lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Thu, 4 Feb 2021 10:13:55 +0800
From:   Lu Baolu <>
To:     "Tian, Kevin" <>,
        Joerg Roedel <>
Cc:, "Raj, Ashok" <>,
        "" <>,
        "" <>,
        Will Deacon <>
Subject: Re: [PATCH v2 3/3] iommu/vt-d: Apply SATC policy

Hi Kevin,

On 2/4/21 9:59 AM, Tian, Kevin wrote:
>> From: Lu Baolu
>> Sent: Wednesday, February 3, 2021 5:33 PM
>> From: Yian Chen<>
>> Starting from Intel VT-d v3.2, Intel platform BIOS can provide a new SATC
>> table structure. SATC table lists a set of SoC integrated devices that
>> require ATC to work (VT-d specification v3.2, section 8.8). Furthermore,
> This statement is not accurate. The purpose of SATC is to tell whether a
> SoC integrated device has been validated to meet the isolation requirements
> of using device TLB. All devices listed in SATC can have ATC safely enabled by
> OS. In addition, there is a flag for each listed device for whether ATC is a
> functional requirement. However, above description only captured the last
> point.

You are right. This series only addresses the devices with the flag set
which have functional requirement for ATS.

>> the new version of IOMMU supports SoC device ATS in both its Scalable
>> mode
>> and legacy mode.
>> When IOMMU is working in scalable mode, software must enable device ATS
>> support.
> "must enable" is misleading here. You need describe the policies for three
> categories:
> - SATC devices with ATC_REQUIRED=1
> - SATC devices with ATC_REQUIRED=0
> - devices not listed in SATC, or when SATC is missing

Yian is working on this part. We planed it for v5.13. He will bring it
up for discussion later.

>> On the other hand, when IOMMU is in legacy mode for whatever
>> reason, the hardware managed ATS will automatically take effect and the
>> SATC required devices can work transparently to the software. As the
> No background about hardware-managed ATS.
>> result, software shouldn't enable ATS on that device, otherwise duplicate
>> device TLB invalidations will occur.
> This description draws a equation between legacy mode and hardware
> managed ATS. Do we care about the scenario where there is no hardware
> managed ATS but people also want to turn on ATC in legacy mode?

The hardware managed ATS is defined in the platform specific
specification. The purpose of this hardware design is backward
compatibility - legacy OSes with no SM or ATS awareness still running
well on them.

> Thanks
> Kevin

Best regards,

Powered by blists - more mailing lists