lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 27 May 2021 23:55:00 +0530
From:   Kirti Wankhede <kwankhede@...dia.com>
To:     David Gibson <david@...son.dropbear.id.au>
CC:     Jason Gunthorpe <jgg@...dia.com>,
        Alex Williamson <alex.williamson@...hat.com>,
        "Liu, Yi L" <yi.l.liu@...el.com>,
        Jacob Pan <jacob.jun.pan@...ux.intel.com>,
        Auger Eric <eric.auger@...hat.com>,
        Jean-Philippe Brucker <jean-philippe@...aro.org>,
        "Tian, Kevin" <kevin.tian@...el.com>,
        LKML <linux-kernel@...r.kernel.org>,
        Joerg Roedel <joro@...tes.org>,
        Lu Baolu <baolu.lu@...ux.intel.com>,
        David Woodhouse <dwmw2@...radead.org>,
        "iommu@...ts.linux-foundation.org" <iommu@...ts.linux-foundation.org>,
        "cgroups@...r.kernel.org" <cgroups@...r.kernel.org>,
        Tejun Heo <tj@...nel.org>, Li Zefan <lizefan@...wei.com>,
        Johannes Weiner <hannes@...xchg.org>,
        "Jean-Philippe Brucker" <jean-philippe@...aro.com>,
        Jonathan Corbet <corbet@....net>,
        "Raj, Ashok" <ashok.raj@...el.com>, "Wu, Hao" <hao.wu@...el.com>,
        "Jiang, Dave" <dave.jiang@...el.com>,
        Alexey Kardashevskiy <aik@...abs.ru>, Neo Jia <cjia@...dia.com>
Subject: Re: [PATCH V4 05/18] iommu/ioasid: Redefine IOASID set and allocation
 APIs



On 5/27/2021 10:30 AM, David Gibson wrote:
> On Wed, May 26, 2021 at 02:48:03AM +0530, Kirti Wankhede wrote:
>>
>>
>> On 5/26/2021 1:22 AM, Jason Gunthorpe wrote:
>>> On Wed, May 26, 2021 at 12:56:30AM +0530, Kirti Wankhede wrote:
>>>
>>>> 2. iommu backed mdev devices for SRIOV where mdev device is created per
>>>> VF (mdev device == VF device) then that mdev device has same iommu
>>>> protection scope as VF associated to it.
>>>
>>> This doesn't require, and certainly shouldn't create, a fake group.
>>>
>>> Only the VF's real IOMMU group should be used to model an iommu domain
>>> linked to a VF. Injecting fake groups that are proxies for real groups
>>> only opens the possibility of security problems like David is
>>> concerned with.
>>>
>>
>> I think this security issue should be addressed by letting mdev device
>> inherit its parent's iommu_group, i.e. VF's iommu_group here.
> 
> No, that doesn't work.  AIUI part of the whole point of mdevs is to
> allow chunks of a single PCI function to be handed out to different
> places, because they're isolated from each other not by the system
> IOMMU, but by a combination of MMU hardware in the hardware (e.g. in a
> GPU card) and software in the mdev driver. 

That's correct for non-iommu backed mdev devices.

> If mdevs inherited the
> group of their parent device they wouldn't count as isolated from each
> other, which they should.
> 

For iommu backed mdev devices for SRIOV, where there can be single mdev 
device for its parent, here parent device is VF, there can't be multiple 
mdev devices associated with that VF. In this case mdev can inherit the 
group of parent device.

Kirti

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ