lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 5 May 2020 07:34:39 -0700 From: Dave Hansen <dave.hansen@...el.com> To: Christian Borntraeger <borntraeger@...ibm.com>, Ulrich Weigand <uweigand@...ibm.com> Cc: Claudio Imbrenda <imbrenda@...ux.ibm.com>, viro@...iv.linux.org.uk, david@...hat.com, akpm@...ux-foundation.org, aarcange@...hat.com, linux-mm@...ck.org, frankja@...ux.ibm.com, sfr@...b.auug.org.au, jhubbard@...dia.com, linux-kernel@...r.kernel.org, linux-s390@...r.kernel.org, jack@...e.cz, kirill@...temov.name, peterz@...radead.org, sean.j.christopherson@...el.com, Ulrich.Weigand@...ibm.com Subject: Re: [PATCH v2 1/1] fs/splice: add missing callback for inaccessible pages On 5/5/20 7:31 AM, Christian Borntraeger wrote: >> So, the requirements are: >> >> 1. Allow host-side DMA and CPU access to shared pages >> 2. Stop host-side DMA and CPU access to encrypted pages >> 3. Allow pages to be converted between the states at the request of the >> guest >> >> Stopping the DMA is pretty easy, even across the gazillions of drivers >> in the tree because even random ethernet drivers do stuff like: >> >> txdr->buffer_info[i].dma = >> dma_map_single(&pdev->dev, skb->data, skb->len, >> DMA_TO_DEVICE); >> >> So the DMA can be stopped at the mapping layer. It's a *LOT* easier to >> catch there since the IOMMUs already provide isolation between the I/O >> and CPU address spaces. > And your problem is that the guest could convert this after the dma_map? > So you looked into our code if this would help? Yep, it seemed like a close-enough problem.
Powered by blists - more mailing lists