From patchwork Thu Nov 20 09:57:01 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Leizhen \(ThunderTown\)" X-Patchwork-Id: 41223 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-la0-f72.google.com (mail-la0-f72.google.com [209.85.215.72]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id 3C66C23C27 for ; Thu, 20 Nov 2014 09:59:34 +0000 (UTC) Received: by mail-la0-f72.google.com with SMTP id mc6sf1567179lab.3 for ; Thu, 20 Nov 2014 01:59:33 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:from:to:subject:date:message-id :mime-version:cc:precedence:list-id:list-unsubscribe:list-archive :list-post:list-help:list-subscribe:content-type :content-transfer-encoding:sender:errors-to:x-original-sender :x-original-authentication-results:mailing-list; bh=nTrP5XkrxyfBXtwXJzv7ywz711eoLcXkYuSD2IFxqPY=; b=DunD41xoyVVg8exd4AQjqAiibXIA3hM+v7ubS11NzKF5Nf29xhzNxXoD77zEwJGZ0c MT+p+N2xmu33q6UrI1DAXyic5z2JHQIGfUccFL/wMcYF/kWLdYtXWsvzQ/ZLwJx9SBCh GgDEnHsAX96+i3LtB6vS5bNAW4WsdHrIWa1MRniQi9e1ez6L/RWX5ZKVElgPkvvuLe+s OXExxEcbTqNhSLdkesY7VxTgaZGpnUOAExHcWEMyBkX+TNduABUD82LzQ7iE0wxW1hg9 00Q1hciFLt1Cj7GCu6W8x7K1Ad6uEPu0p5TxjnctGO2p9rdvT73KCpn8U3FgVCGdFNTO Gzaw== X-Gm-Message-State: ALoCoQnSzZr+6z+ydJVvN5UEOKd2ZBjoSPju4uudiVLGBwR1VfEchYilkmtQU4bpGRhEiz80rWp9 X-Received: by 10.195.17.134 with SMTP id ge6mr5867537wjd.2.1416477573145; Thu, 20 Nov 2014 01:59:33 -0800 (PST) X-BeenThere: patchwork-forward@linaro.org Received: by 10.152.36.67 with SMTP id o3ls38780laj.86.gmail; Thu, 20 Nov 2014 01:59:33 -0800 (PST) X-Received: by 10.112.137.39 with SMTP id qf7mr10288070lbb.47.1416477572962; Thu, 20 Nov 2014 01:59:32 -0800 (PST) Received: from mail-lb0-f177.google.com (mail-lb0-f177.google.com. [209.85.217.177]) by mx.google.com with ESMTPS id dv6si1749013lbc.52.2014.11.20.01.59.32 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 20 Nov 2014 01:59:32 -0800 (PST) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.217.177 as permitted sender) client-ip=209.85.217.177; Received: by mail-lb0-f177.google.com with SMTP id z12so1923741lbi.22 for ; Thu, 20 Nov 2014 01:59:32 -0800 (PST) X-Received: by 10.152.116.102 with SMTP id jv6mr10402280lab.40.1416477572839; Thu, 20 Nov 2014 01:59:32 -0800 (PST) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.112.184.201 with SMTP id ew9csp234037lbc; Thu, 20 Nov 2014 01:59:32 -0800 (PST) X-Received: by 10.68.90.225 with SMTP id bz1mr5550726pbb.153.1416477571361; Thu, 20 Nov 2014 01:59:31 -0800 (PST) Received: from bombadil.infradead.org (bombadil.infradead.org. [2001:1868:205::9]) by mx.google.com with ESMTPS id f2si2715740pdn.18.2014.11.20.01.59.30 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 20 Nov 2014 01:59:31 -0800 (PST) Received-SPF: none (google.com: linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org does not designate permitted sender hosts) client-ip=2001:1868:205::9; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.80.1 #2 (Red Hat Linux)) id 1XrOVN-0006E5-RG; Thu, 20 Nov 2014 09:58:25 +0000 Received: from szxga02-in.huawei.com ([119.145.14.65]) by bombadil.infradead.org with esmtps (Exim 4.80.1 #2 (Red Hat Linux)) id 1XrOVK-000634-TE for linux-arm-kernel@lists.infradead.org; Thu, 20 Nov 2014 09:58:23 +0000 Received: from 172.24.2.119 (EHLO SZXEML455-HUB.china.huawei.com) ([172.24.2.119]) by szxrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id CCQ52274; Thu, 20 Nov 2014 17:57:34 +0800 (CST) Received: from localhost (10.177.27.142) by SZXEML455-HUB.china.huawei.com (10.82.67.198) with Microsoft SMTP Server id 14.3.158.1; Thu, 20 Nov 2014 17:57:24 +0800 From: Zhen Lei To: Catalin Marinas , Will Deacon , Joerg Roedel , linux-arm-kernel Subject: [PATCH 1/1] iommu/arm-smmu: forbid userspace IO devices access memory through SMMU by default Date: Thu, 20 Nov 2014 17:57:01 +0800 Message-ID: <1416477421-1288-1-git-send-email-thunder.leizhen@huawei.com> X-Mailer: git-send-email 1.8.4.msysgit.0 MIME-Version: 1.0 X-Originating-IP: [10.177.27.142] X-CFilter-Loop: Reflected X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20141120_015823_362644_7625671C X-CRM114-Status: UNSURE ( 9.07 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -0.7 (/) X-Spam-Report: SpamAssassin version 3.4.0 on bombadil.infradead.org summary: Content analysis details: (-0.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [119.145.14.65 listed in list.dnswl.org] -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay domain -0.0 SPF_PASS SPF: sender matches SPF record Cc: Xinwei Hu , Kefeng Wang , Zefan Li , Zhen Lei , Tianhong Ding X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: , List-Help: , List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+patch=linaro.org@lists.infradead.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: thunder.leizhen@huawei.com X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.217.177 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 It's dangerous to set pte with ARM_SMMU_PTE_AP_UNPRIV. A hacker can use any devices running at userspace to access the memory which originally mapped for kernel devices, suppose they have the same StreamID. The userspace devices should through vfio to dynamic create mapping. Signed-off-by: Zhen Lei --- drivers/iommu/arm-smmu.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -- 1.8.0 diff --git a/drivers/iommu/arm-smmu.c b/drivers/iommu/arm-smmu.c index 60558f7..e31517b 100644 --- a/drivers/iommu/arm-smmu.c +++ b/drivers/iommu/arm-smmu.c @@ -92,7 +92,7 @@ #define ARM_SMMU_PTE_CONT_MASK (~(ARM_SMMU_PTE_CONT_SIZE - 1)) /* Stage-1 PTE */ -#define ARM_SMMU_PTE_AP_UNPRIV (((pteval_t)1) << 6) +#define ARM_SMMU_PTE_AP_PRIV (((pteval_t)0) << 6) #define ARM_SMMU_PTE_AP_RDONLY (((pteval_t)2) << 6) #define ARM_SMMU_PTE_ATTRINDX_SHIFT 2 #define ARM_SMMU_PTE_nG (((pteval_t)1) << 11) @@ -1296,7 +1296,7 @@ static int arm_smmu_alloc_init_pte(struct arm_smmu_device *smmu, pmd_t *pmd, } if (stage == 1) { - pteval |= ARM_SMMU_PTE_AP_UNPRIV | ARM_SMMU_PTE_nG; + pteval |= ARM_SMMU_PTE_AP_PRIV | ARM_SMMU_PTE_nG; if (!(prot & IOMMU_WRITE) && (prot & IOMMU_READ)) pteval |= ARM_SMMU_PTE_AP_RDONLY;