lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 25 Sep 2019 07:35:23 +0000
From:   "Tian, Kevin" <kevin.tian@...el.com>
To:     Peter Xu <peterx@...hat.com>, Lu Baolu <baolu.lu@...ux.intel.com>
CC:     Joerg Roedel <joro@...tes.org>,
        David Woodhouse <dwmw2@...radead.org>,
        Alex Williamson <alex.williamson@...hat.com>,
        Yi Sun <yi.y.sun@...ux.intel.com>,
        "Raj, Ashok" <ashok.raj@...el.com>,
        "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
        "Kumar, Sanjay K" <sanjay.k.kumar@...el.com>,
        "iommu@...ts.linux-foundation.org" <iommu@...ts.linux-foundation.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "Sun, Yi Y" <yi.y.sun@...el.com>
Subject: RE: [RFC PATCH 4/4] iommu/vt-d: Identify domains using first level
 page table

> From: Peter Xu [mailto:peterx@...hat.com]
> Sent: Wednesday, September 25, 2019 2:50 PM
> 
> On Mon, Sep 23, 2019 at 08:24:54PM +0800, Lu Baolu wrote:
> > +/*
> > + * Check and return whether first level is used by default for
> > + * DMA translation.
> > + */
> > +static bool first_level_by_default(void)
> > +{
> > +	struct dmar_drhd_unit *drhd;
> > +	struct intel_iommu *iommu;
> > +
> > +	rcu_read_lock();
> > +	for_each_active_iommu(iommu, drhd)
> > +		if (!sm_supported(iommu) ||
> > +		    !ecap_flts(iommu->ecap) ||
> > +		    !cap_caching_mode(iommu->cap))
> > +			return false;
> > +	rcu_read_unlock();
> > +
> > +	return true;
> > +}
> 
> "If no caching mode, then we will not use 1st level."
> 
> Hmm, does the vIOMMU needs to support caching-mode if with the
> solution you proposed here?  Caching mode is only necessary for
> shadowing AFAICT, and after all you're going to use full-nested,
> then... then I would think it's not needed.  And if so, with this
> patch 1st level will be disabled. Sounds like a paradox...
> 
> I'm thinking what would be the big picture for this to work now: For
> the vIOMMU, instead of exposing the caching-mode, I'm thinking maybe
> we should expose it with ecap.FLTS=1 while we can keep ecap.SLTS=0
> then it's natural that we can only use 1st level translation in the
> guest for all the domains (and I assume such an ecap value should
> never happen on real hardware, am I right?).
> 

yes, that's also the picture in my mind. :-)

Thanks
Kevin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ