[PATCH v1 15/16] iommu/tegra241-cmdqv: Add user-space use support
Jason Gunthorpe
jgg at nvidia.com
Wed Apr 23 16:13:33 PDT 2025
On Wed, Apr 23, 2025 at 11:31:29AM -0700, Nicolin Chen wrote:
> > It also needs to act like a mdev and lock down the part of the IOAS
> > that provides that memory so the pin can't be released and UAF things.
>
> If I capture this correctly, the GPA->PA mapping is already done
> at the IOAS level for the S2 HWPT/domain, i.e. pages are already
> pinned. So we just need to a pair of for-driver APIs to validate
> the contiguity and refcount pages calling iopt_area_add_access().
Yes, adding an access is the key thing, the access will give you a
page list which you can validate, but it also provides a way to
synchronize if a hostile userspace does an unmap.
Jason
More information about the linux-arm-kernel
mailing list