Re: [PATCH] swiotlb: fix a typo

From: Robin Murphy
Date: Tue Aug 30 2022 - 05:24:22 EST


On 2022-08-26 10:50, Chao Gao wrote:
"overwirte" isn't a word. It should be "overwrite".

Signed-off-by: Chao Gao <chao.gao@xxxxxxxxx>
---
BTW, I am wondering if copying the original buffer to the tlb buffer
unconditionally will leak the original buffer to the VMM, especially
when VMM isn't trusted e.g., by confidential VMs. Would it be better
to zero the tlb buffer for dir == DMA_FROM_DEVICE?

No, at the point of dma_map(), the buffer contents are owned by the caller, so if parts of that buffer are sensitive and shouldn't be exposed to DMA, then don't map the whole buffer for DMA. There are more DMA API implementations than SWIOTLB.

The whole point of bouncing the original contents here is that doing anything else effectively corrupts any part of the mapping that the device may end up *not* writing to - see the whole sordid original discussion (but don't be confused by the fact that the caller's original data happened to be zeros in that particular case).

Thanks,
Robin.


kernel/dma/swiotlb.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/dma/swiotlb.c b/kernel/dma/swiotlb.c
index c5a9190b218f..f67e5f50ee3c 100644
--- a/kernel/dma/swiotlb.c
+++ b/kernel/dma/swiotlb.c
@@ -765,7 +765,7 @@ phys_addr_t swiotlb_tbl_map_single(struct device *dev, phys_addr_t orig_addr,
/*
* When dir == DMA_FROM_DEVICE we could omit the copy from the orig
* to the tlb buffer, if we knew for sure the device will
- * overwirte the entire current content. But we don't. Thus
+ * overwrite the entire current content. But we don't. Thus
* unconditional bounce may prevent leaking swiotlb content (i.e.
* kernel memory) to user-space.
*/