iova_magazine *mag,
>> struct iova_domain *iovad)
>> for (i = 0 ; i < mag->size; ++i) {
>> struct iova *iova = private_find_iova(iovad, mag->pfns[i]);
>>
>> - BUG_ON(!iova);
>> + if (WARN_ON(!iova))
>> + continue;
>> +
>> private_free_iova(iovad, iova);
>> }
_______________________________________________
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] iommu/iova: Don't BUG on invalid PFNs
2020-06-02 13:08 [PATCH] iommu/iova: Don't BUG on invalid PFNs Robin Murphy
2020-06-10 9:27 ` guptap
@ 2020-06-30 8:42 ` Joerg Roedel
1 sibling, 0 replies; 4+ messages in thread
From: Joerg Roedel @ 2020-06-30 8:42 UTC (permalink / raw)
To: Robin Murphy; +Cc: iommu, linux-kernel, Prakash Gupta
On Tue, Jun 02, 2020 at 02:08:18PM +0100, Robin Murphy wrote:
> Unlike the other instances which represent a complete loss of
> consistency within the rcache mechanism itself, or a fundamental
> and obvious misconfiguration by an IOMMU driver, the BUG_ON() in
> iova_magazine_free_pfns() can be provoked at more or less any time
> in a "spooky action-at-a-distance" manner by any old device driver
> passing nonsense to dma_unmap_*() which then propagates through to
> queue_iova().
>
> Not only is this well outside the IOVA layer's control, it's also
> nowhere near fatal enough to justify panicking anyway - all that
> really achieves is to make debugging the offending driver more
> difficult. Let's simply WARN and otherwise ignore bogus PFNs.
>
> Reported-by: Prakash Gupta <guptap@codeaurora.org>
> Signed-off-by: Robin Murphy <robin.murphy@arm.com>
> ---
> drivers/iommu/iova.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
Applied without stable tag, thanks.
_______________________________________________
iommu mailing list
iommu@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/iommu
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-06-30 8:43 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-06-02 13:08 [PATCH] iommu/iova: Don't BUG on invalid PFNs Robin Murphy
2020-06-10 9:27 ` guptap
2020-06-10 10:12 ` Robin Murphy
2020-06-30 8:42 ` Joerg Roedel
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).