lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 5 May 2020 08:09:39 +0200
From:   Cornelia Huck <cohuck@...hat.com>
To:     Alex Williamson <alex.williamson@...hat.com>
Cc:     Neo Jia <cjia@...dia.com>, <kvm@...r.kernel.org>,
        <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] vfio-pci: Mask cap zero

On Mon, 4 May 2020 17:03:54 -0600
Alex Williamson <alex.williamson@...hat.com> wrote:

> On Mon, 4 May 2020 15:08:08 -0700
> Neo Jia <cjia@...dia.com> wrote:
> 
> > On Mon, May 04, 2020 at 12:52:53PM -0600, Alex Williamson wrote:  
> > > External email: Use caution opening links or attachments
> > > 
> > > 
> > > On Mon, 4 May 2020 18:09:16 +0200
> > > Cornelia Huck <cohuck@...hat.com> wrote:
> > >     
> > > > On Fri, 01 May 2020 15:41:24 -0600
> > > > Alex Williamson <alex.williamson@...hat.com> wrote:
> > > >    
> > > > > There is no PCI spec defined capability with ID 0, therefore we don't
> > > > > expect to find it in a capability chain and we use this index in an
> > > > > internal array for tracking the sizes of various capabilities to handle
> > > > > standard config space.  Therefore if a device does present us with a
> > > > > capability ID 0, we mark our capability map with nonsense that can
> > > > > trigger conflicts with other capabilities in the chain.  Ignore ID 0
> > > > > when walking the capability chain, handling it as a hidden capability.
> > > > >
> > > > > Seen on an NVIDIA Tesla T4.
> > > > >
> > > > > Signed-off-by: Alex Williamson <alex.williamson@...hat.com>
> > > > > ---
> > > > >  drivers/vfio/pci/vfio_pci_config.c |    2 +-
> > > > >  1 file changed, 1 insertion(+), 1 deletion(-)
> > > > >
> > > > > diff --git a/drivers/vfio/pci/vfio_pci_config.c b/drivers/vfio/pci/vfio_pci_config.c
> > > > > index 87d0cc8c86ad..5935a804cb88 100644
> > > > > --- a/drivers/vfio/pci/vfio_pci_config.c
> > > > > +++ b/drivers/vfio/pci/vfio_pci_config.c
> > > > > @@ -1487,7 +1487,7 @@ static int vfio_cap_init(struct vfio_pci_device *vdev)
> > > > >             if (ret)
> > > > >                     return ret;
> > > > >
> > > > > -           if (cap <= PCI_CAP_ID_MAX) {    
> > > >
> > > > Maybe add a comment:
> > > >
> > > > /* no PCI spec defined capability with ID 0: hide it */    
> > 
> > Hi Alex,
> > 
> > I think this is NULL Capability defined in Codes and IDs spec, probably we
> > should just add a new enum to represent that?  
> 
> Yes, it looks like the 1.1 version of that specification from June 2015
> changed ID 0 from reserved to a NULL capability.  So my description and
> this comment are wrong, but I wonder if we should did anything
> different with the handling of this capability.  It's specified to
> contain only the ID and next pointer, so I'd expect it's primarily a
> mechanism for hardware vendors to blow fuses in config space to
> maintain a capability chain while maybe hiding a feature not supported
> by the product sku.  Hiding the capability in vfio is trivial, exposing
> it implies some changes to our config space map that might be more
> subtle.  I'm inclined to stick with this solution for now.  Thanks,
> 
> Alex

From this description, I also think that we should simply hide these
NULL capabilities.

Powered by blists - more mailing lists