lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 14 Jan 2021 09:30:01 +0800
From:   Lu Baolu <baolu.lu@...ux.intel.com>
To:     tglx@...utronix.de, ashok.raj@...el.com, kevin.tian@...el.com,
        dave.jiang@...el.com, megha.dey@...el.com, dwmw2@...radead.org
Cc:     alex.williamson@...hat.com, bhelgaas@...gle.com,
        dan.j.williams@...el.com, will@...nel.org, joro@...tes.org,
        dmaengine@...r.kernel.org, eric.auger@...hat.com,
        jacob.jun.pan@...el.com, jgg@...lanox.com, kvm@...r.kernel.org,
        kwankhede@...dia.com, linux-kernel@...r.kernel.org,
        linux-pci@...r.kernel.org, iommu@...ts.linux-foundation.org,
        maz@...nel.org, mona.hossain@...el.com, netanelg@...lanox.com,
        parav@...lanox.com, pbonzini@...hat.com, rafael@...nel.org,
        samuel.ortiz@...el.com, sanjay.k.kumar@...el.com,
        shahafs@...lanox.com, tony.luck@...el.com, vkoul@...nel.org,
        yan.y.zhao@...ux.intel.com, yi.l.liu@...el.com, leon@...nel.org,
        Lu Baolu <baolu.lu@...ux.intel.com>
Subject: [RFC PATCH v3 0/2] Add platform check for subdevice irq domain

Hi,

Learnt from the discussions in this thread:

https://lore.kernel.org/linux-pci/160408357912.912050.17005584526266191420.stgit@djiang5-desk3.ch.intel.com/

The device IMS (Interrupt Message Storage) should not be enabled in any
virtualization environments unless there is a HYPERCALL domain which
makes the changes in the message store monitored by the hypervisor.

As the initial step, we allow the IMS to be enabled only if we are
running on the bare metal. It's easy to enable IMS in the virtualization
environments if above preconditions are met in the future.

This series is only for comments purpose. We will include it in the Intel
IMS implementation later once we reach a consensus.

Change log:
v2->v3:
 - v2:
   https://lore.kernel.org/linux-pci/20210106022749.2769057-1-baolu.lu@linux.intel.com/
 - Add all identified heuristics so far.

v1->v2:
 - v1:
   https://lore.kernel.org/linux-pci/20201210004624.345282-1-baolu.lu@linux.intel.com/
 - Rename probably_on_bare_metal() with on_bare_metal();
 - Some vendors might use the same name for both bare metal and virtual
   environment. Before we add vendor specific code to distinguish
   between them, let's return false in on_bare_metal(). This won't
   introduce any regression. The only impact is that the coming new
   platform msi feature won't be supported until the vendor specific code
   is provided.

Best regards,
baolu

Lu Baolu (2):
  iommu: Add capability IOMMU_CAP_VIOMMU
  platform-msi: Add platform check for subdevice irq domain

 arch/x86/pci/common.c        | 71 ++++++++++++++++++++++++++++++++++++
 drivers/base/platform-msi.c  |  8 ++++
 drivers/iommu/intel/iommu.c  | 20 ++++++++++
 drivers/iommu/virtio-iommu.c |  9 +++++
 include/linux/iommu.h        |  1 +
 include/linux/msi.h          |  1 +
 6 files changed, 110 insertions(+)

-- 
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ