| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <tencent_2EB84D1A69750D821D1A8324112BDBCE6A08@qq.com>
Date: Tue, 19 Apr 2022 09:02:52 +0800
From: "zhangfei.gao@...mail.com" <zhangfei.gao@...mail.com>
To: Jacob Pan <jacob.jun.pan@...ux.intel.com>
Cc: Fenghua Yu <fenghua.yu@...el.com>,
Ravi V Shankar <ravi.v.shankar@...el.com>,
Tony Luck <tony.luck@...el.com>,
Ashok Raj <ashok.raj@...el.com>,
jean-philippe <jean-philippe@...aro.org>,
Peter Zijlstra <peterz@...radead.org>,
Dave Hansen <dave.hansen@...ux.intel.com>,
x86 <x86@...nel.org>,
linux-kernel <linux-kernel@...r.kernel.org>,
Dave Hansen <dave.hansen@...el.com>,
iommu <iommu@...ts.linux-foundation.org>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Andy Lutomirski <luto@...nel.org>,
Josh Poimboeuf <jpoimboe@...hat.com>,
Thomas Gleixner <tglx@...utronix.de>
Subject: Re: [PATCH v4 05/11] iommu/sva: Assign a PASID to mm on PASID
allocation and free it on mm exit
On 2022/4/19 上午2:14, Jacob Pan wrote:
> Hi zhangfei.gao@...mail.com,
>
> On Sat, 16 Apr 2022 09:43:07 +0800, "zhangfei.gao@...mail.com"
> <zhangfei.gao@...mail.com> wrote:
>
>> On 2022/4/16 上午5:00, Jacob Pan wrote:
>>> Hi zhangfei.gao@...mail.com,
>>>
>>> On Fri, 15 Apr 2022 19:52:03 +0800, "zhangfei.gao@...mail.com"
>>> <zhangfei.gao@...mail.com> wrote:
>>>
>>>>>>> A PASID might be still used even though it is freed on mm exit.
>>>>>>>
>>>>>>> process A:
>>>>>>> sva_bind();
>>>>>>> ioasid_alloc() = N; // Get PASID N for the mm
>>>>>>> fork(): // spawn process B
>>>>>>> exit();
>>>>>>> ioasid_free(N);
>>>>>>>
>>>>>>> process B:
>>>>>>> device uses PASID N -> failure
>>>>>>> sva_unbind();
>>>>>>>
>>>>>>> Dave Hansen suggests to take a refcount on the mm whenever binding
>>>>>>> the PASID to a device and drop the refcount on unbinding. The mm
>>>>>>> won't be dropped if the PASID is still bound to it.
>>>>>>>
>>>>>>> Fixes: 701fac40384f ("iommu/sva: Assign a PASID to mm on PASID
>>>>>>> allocation and free it on mm exit")
>>>>>>>
>>> Is process A's mm intended to be used by process B? Or you really should
>>> use PASID N on process B's mm? If the latter, it may work for a while
>>> until B changes mapping.
>>>
>>> It seems you are just extending the life of a defunct mm?
>> From nginx code, the master process init resources, then fork daemon
>> process to take over,
>> then master process exit by itself.
>>
>> src/core/nginx.c
>> main
>> ngx_ssl_init(log); -> openssl engine -> bind_fn -> sva_bind()
>> ngx_daemon(cycle->log)
>>
>> src/os/unix/ngx_daemon.c
>> ngx_daemon(ngx_log_t *log)
>> {
>> int fd;
>>
>> switch (fork()) {
>> case -1:
>> ngx_log_error(NGX_LOG_EMERG, log, ngx_errno, "fork() failed");
>> return NGX_ERROR;
>>
>> case 0:
>> // the fork daemon process
>> break;
>>
> Does this child process call sva_bind() again to get another PASID? Or it
> will keep using the parent's PASID for DMA?
The master process call sva_bind (PASID A), fork daemon process, then exit.
The daemon process does not call sva_bind again, only for managing
worker processes.
The worker process will call sva_bind for new PASID (B), for real
transaction.
The worker process will free the PASID (B) when worker process exit like
nginx quit.
nginx -s quit does not free PASID A via callback, which may should be
freed by signal handler in engine itself, still in check.
Thanks
Powered by blists - more mailing lists