Re: [RFC 0/7] Support in-kernel DMA with PASID and SVA

From: Jacob Pan
Date: Thu Oct 07 2021 - 15:07:47 EST

Next message: Jason Gunthorpe: "Re: [RFC 0/7] Support in-kernel DMA with PASID and SVA"
Previous message: Nguyen Dinh Phi: "[PATCH] Bluetooth: hci_sock: purge socket queues in the destruct() callback"
In reply to: Jacob Pan: "Re: [RFC 0/7] Support in-kernel DMA with PASID and SVA"
Next in thread: Jason Gunthorpe: "Re: [RFC 0/7] Support in-kernel DMA with PASID and SVA"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Barry,

On Thu, 7 Oct 2021 18:43:33 +1300, Barry Song <21cnbao@xxxxxxxxx> wrote:

> > > Security-wise, KVA respects kernel mapping. So permissions are better
> > > enforced than pass-through and identity mapping.
> >
> > Is this meaningful? Isn't the entire physical map still in the KVA and
> > isn't it entirely RW ?
>
> Some areas are RX, for example, ARCH64 supports KERNEL_TEXT_RDONLY.
> But the difference is really minor.
That brought up a good point if we were to use DMA API to give out KVA as
dma_addr for trusted devices. We cannot satisfy DMA direction requirements
since we can't change kernel mapping. It will be similar to DMA direct
where dir is ignored AFAICT.

Or we are saying if the device is trusted, using pass-through is allowed.
i.e. physical address.

Thoughts?

Thanks,

Jacob

Next message: Jason Gunthorpe: "Re: [RFC 0/7] Support in-kernel DMA with PASID and SVA"
Previous message: Nguyen Dinh Phi: "[PATCH] Bluetooth: hci_sock: purge socket queues in the destruct() callback"
In reply to: Jacob Pan: "Re: [RFC 0/7] Support in-kernel DMA with PASID and SVA"
Next in thread: Jason Gunthorpe: "Re: [RFC 0/7] Support in-kernel DMA with PASID and SVA"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]