lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3634dee5-3f9f-4618-951e-8bb5e4988223@redhat.com>
Date:   Tue, 19 Nov 2019 09:02:26 +0100
From:   Auger Eric <eric.auger@...hat.com>
To:     Jacob Pan <jacob.jun.pan@...ux.intel.com>
Cc:     iommu@...ts.linux-foundation.org,
        LKML <linux-kernel@...r.kernel.org>,
        Joerg Roedel <joro@...tes.org>,
        Lu Baolu <baolu.lu@...ux.intel.com>,
        David Woodhouse <dwmw2@...radead.org>,
        "Tian, Kevin" <kevin.tian@...el.com>,
        Raj Ashok <ashok.raj@...el.com>, Yi Liu <yi.l.liu@...el.com>
Subject: Re: [PATCH v2 02/10] iommu/vt-d: Fix CPU and IOMMU SVM feature
 matching checks

Hi Jacob,

On 11/18/19 10:47 PM, Jacob Pan wrote:
> On Mon, 18 Nov 2019 21:33:34 +0100
> Auger Eric <eric.auger@...hat.com> wrote:
> 
>> Hi Jacob,
>>
>> On 11/18/19 8:42 PM, Jacob Pan wrote:
>>> The current code checks CPU and IOMMU feature set for SVM support
>>> but the result is never stored nor used. Therefore, SVM can still
>>> be used even when these checks failed.  
>> "SVM can still be used even when these checks failed". What were the
>> consequences if it happened? Does it fix this cleanly now.
>>>
> The consequence is DMA cannot reach above 48-bit virtual address range
> when CPU does 5-level and IOMMU can only do 4-level. With is fix,
> svm_bind_mm will fail in the first place to prevent SVM use by DMA.
OK thank you for the clarification. Maybe this latter can be added in
the commit message
> 
>>> This patch consolidates code for checking PASID, CPU vs. IOMMU
>>> paging mode compatibility, as well as provides specific error
>>> messages for each failed checks.>
>>> Signed-off-by: Jacob Pan <jacob.jun.pan@...ux.intel.com>
>>> Acked-by: Lu Baolu <baolu.lu@...ux.intel.com>
>>> ---
>>>  drivers/iommu/intel-iommu.c | 10 ++--------
>>>  drivers/iommu/intel-svm.c   | 40
>>> +++++++++++++++++++++++++++-------------
>>> include/linux/intel-iommu.h |  4 +++- 3 files changed, 32
>>> insertions(+), 22 deletions(-)
>>>
>>> diff --git a/drivers/iommu/intel-iommu.c
>>> b/drivers/iommu/intel-iommu.c index 3f974919d3bd..d598168e410d
>>> 100644 --- a/drivers/iommu/intel-iommu.c
>>> +++ b/drivers/iommu/intel-iommu.c
>>> @@ -3289,10 +3289,7 @@ static int __init init_dmars(void)
>>>  
>>>  		if (!ecap_pass_through(iommu->ecap))
>>>  			hw_pass_through = 0;
>>> -#ifdef CONFIG_INTEL_IOMMU_SVM
>>> -		if (pasid_supported(iommu))
>>> -			intel_svm_init(iommu);
>>> -#endif
>>> +		intel_svm_check(iommu);
>>>  	}
>>>  
>>>  	/*
>>> @@ -4471,10 +4468,7 @@ static int intel_iommu_add(struct
>>> dmar_drhd_unit *dmaru) if (ret)
>>>  		goto out;
>>>  
>>> -#ifdef CONFIG_INTEL_IOMMU_SVM
>>> -	if (pasid_supported(iommu))
>>> -		intel_svm_init(iommu);
>>> -#endif
>>> +	intel_svm_check(iommu);
>>>  
>>>  	if (dmaru->ignored) {
>>>  		/*
>>> diff --git a/drivers/iommu/intel-svm.c b/drivers/iommu/intel-svm.c
>>> index 9b159132405d..716c543488f6 100644
>>> --- a/drivers/iommu/intel-svm.c
>>> +++ b/drivers/iommu/intel-svm.c
>>> @@ -23,19 +23,6 @@
>>>  
>>>  static irqreturn_t prq_event_thread(int irq, void *d);
>>>  
>>> -int intel_svm_init(struct intel_iommu *iommu)
>>> -{
>>> -	if (cpu_feature_enabled(X86_FEATURE_GBPAGES) &&
>>> -			!cap_fl1gp_support(iommu->cap))
>>> -		return -EINVAL;
>>> -
>>> -	if (cpu_feature_enabled(X86_FEATURE_LA57) &&
>>> -			!cap_5lp_support(iommu->cap))
>>> -		return -EINVAL;
>>> -
>>> -	return 0;
>>> -}
>>> -
>>>  #define PRQ_ORDER 0
>>>  
>>>  int intel_svm_enable_prq(struct intel_iommu *iommu)
>>> @@ -99,6 +86,33 @@ int intel_svm_finish_prq(struct intel_iommu
>>> *iommu) return 0;
>>>  }
>>>  
>>> +static inline bool intel_svm_capable(struct intel_iommu *iommu)
>>> +{
>>> +	return iommu->flags & VTD_FLAG_SVM_CAPABLE;
>>> +}
>>> +
>>> +void intel_svm_check(struct intel_iommu *iommu)
>>> +{
>>> +	if (!pasid_supported(iommu))
>>> +		return;
>>> +
>>> +	if (cpu_feature_enabled(X86_FEATURE_GBPAGES) &&
>>> +	    !cap_fl1gp_support(iommu->cap)) {
>>> +		pr_err("%s SVM disabled, incompatible 1GB page
>>> capability\n",
>>> +		       iommu->name);  
>> nit: is it really an error or just a warning?
> I think it is an error in that there is an illegal configuration. It is
> mostly for vIOMMU, we expect native HW should have these features
> matched.

OK

Thanks

Eric
> 
>>> +		return;
>>> +	}
>>> +
>>> +	if (cpu_feature_enabled(X86_FEATURE_LA57) &&
>>> +	    !cap_5lp_support(iommu->cap)) {
>>> +		pr_err("%s SVM disabled, incompatible paging
>>> mode\n",
>>> +		       iommu->name);
>>> +		return;
>>> +	}
>>> +
>>> +	iommu->flags |= VTD_FLAG_SVM_CAPABLE;
>>> +}
>>> +
>>>  static void intel_flush_svm_range_dev (struct intel_svm *svm,
>>> struct intel_svm_dev *sdev, unsigned long address, unsigned long
>>> pages, int ih) {
>>> diff --git a/include/linux/intel-iommu.h
>>> b/include/linux/intel-iommu.h index 63118991824c..7dcfa1c4a844
>>> 100644 --- a/include/linux/intel-iommu.h
>>> +++ b/include/linux/intel-iommu.h
>>> @@ -657,7 +657,7 @@ void iommu_flush_write_buffer(struct
>>> intel_iommu *iommu); int intel_iommu_enable_pasid(struct
>>> intel_iommu *iommu, struct device *dev); 
>>>  #ifdef CONFIG_INTEL_IOMMU_SVM
>>> -int intel_svm_init(struct intel_iommu *iommu);
>>> +extern void intel_svm_check(struct intel_iommu *iommu);
>>>  extern int intel_svm_enable_prq(struct intel_iommu *iommu);
>>>  extern int intel_svm_finish_prq(struct intel_iommu *iommu);
>>>  
>>> @@ -685,6 +685,8 @@ struct intel_svm {
>>>  };
>>>  
>>>  extern struct intel_iommu *intel_svm_device_to_iommu(struct device
>>> *dev); +#else
>>> +static inline void intel_svm_check(struct intel_iommu *iommu) {}
>>>  #endif
>>>  
>>>  #ifdef CONFIG_INTEL_IOMMU_DEBUGFS
>>>   
>> Besides,
>> Reviewed-by: Eric Auger <eric.auger@...hat.com>
>>
>> Thanks
>>
>> Eric
>>
> 
> [Jacob Pan]
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ