On Mon, May 23, 2022 at 02:40:08PM +0300, Ovidiu Panait wrote:
> From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
>
> commit 901c7280ca0d5e2b4a8929fbe0bfb007ac2a6544 upstream.
>
> Halil Pasic points out [1] that the full revert of that commit (revert
> in bddac7c1e02b), and that a partial revert that only reverts the
> problematic case, but still keeps some of the cleanups is probably
> better. 
>
> And that partial revert [2] had already been verified by Oleksandr
> Natalenko to also fix the issue, I had just missed that in the long
> discussion.
>
> So let's reinstate the cleanups from commit aa6f8dcbab47 ("swiotlb:
> rework "fix info leak with DMA_FROM_DEVICE""), and effectively only
> revert the part that caused problems.
>
> Link: https://lore.kernel.org/all/20220328013731.017ae3e3.pasic@xxxxxxxxxxxxx/ [1]
> Link: https://lore.kernel.org/all/20220324055732.GB12078@xxxxxx/ [2]
> Link: https://lore.kernel.org/all/4386660.LvFx2qVVIh@xxxxxxxxxxxxxx/ [3]
> Suggested-by: Halil Pasic <pasic@xxxxxxxxxxxxx>
> Tested-by: Oleksandr Natalenko <oleksandr@xxxxxxxxxxxxxx>
> Cc: Christoph Hellwig <hch@xxxxxx>
> Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
> [OP: backport to 5.10: adjusted context]
> Signed-off-by: Ovidiu Panait <ovidiu.panait@xxxxxxxxxxxxx>
> ---
> This is part of CVE-2022-0854 patchset:
> [1] ddbd89deb7d3 ("swiotlb: fix info leak with DMA_FROM_DEVICE")
> [2] 901c7280ca0d ("Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE""")
>
> [1] is already present in 5.10-stable.
> [2] is present in 5.17/5.16/5.15, but not in 5.10 and 5.4 branches;
>
> Documentation/core-api/dma-attributes.rst | 8 --------
> include/linux/dma-mapping.h | 8 --------
> kernel/dma/swiotlb.c | 12 ++++++++----
> 3 files changed, 8 insertions(+), 20 deletions(-)
This looks much different than the backport Sasha did. I'll drop his
and review all of this after this next round of -rc releases go out.
thanks,
greg k-h
