From: Will Deacon <will@kernel.org>
To: Robin Murphy <robin.murphy@arm.com>
Cc: Keqian Zhu <zhukeqian1@huawei.com>,
linux-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
iommu@lists.linux-foundation.org, Marc Zyngier <maz@kernel.org>,
Joerg Roedel <joro@8bytes.org>,
Catalin Marinas <catalin.marinas@arm.com>,
James Morse <james.morse@arm.com>,
Suzuki K Poulose <suzuki.poulose@arm.com>,
Sean Christopherson <sean.j.christopherson@intel.com>,
Julien Thierry <julien.thierry.kdev@gmail.com>,
Mark Brown <broonie@kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
Andrew Morton <akpm@linux-foundation.org>,
Alexios Zavras <alexios.zavras@intel.com>,
wanghaibin.wang@huawei.com, jiangkunkun@huawei.com
Subject: Re: [PATCH] iommu: Up front sanity check in the arm_lpae_map
Date: Mon, 7 Dec 2020 12:05:27 +0000 [thread overview]
Message-ID: <20201207120527.GA4474@willie-the-truck> (raw)
In-Reply-To: <b85e98c8-0117-49c5-97ad-896ff88f7b88@arm.com>
On Mon, Dec 07, 2020 at 12:01:09PM +0000, Robin Murphy wrote:
> On 2020-12-05 08:29, Keqian Zhu wrote:
> > ... then we have more chance to detect wrong code logic.
>
> I don't follow that justification - it's still the same check with the same
> outcome, so how does moving it have any effect on the chance to detect
> errors?
>
> AFAICS the only difference it would make is to make some errors *less*
> obvious - if a sufficiently broken caller passes an empty prot value
> alongside an invalid size or already-mapped address, this will now quietly
> hide the warnings from the more serious condition(s).
>
> Yes, it will bail out a bit faster in the specific case where the prot value
> is the only thing wrong, but since when do we optimise for fundamentally
> incorrect API usage?
I thought it was the other way round -- doesn't this patch move the "empty
prot" check later, so we have a chance to check the size and addresses
first?
Will
> > Signed-off-by: Keqian Zhu <zhukeqian1@huawei.com>
> > ---
> > drivers/iommu/io-pgtable-arm.c | 8 ++++----
> > 1 file changed, 4 insertions(+), 4 deletions(-)
> >
> > diff --git a/drivers/iommu/io-pgtable-arm.c b/drivers/iommu/io-pgtable-arm.c
> > index a7a9bc08dcd1..8ade72adab31 100644
> > --- a/drivers/iommu/io-pgtable-arm.c
> > +++ b/drivers/iommu/io-pgtable-arm.c
> > @@ -444,10 +444,6 @@ static int arm_lpae_map(struct io_pgtable_ops *ops, unsigned long iova,
> > arm_lpae_iopte prot;
> > long iaext = (s64)iova >> cfg->ias;
> > - /* If no access, then nothing to do */
> > - if (!(iommu_prot & (IOMMU_READ | IOMMU_WRITE)))
> > - return 0;
> > -
> > if (WARN_ON(!size || (size & cfg->pgsize_bitmap) != size))
> > return -EINVAL;
> > @@ -456,6 +452,10 @@ static int arm_lpae_map(struct io_pgtable_ops *ops, unsigned long iova,
> > if (WARN_ON(iaext || paddr >> cfg->oas))
> > return -ERANGE;
> > + /* If no access, then nothing to do */
> > + if (!(iommu_prot & (IOMMU_READ | IOMMU_WRITE)))
> > + return 0;
> > +
> > prot = arm_lpae_prot_to_pte(data, iommu_prot);
> > ret = __arm_lpae_map(data, iova, paddr, size, prot, lvl, ptep, gfp);
> > /*
> >
next prev parent reply other threads:[~2020-12-07 12:06 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-05 8:29 [PATCH] iommu: Up front sanity check in the arm_lpae_map Keqian Zhu
2020-12-07 10:59 ` Will Deacon
2020-12-07 11:37 ` zhukeqian
2020-12-07 12:01 ` Robin Murphy
2020-12-07 12:05 ` Will Deacon [this message]
2020-12-07 12:15 ` zhukeqian
2020-12-07 12:46 ` Robin Murphy
2020-12-07 13:36 ` zhukeqian
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201207120527.GA4474@willie-the-truck \
--to=will@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=alexios.zavras@intel.com \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=iommu@lists.linux-foundation.org \
--cc=james.morse@arm.com \
--cc=jiangkunkun@huawei.com \
--cc=joro@8bytes.org \
--cc=julien.thierry.kdev@gmail.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maz@kernel.org \
--cc=robin.murphy@arm.com \
--cc=sean.j.christopherson@intel.com \
--cc=suzuki.poulose@arm.com \
--cc=tglx@linutronix.de \
--cc=wanghaibin.wang@huawei.com \
--cc=zhukeqian1@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).