lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 5 Jun 2015 16:14:52 -0500
From:	Scott Wood <scottwood@...escale.com>
To:	Rob Herring <robherring2@...il.com>
CC:	Eric Auger <eric.auger@...aro.org>, <eric.auger@...com>,
	"linux-arm-kernel@...ts.infradead.org" 
	<linux-arm-kernel@...ts.infradead.org>,
	<alex.williamson@...hat.com>, <b.reynal@...tualopensystems.com>,
	Alexander Graf <agraf@...e.de>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"Christoffer Dall" <christoffer.dall@...aro.org>,
	Linaro Patches <patches@...aro.org>
Subject: Re: [PATCH v2 0/4] VFIO platform reset

On Fri, 2015-06-05 at 13:05 -0500, Rob Herring wrote:
> On Fri, Jun 5, 2015 at 10:06 AM, Eric Auger <eric.auger@...aro.org> 
> wrote:
> > In situations where the userspace driver is stopped abnormally and 
> > the
> > VFIO platform device is released, the assigned HW device currently 
> > is
> > left running. As a consequence the HW device might continue 
> > issuing IRQs
> > and performing DMA accesses.
> > 
> > On release, no physical IRQ handler is setup anymore. Also the DMA 
> > buffers
> > are unmapped leading to IOMMU aborts. So there is no serious 
> > consequence.
> > 
> > However when assigning that HW device again to another userspace 
> > driver,
> > this latter might face some unexpected IRQs and DMA accesses, 
> > which are
> > the result of the previous assignment.
> 
> In general, shouldn't it just be a requirement that the drivers 
> handle
> this condition. You have the same problem with firmware/bootloaders
> leaving h/w not in reset state or kexec'ing to a new kernel.

It's not the same situation.  Firmware may leave HW in a non-reset 
state but it must not leave the HW doing DMA; there's nothing the OS 
could do about that as the OS could get corrupted before the driver 
has a chance to run (this is not fun to debug).  Leaving interrupts 
potentially asserted would be bad as well, especially if the interrupt 
is shared.

Likewise, with normal kexec drivers are supposed to quiesce the 
hardware first -- and with kdump, the affected DMA buffers are never 
reused.

In order for the driver to handle this, it would need to reset/quiesce 
the device itself before enabling an IOMMU mapping.  How would that 
work for virtualization scenarios where the guest does not see any 
IOMMU, and all vfio mappings are handled by QEMU or equivalent?

-Scott

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ