On Thu, Oct 10, 2019 at 03:28:28PM -0700, Kees Cook wrote: > As we've seen from USB and other areas[1], we need to always do runtime > checks for DMA operating on memory regions that might be remapped. This > adds vmap checks (similar to those already in USB but missing in other > places) into dma_map_single() so all callers benefit from the checking. > > [1] https://git.kernel.org/linus/3840c5b78803b2b6cc1ff820100a74a092c40cbb > > Suggested-by: Laura Abbott <[email protected]> > Signed-off-by: Kees Cook <[email protected]> > --- > include/linux/dma-mapping.h | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/include/linux/dma-mapping.h b/include/linux/dma-mapping.h > index 4a1c4fca475a..ff4e91c66f44 100644 > --- a/include/linux/dma-mapping.h > +++ b/include/linux/dma-mapping.h > @@ -583,6 +583,12 @@ static inline unsigned long > dma_get_merge_boundary(struct device *dev) > static inline dma_addr_t dma_map_single_attrs(struct device *dev, void *ptr, > size_t size, enum dma_data_direction dir, unsigned long attrs) > { > + /* DMA must never operate on areas that might be remapped. */ > + if (unlikely(is_vmalloc_addr(ptr))) { > + dev_warn_once(dev, "bad map: %zu bytes in vmalloc\n", size);
Can we get a bit better error text here? In USB we were at least giving people a hint as to what went wrong, "bad map" might not really make that much sense to a USB developer as to what they needed to do to fix this issue. Other than that minor nit, I have no objection to this series, thanks for fixing this up! greg k-h
