lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAG8rG2wfwR0gYRk-8abe7Z7Z7WZ8FdH6qURVw9up==Z0DsrUkg@mail.gmail.com>
Date:	Tue, 21 Oct 2014 14:23:00 +0200
From:	Antonios Motakis <a.motakis@...tualopensystems.com>
To:	Andy Lutomirski <luto@...capital.net>
Cc:	kvm-arm <kvmarm@...ts.cs.columbia.edu>,
	Linux IOMMU <iommu@...ts.linux-foundation.org>,
	Alex Williamson <alex.williamson@...hat.com>,
	Will Deacon <will.deacon@....com>,
	VirtualOpenSystems Technical Team <tech@...tualopensystems.com>,
	Christoffer Dall <christoffer.dall@...aro.org>,
	Eric Auger <eric.auger@...aro.org>,
	Kim Phillips <kim.phillips@...escale.com>,
	Marc Zyngier <marc.zyngier@....com>,
	"open list:VFIO DRIVER" <kvm@...r.kernel.org>,
	"open list:ABI/API" <linux-api@...r.kernel.org>,
	open list <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 2/5] vfio: introduce the VFIO_DMA_MAP_FLAG_NOEXEC flag

On Mon, Oct 20, 2014 at 11:37 PM, Andy Lutomirski <luto@...capital.net> wrote:
> On Mon, Oct 13, 2014 at 6:09 AM, Antonios Motakis
> <a.motakis@...tualopensystems.com> wrote:
>> We introduce the VFIO_DMA_MAP_FLAG_NOEXEC flag to the VFIO dma map call,
>> and expose its availability via the capability VFIO_DMA_NOEXEC_IOMMU.
>> This way the user can control whether the XN flag will be set on the
>> requested mappings. The IOMMU_NOEXEC flag needs to be available for all
>> the IOMMUs of the container used.
>
> Since you sent this to the linux-api list, I'll bite: what's the XN
> flag?  I know what PROT_EXEC does when you mmap something, and I
> presume that vfio is mmappable, but I don't actually have any clue
> what this patch does.
>
> I assume that this does not have anything to do with a non-CPU DMA
> master executing code in main memory, because that makes rather little
> sense.  (Or maybe it really does, in which case: weird.)

It does actually. For example, the ARM PL330 DMA controller will fetch
from memory code with DMA instructions, and it will respect this flag.
It is not code that can be executed on the CPU of course, but it is
executable on the DMAC.


>
> --Andy



-- 
Antonios Motakis
Virtual Open Systems
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ