On Mon, Nov 15, 2021 at 10:05:44AM +0800, Lu Baolu wrote:
> pci_stub allows the admin to block driver binding on a device and make
> it permanently shared with userspace. Since pci_stub does not do DMA,
> it is safe. However the admin must understand that using pci_stub allows
> userspace to attack whatever device it was bound to.
This commit log doesn't say what the patch does. I think it tells us
something about what pci-stub *already* does ("allows admin to block
driver binding") and something about why that is safe ("does not do
DMA").
But it doesn't say what this patch changes. Based on the subject
line, I expected something like:
As of ("<commit subject>"), <some function>() marks the iommu_group
as containing only devices with kernel drivers that manage DMA.
Avoid this default behavior for pci-stub because it does not program
any DMA itself. This allows <some desirable behavior>.
> Signed-off-by: Lu Baolu <baolu.lu@xxxxxxxxxxxxxxx>
> ---
> drivers/pci/pci-stub.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/drivers/pci/pci-stub.c b/drivers/pci/pci-stub.c
> index e408099fea52..6324c68602b4 100644
> --- a/drivers/pci/pci-stub.c
> +++ b/drivers/pci/pci-stub.c
> @@ -36,6 +36,9 @@ static struct pci_driver stub_driver = {
> .name = "pci-stub",
> .id_table = NULL, /* only dynamic id's */
> .probe = pci_stub_probe,
> + .driver = {
> + .suppress_auto_claim_dma_owner = true,
> + },
> };
>
> static int __init pci_stub_init(void)
> --
> 2.25.1
>
