lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 21 Mar 2013 12:55:41 +1100
From:	David Gibson <david@...son.dropbear.id.au>
To:	Alex Williamson <alex.williamson@...hat.com>
Cc:	Alexey Kardashevskiy <aik@...abs.ru>,
	Benjamin Herrenschmidt <benh@...nel.crashing.org>,
	Paul Mackerras <paulus@...ba.org>, kvm@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] vfio powerpc: implement IOMMU driver for VFIO

On Wed, Mar 20, 2013 at 02:45:24PM -0600, Alex Williamson wrote:
> On Tue, 2013-03-19 at 18:08 +1100, Alexey Kardashevskiy wrote:
> > VFIO implements platform independent stuff such as
> > a PCI driver, BAR access (via read/write on a file descriptor
> > or direct mapping when possible) and IRQ signaling.
> > 
> > The platform dependent part includes IOMMU initialization
> > and handling. This patch implements an IOMMU driver for VFIO
> > which does mapping/unmapping pages for the guest IO and
> > provides information about DMA window (required by a POWERPC
> > guest).
> > 
> > The counterpart in QEMU is required to support this functionality.
> > 
> > Changelog:
> > * documentation updated
> > * containter enable/disable ioctls added
> > * request_module(spapr_iommu) added
> > * various locks fixed
> > 
> > Cc: David Gibson <david@...son.dropbear.id.au>
> > Signed-off-by: Alexey Kardashevskiy <aik@...abs.ru>
> > ---
> 
> 
> Looking pretty good.  There's one problem with the detach_group,
> otherwise just some trivial comments below.  What's the status of the
> tce code that this depends on?  Thanks,

[snip]
> > +static void tce_iommu_detach_group(void *iommu_data,
> > +		struct iommu_group *iommu_group)
> > +{
> > +	struct tce_container *container = iommu_data;
> > +	struct iommu_table *tbl = iommu_group_get_iommudata(iommu_group);
> > +
> > +	BUG_ON(!tbl);
> > +	mutex_lock(&container->lock);
> > +	if (tbl != container->tbl) {
> > +		pr_warn("tce_vfio: detaching group #%u, expected group is #%u\n",
> > +				iommu_group_id(iommu_group),
> > +				iommu_group_id(tbl->it_group));
> > +	} else if (container->enabled) {
> > +		pr_err("tce_vfio: detaching group #%u from enabled container\n",
> > +				iommu_group_id(tbl->it_group));
> 
> Hmm, something more than a pr_err needs to happen here.  Wouldn't this
> imply a disable and going back to an unprivileged container?

Uh, no.  I think the idea here is that we use the enable/disable
semantic to address some other potential problems.  Specifically,
sidestepping the problems of what happens if you change the
container's capabilities by adding/removing groups while in the middle
of using it.  So the point is that the detach fails when the group is
enabled, rather than implicitly doing anything.

-- 
David Gibson			| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you.  NOT _the_ _other_
				| _way_ _around_!
http://www.ozlabs.org/~dgibson

Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ