Re: [PATCH v5 15/15] PCI: Revoke mappings like devmem

From: Dan Williams
Date: Fri Oct 30 2020 - 15:24:52 EST

Next message: Alex Williamson: "Re: [PATCH] PCI: Always call pci_enable_acs() regardless of pdev->acs_cap"
Previous message: Rob Herring: "Re: [PATCH 1/2] dt-bindings: pinctrl: qcom: Add SDX55 pinctrl bindings"
In reply to: Daniel Vetter: "[PATCH v5 15/15] PCI: Revoke mappings like devmem"
Next in thread: Daniel Vetter: "[PATCH v5 12/15] /dev/mem: Only set filp->f_mapping"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Oct 30, 2020 at 3:09 AM Daniel Vetter <daniel.vetter@xxxxxxxx> wrote:
>
> Since 3234ac664a87 ("/dev/mem: Revoke mappings when a driver claims
> the region") /dev/kmem zaps ptes when the kernel requests exclusive
> acccess to an iomem region. And with CONFIG_IO_STRICT_DEVMEM, this is
> the default for all driver uses.
>
> Except there's two more ways to access PCI BARs: sysfs and proc mmap
> support. Let's plug that hole.
>
> For revoke_devmem() to work we need to link our vma into the same
> address_space, with consistent vma->vm_pgoff. ->pgoff is already
> adjusted, because that's how (io_)remap_pfn_range works, but for the
> mapping we need to adjust vma->vm_file->f_mapping. The cleanest way is
> to adjust this at at ->open time:
>
> - for sysfs this is easy, now that binary attributes support this. We
> just set bin_attr->mapping when mmap is supported
> - for procfs it's a bit more tricky, since procfs pci access has only
> one file per device, and access to a specific resources first needs
> to be set up with some ioctl calls. But mmap is only supported for
> the same resources as sysfs exposes with mmap support, and otherwise
> rejected, so we can set the mapping unconditionally at open time
> without harm.
>
> A special consideration is for arch_can_pci_mmap_io() - we need to
> make sure that the ->f_mapping doesn't alias between ioport and iomem
> space. There's only 2 ways in-tree to support mmap of ioports: generic
> pci mmap (ARCH_GENERIC_PCI_MMAP_RESOURCE), and sparc as the single
> architecture hand-rolling. Both approach support ioport mmap through a
> special pfn range and not through magic pte attributes. Aliasing is
> therefore not a problem.
>
> The only difference in access checks left is that sysfs PCI mmap does
> not check for CAP_RAWIO. I'm not really sure whether that should be
> added or not.
>
> Signed-off-by: Daniel Vetter <daniel.vetter@xxxxxxxxx>
> Cc: Jason Gunthorpe <jgg@xxxxxxxx>
> Cc: Kees Cook <keescook@xxxxxxxxxxxx>
> Cc: Dan Williams <dan.j.williams@xxxxxxxxx>
> Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
> Cc: John Hubbard <jhubbard@xxxxxxxxxx>
> Cc: Jérôme Glisse <jglisse@xxxxxxxxxx>
> Cc: Jan Kara <jack@xxxxxxx>
> Cc: Dan Williams <dan.j.williams@xxxxxxxxx>

Looks good to me:

Reviewed-by: Dan Williams <dan.j.williams@xxxxxxxxx>

Next message: Alex Williamson: "Re: [PATCH] PCI: Always call pci_enable_acs() regardless of pdev->acs_cap"
Previous message: Rob Herring: "Re: [PATCH 1/2] dt-bindings: pinctrl: qcom: Add SDX55 pinctrl bindings"
In reply to: Daniel Vetter: "[PATCH v5 15/15] PCI: Revoke mappings like devmem"
Next in thread: Daniel Vetter: "[PATCH v5 12/15] /dev/mem: Only set filp->f_mapping"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]