lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 25 Apr 2022 10:44:09 +0800
From:   Jason Wang <jasowang@...hat.com>
To:     jasowang@...hat.com, mst@...hat.com, linux-kernel@...r.kernel.org,
        virtualization@...ts.linux-foundation.org
Cc:     sgarzare@...hat.com, eperezma@...hat.com, lulu@...hat.com,
        tglx@...utronix.de, peterz@...radead.org, paulmck@...nel.org,
        maz@...nel.org, pasic@...ux.ibm.com, cohuck@...hat.com
Subject: [PATCH V3 0/9] rework on the IRQ hardening of virtio

Hi All:

This is a rework on the IRQ hardening for virtio which is done
previously by the following commits are reverted:

9e35276a5344 ("virtio_pci: harden MSI-X interrupts")
080cd7c3ac87 ("virtio-pci: harden INTX interrupts")

The reason is that it depends on the IRQF_NO_AUTOEN which may conflict
with the assumption of the affinity managed IRQ that is used by some
virtio drivers. And what's more, it is only done for virtio-pci but
not other transports.

In this rework, I try to implement a general virtio solution which
borrows the idea of the INTX hardening by re-using per virtqueue
boolean vq->broken and toggle it in virtio_device_ready() and
virtio_reset_device(). Then we can simply reuse the existing checks in
the vring_interrupt() and return early if the driver is not ready.

Note that, I only did compile test on ccw and MMIO transport.

Please review.

Changes since v1:

- Use transport specific irq synchronization method when possible
- Drop the module parameter and enable the hardening unconditonally
- Tweak the barrier/ordering facilities used in the code
- Reanme irq_soft_enabled to driver_ready
- Avoid unnecssary IRQ synchornization (e.g during boot)

Changes since V2:

- add ccw and MMIO support
- rename synchronize_vqs() to synchronize_cbs()
- switch to re-use vq->broken instead of introducing new device
  attributes for the future virtqueue reset support
- remove unnecssary READ_ONCE()/WRITE_ONCE()
- a new patch to remove device triggerable BUG_ON()
- more tweaks on the comments

Jason Wang (8):
  virtio: use virtio_reset_device() when possible
  virtio: introduce config op to synchronize vring callbacks
  virtio-pci: implement synchronize_cbs()
  virtio-mmio: implement synchronize_cbs()
  virtio-ccw: implement synchronize_cbs()
  virtio: allow to unbreak virtqueue
  virtio: harden vring IRQ
  virtio: use WARN_ON() to warning illegal status value

Stefano Garzarella (1):
  virtio: use virtio_device_ready() in virtio_device_restore()

 drivers/char/virtio_console.c              |  2 +-
 drivers/crypto/virtio/virtio_crypto_core.c |  2 +-
 drivers/s390/virtio/virtio_ccw.c           | 31 ++++++++++++++++--
 drivers/virtio/virtio.c                    | 24 ++++++++++----
 drivers/virtio/virtio_mmio.c               |  9 +++++
 drivers/virtio/virtio_pci_common.c         |  2 +-
 drivers/virtio/virtio_pci_common.h         |  2 ++
 drivers/virtio/virtio_pci_legacy.c         |  1 +
 drivers/virtio/virtio_pci_modern.c         |  2 ++
 drivers/virtio/virtio_ring.c               | 15 +++++----
 include/linux/virtio.h                     |  2 +-
 include/linux/virtio_config.h              | 38 +++++++++++++++++++++-
 12 files changed, 110 insertions(+), 20 deletions(-)

-- 
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ