Re: [PATCH v5 3/7] iommu: Validate that devices match domains

From: Jerry Snitselaar
Date: Wed Oct 18 2023 - 19:15:29 EST


On Wed, Oct 11, 2023 at 07:14:50PM +0100, Robin Murphy wrote:
> Before we can allow drivers to coexist, we need to make sure that one
> driver's domain ops can't misinterpret another driver's dev_iommu_priv
> data. To that end, add a token to the domain so we can remember how it
> was allocated - for now this may as well be the device ops, since they
> still correlate 1:1 with drivers. We can trust ourselves for internal
> default domain attachment, so add checks to cover all the public attach
> interfaces.
>
> Reviewed-by: Lu Baolu <baolu.lu@xxxxxxxxxxxxxxx>
> Reviewed-by: Jason Gunthorpe <jgg@xxxxxxxxxx>
> Signed-off-by: Robin Murphy <robin.murphy@xxxxxxx>
>
> ---
>
> v4: Cover iommu_attach_device_pasid() as well, and improve robustness
> against theoretical attempts to attach a noiommu group.
> ---

Reviewed-by: Jerry Snitselaar <jsnitsel@xxxxxxxxxx>