lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20081119150504G.fujita.tomonori@lab.ntt.co.jp>
Date:	Wed, 19 Nov 2008 15:05:24 +0900
From:	FUJITA Tomonori <fujita.tomonori@....ntt.co.jp>
To:	joerg.roedel@....com
Cc:	mingo@...hat.com, iommu@...ts.linux-foundation.org,
	linux-kernel@...r.kernel.org
Subject: Re: [GIT PULL] AMD IOMMU updates for 2.6.28-rc5

On Tue, 18 Nov 2008 16:43:22 +0100
Joerg Roedel <joerg.roedel@....com> wrote:

> Joerg Roedel (4):
>       AMD IOMMU: add parameter to disable device isolation
>       AMD IOMMU: enable device isolation per default
>       AMD IOMMU: fix fullflush comparison length
>       AMD IOMMU: check for next_bit also in unmapped area
> 
>  Documentation/kernel-parameters.txt |    4 +++-
>  arch/x86/kernel/amd_iommu.c         |    2 +-
>  arch/x86/kernel/amd_iommu_init.c    |    6 ++++--
>  3 files changed, 8 insertions(+), 4 deletions(-)
> 
> As the most important change these patches enable device isolation per
> default. Tests have shown that there are drivers which have bugs and do
> double-freeing of DMA memory.

What drivers? We need to fix them if they are mainline drivers.


> This can lead to data corruption with a
> hardware IOMMU when multiple devices share the same protection domain.
> Therefore device isolation should be enabled by default.

Hmm, the change is just because of the bug workaround? If so, I'm not
sure it's a good idea. We need to fix the buggy drivers anyway. And
device isolation is not free; e.g. use more memory rather than sharing
a protection domain. I guess that more people prefer sharing a
protection domain by default. It had been the default option for AMD
IOMMU until you hit the bugs. IIRC, VT-d also shares a protection
domain by default. It would be nice to avoid surprising users if the
two virtualization IOMMUs works in the similar way.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ