lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 28 Feb 2022 15:06:15 -0700 From: Alex Williamson <alex.williamson@...hat.com> To: Lu Baolu <baolu.lu@...ux.intel.com> Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Joerg Roedel <joro@...tes.org>, Bjorn Helgaas <bhelgaas@...gle.com>, Jason Gunthorpe <jgg@...dia.com>, Christoph Hellwig <hch@...radead.org>, Kevin Tian <kevin.tian@...el.com>, Ashok Raj <ashok.raj@...el.com>, Will Deacon <will@...nel.org>, Robin Murphy <robin.murphy@....com>, Dan Williams <dan.j.williams@...el.com>, rafael@...nel.org, Diana Craciun <diana.craciun@....nxp.com>, Cornelia Huck <cohuck@...hat.com>, Eric Auger <eric.auger@...hat.com>, Liu Yi L <yi.l.liu@...el.com>, Jacob jun Pan <jacob.jun.pan@...el.com>, Chaitanya Kulkarni <kch@...dia.com>, Stuart Yoder <stuyoder@...il.com>, Laurentiu Tudor <laurentiu.tudor@....com>, Thierry Reding <thierry.reding@...il.com>, David Airlie <airlied@...ux.ie>, Daniel Vetter <daniel@...ll.ch>, Jonathan Hunter <jonathanh@...dia.com>, Li Yang <leoyang.li@....com>, Dmitry Osipenko <digetx@...il.com>, iommu@...ts.linux-foundation.org, linux-pci@...r.kernel.org, kvm@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH v7 07/11] vfio: Set DMA ownership for VFIO devices On Mon, 28 Feb 2022 08:50:52 +0800 Lu Baolu <baolu.lu@...ux.intel.com> wrote: > Claim group dma ownership when an IOMMU group is set to a container, > and release the dma ownership once the iommu group is unset from the > container. > > This change disallows some unsafe bridge drivers to bind to non-ACS > bridges while devices under them are assigned to user space. This is an > intentional enhancement and possibly breaks some existing > configurations. The recommendation to such an affected user would be > that the previously allowed host bridge driver was unsafe for this use > case and to continue to enable assignment of devices within that group, > the driver should be unbound from the bridge device or replaced with the > pci-stub driver. > > For any bridge driver, we consider it unsafe if it satisfies any of the > following conditions: > > 1) The bridge driver uses DMA. Calling pci_set_master() or calling any > kernel DMA API (dma_map_*() and etc.) is an indicate that the > driver is doing DMA. > > 2) If the bridge driver uses MMIO, it should be tolerant to hostile > userspace also touching the same MMIO registers via P2P DMA > attacks. > > If the bridge driver turns out to be a safe one, it could be used as > before by setting the driver's .driver_managed_dma field, just like what > we have done in the pcieport driver. > > Signed-off-by: Lu Baolu <baolu.lu@...ux.intel.com> > Reviewed-by: Jason Gunthorpe <jgg@...dia.com> > --- > drivers/vfio/fsl-mc/vfio_fsl_mc.c | 1 + > drivers/vfio/pci/vfio_pci.c | 1 + > drivers/vfio/platform/vfio_amba.c | 1 + > drivers/vfio/platform/vfio_platform.c | 1 + > drivers/vfio/vfio.c | 10 +++++++++- > 5 files changed, 13 insertions(+), 1 deletion(-) Acked-by: Alex Williamson <alex.williamson@...hat.com>
Powered by blists - more mailing lists