iommu: Don't use lazy flush for untrusted device - linux - Linux Kernel (branches are rebased on master from time to time)

diff options

author	Lu Baolu <baolu.lu@linux.intel.com>	2021-02-25 14:14:54 +0800
committer	Joerg Roedel <jroedel@suse.de>	2021-03-04 13:22:28 +0100
commit	82c3cefb9f1652e7470f442ff96c613e8c8ed8f4 (patch)
tree	740897d9eecf2e4da4e672e17137bc2df3caf163 /net
parent	765a9d1d02b2f5996b05f5f65faa8a634adbe763 (diff)
download	linux-82c3cefb9f1652e7470f442ff96c613e8c8ed8f4.tar.bz2

iommu: Don't use lazy flush for untrusted device

The lazy IOTLB flushing setup leaves a time window, in which the device can still access some system memory, which has already been unmapped by the device driver. It's not suitable for untrusted devices. A malicious device might use this to attack the system by obtaining data that it shouldn't obtain. Fixes: c588072bba6b5 ("iommu/vt-d: Convert intel iommu driver to the iommu ops") Signed-off-by: Lu Baolu <baolu.lu@linux.intel.com> Link: https://lore.kernel.org/r/20210225061454.2864009-1-baolu.lu@linux.intel.com Signed-off-by: Joerg Roedel <jroedel@suse.de>

Diffstat (limited to 'net')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: