lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 16 Jul 2015 17:20:30 +0200
From:	Joerg Roedel <joro@...tes.org>
To:	Alex Williamson <alex.williamson@...hat.com>
Cc:	iommu@...ts.linux-foundation.org, dwmw2@...radead.org,
	jiang.liu@...ux.intel.com, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] iommu/vt-d: Fix VM domain ID leak

On Tue, Jul 14, 2015 at 02:48:53PM -0600, Alex Williamson wrote:
> This continues the attempt to fix commit fb170fb4c548 ("iommu/vt-d:
> Introduce helper functions to make code symmetric for readability").
> The previous attempt in commit 71684406905f ("iommu/vt-d: Detach
> domain *only* from attached iommus") overlooked the fact that
> dmar_domain.iommu_bmp gets cleared for VM domains when devices are
> detached:
> 
> intel_iommu_detach_device
>   domain_remove_one_dev_info
>     domain_detach_iommu
> 
> The domain is detached from the iommu, but the iommu is still attached
> to the domain, for whatever reason.

Gaah, this whole vm_or_si special handling is a complete and fragile
mess.

The only reason for keeping the domain-id allocated in the iommu
seems to be that it can be re-used later, when another device behind
this iommu is attached to the domain. But this is hardly a justification
for the complexity and special case handling here, so how about this
diff instead:

diff --git a/drivers/iommu/intel-iommu.c b/drivers/iommu/intel-iommu.c
index a98a7b2..c8fc8c8 100644
--- a/drivers/iommu/intel-iommu.c
+++ b/drivers/iommu/intel-iommu.c
@@ -4618,8 +4618,7 @@ static void domain_remove_one_dev_info(struct dmar_domain *domain,
 
 	if (found == 0) {
 		domain_detach_iommu(domain, iommu);
-		if (!domain_type_is_vm_or_si(domain))
-			iommu_detach_domain(domain, iommu);
+		iommu_detach_domain(domain, iommu);
 	}
 }
 
This removes the caching of domain-ids, and iommu_detach_domain
correctly handles all types of domains (dma-api, vm and si). It should
be safe, but can you please double-check?


	Joerg

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ