lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 18 Feb 2020 05:07:50 +0000 From: "Liu, Yi L" <yi.l.liu@...el.com> To: "Liu, Yi L" <yi.l.liu@...el.com>, Alex Williamson <alex.williamson@...hat.com> CC: "eric.auger@...hat.com" <eric.auger@...hat.com>, "Tian, Kevin" <kevin.tian@...el.com>, "jacob.jun.pan@...ux.intel.com" <jacob.jun.pan@...ux.intel.com>, "joro@...tes.org" <joro@...tes.org>, "Raj, Ashok" <ashok.raj@...el.com>, "Tian, Jun J" <jun.j.tian@...el.com>, "Sun, Yi Y" <yi.y.sun@...el.com>, "jean-philippe.brucker@....com" <jean-philippe.brucker@....com>, "peterx@...hat.com" <peterx@...hat.com>, "iommu@...ts.linux-foundation.org" <iommu@...ts.linux-foundation.org>, "kvm@...r.kernel.org" <kvm@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: RE: [RFC v3 1/8] vfio: Add VFIO_IOMMU_PASID_REQUEST(alloc/free) > From: Liu, Yi L <yi.l.liu@...el.com> > Sent: Friday, January 31, 2020 8:41 PM > To: Alex Williamson <alex.williamson@...hat.com> > Subject: RE: [RFC v3 1/8] vfio: Add VFIO_IOMMU_PASID_REQUEST(alloc/free) > > > +static int vfio_iommu_type1_pasid_free(struct vfio_iommu *iommu, > > > + unsigned int pasid) > > > +{ > > > + struct vfio_mm *vmm = iommu->vmm; > > > + int ret = 0; > > > + > > > + mutex_lock(&iommu->lock); > > > + if (!IS_IOMMU_CAP_DOMAIN_IN_CONTAINER(iommu)) { > > > > But we could have been IOMMU backed when the pasid was allocated, did we > just > > leak something? In fact, I didn't spot anything in this series that handles > > a container with pasids allocated losing iommu backing. > > I'd think we want to release all pasids when that happens since permission for > > the user to hold pasids goes along with having an iommu backed device. > > oh, yes. If a container lose iommu backend, then needs to reclaim the allocated > PASIDs. right? I'll add it. :-) Hi Alex, I went through the flow again. Maybe current series has already covered it. There is vfio_mm which is used to track allocated PASIDs. Its life cycle is type1 driver open and release. If I understand it correctly, type1 driver release happens when there is no more iommu backed groups in a container. static void __vfio_group_unset_container(struct vfio_group *group) { [...] /* Detaching the last group deprivileges a container, remove iommu */ if (driver && list_empty(&container->group_list)) { driver->ops->release(container->iommu_data); module_put(driver->ops->owner); container->iommu_driver = NULL; container->iommu_data = NULL; } [...] } Regards, Yi Liu
Powered by blists - more mailing lists