| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 6 Apr 2022 10:36:23 +0200
From: Reto Buerki <reet@...elabs.ch>
To: dwmw2@...radead.org
Cc: x86@...nel.org, kvm@...r.kernel.org,
iommu@...ts.linux-foundation.org, joro@...tes.org,
tglx@...utronix.de, pbonzini@...hat.com,
linux-kernel@...r.kernel.org, linux-hyperv@...r.kernel.org,
maz@...terjones.org, decui@...rosoft.com
Subject: Re: [PATCH v3 12/35] x86/msi: Provide msi message shadow structs
While working on some out-of-tree patches, we noticed that assignment to
dmar_subhandle of struct x86_msi_data lead to a QEMU warning about
reserved bits in MSI data being set:
qemu-system-x86_64: vtd_interrupt_remap_msi: invalid IR MSI (sid=256, address=0xfee003d8, data=0x10000)
This message originates from hw/i386/intel_iommu.c in QEMU:
#define VTD_IR_MSI_DATA_RESERVED (0xffff0000)
if (origin->data & VTD_IR_MSI_DATA_RESERVED) { ... }
Looking at struct x86_msi_data, it appears that it is actually 48-bits in size
since the bitfield containing the vector, delivery_mode etc is 2 bytes wide
followed by dmar_subhandle which is 32 bits. Thus assignment to dmar_subhandle
leads to bits > 16 being set.
If I am not mistaken, the MSI data field should be 32-bits wide for all
platforms (struct msi_msg, include/linux/msi.h). Is this analysis
correct or did I miss something wrt. handling of dmar_subhandle?
The attached patch fixes the issue for us.
Regards,
- reto
Powered by blists - more mailing lists