lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 10 Jul 2020 10:10:34 -0600
From:   Alex Williamson <alex.williamson@...hat.com>
To:     Bjorn Helgaas <helgaas@...nel.org>
Cc:     Giovanni Cabiddu <giovanni.cabiddu@...el.com>,
        herbert@...dor.apana.org.au, cohuck@...hat.com, nhorman@...hat.com,
        vdronov@...hat.com, bhelgaas@...gle.com, mark.a.chambers@...el.com,
        gordon.mcfadden@...el.com, ahsan.atta@...el.com,
        qat-linux@...el.com, kvm@...r.kernel.org,
        linux-crypto@...r.kernel.org, linux-pci@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 3/5] vfio/pci: add qat devices to blocklist

On Fri, 10 Jul 2020 10:44:33 -0500
Bjorn Helgaas <helgaas@...nel.org> wrote:

> On Fri, Jul 10, 2020 at 10:37:45AM -0500, Bjorn Helgaas wrote:
> > On Fri, Jul 10, 2020 at 04:08:19PM +0100, Giovanni Cabiddu wrote:  
> > > On Wed, Jul 01, 2020 at 04:28:12PM -0500, Bjorn Helgaas wrote:  
> > > > On Wed, Jul 01, 2020 at 12:03:00PM +0100, Giovanni Cabiddu wrote:  
> > > > > The current generation of Intel® QuickAssist Technology devices
> > > > > are not designed to run in an untrusted environment because of the
> > > > > following issues reported in the release notes in
> > > > > https://01.org/intel-quickassist-technology:  
> > > > 
> > > > It would be nice if this link were directly clickable, e.g., if there
> > > > were no trailing ":" or something.
> > > > 
> > > > And it would be even better if it went to a specific doc that
> > > > described these issues.  I assume these are errata, and it's not easy
> > > > to figure out which doc mentions them.  
> > > Sure. I will fix the commit message in the next revision and point to the
> > > actual document:
> > > https://01.org/sites/default/files/downloads/336211-015-qatsoftwareforlinux-rn-hwv1.7-final.pdf  
> > 
> > Since URLs tend to go stale, please also include the Intel document
> > number and title.  
> 
> Oh, and is "01.org" really the right place for that?  It looks like an
> Intel document, so I'd expect it to be somewhere on intel.com.
> 
> I'm still a little confused.  That doc seems to be about *software*
> and Linux software in particular.  But when you said these "devices
> are not designed to run in an untrusted environment", I thought you
> meant there was some *hardware* design issue that caused a problem.

There seems to be a fair bit of hardware errata in the doc too, see:

3.1.2 QATE-7495 - GEN - An incorrectly formatted request to Intel® QAT can
hang the entire Intel® QAT Endpoint

3.1.9 QATE-39220 - GEN - QAT API submissions with bad addresses that
trigger DMA to invalid or unmapped addresses can cause a platform
hang

3.1.17 QATE-52389 - SR-IOV -Huge pages may not be compatible with QAT
VF usage

3.1.19 QATE-60953 - GEN – Intel® QAT API submissions with bad addresses
that trigger DMA to invalid or unmapped addresses can impact QAT
service availability

Thanks,
Alex

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ