lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Fri, 13 Jun 2014 10:35:17 -0600
From:	Alex Williamson <alex.williamson@...hat.com>
To:	David Woodhouse <dwmw2@...radead.org>
Cc:	iommu@...ts.linux-foundation.org, chegu_vinod@...com,
	linux-kernel@...r.kernel.org
Subject: Re: [RESEND PATCH] iommu/intel: Exclude devices using RMRRs from
 IOMMU API domains

On Fri, 2014-06-13 at 15:34 +0100, David Woodhouse wrote:
> On Thu, 2014-06-12 at 10:35 -0600, Alex Williamson wrote:
> > The user of the IOMMU API domain expects to have full control of
> > the IOVA space for the domain.  RMRRs are fundamentally incompatible
> > with that idea.  We can neither map the RMRR into the IOMMU API
> > domain, nor can we guarantee that the device won't continue DMA with
> > the area described by the RMRR as part of the new domain.  Therefore
> > we must prevent such devices from being used by the IOMMU API.
> > 
> > Signed-off-by: Alex Williamson <alex.williamson@...hat.com>
> > ---
> > 
> > I didn't see any actionable items from the last posting of this, so
> > re-posting unchanged.
> 
> That also wants a Cc:stable, I suppose.
> 
> I note we now have two copies of the 'device has RMRR and we actually
> care' logic, where the latter clause is really just "is it USB".
> 
> Is it worth consolidating that into a macro that's used in both places,
> in case the check does get more complicated? Are other devices going to
> start getting added to the class of "we don't need the RMRRs to persist
> and we *do* want to be able to assign them"... or is that just
> needlessly overcomplicating it at this stage?

v2 sent with a single function used in both places.  I suppose time will
tell if we need to start whitelisting other devices, I'm actually a bit
nervous what vendors will start hiding in USB RMRRs if they know we
handle them differently.  We can always add platform or device specific
quirks when we find out about vendors finding new ways to be creative.
Thanks,

Alex

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ