lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1652282533-21502-1-git-send-email-quic_jhugo@quicinc.com>
Date:   Wed, 11 May 2022 09:22:11 -0600
From:   Jeffrey Hugo <quic_jhugo@...cinc.com>
To:     <kys@...rosoft.com>, <haiyangz@...rosoft.com>,
        <sthemmin@...rosoft.com>, <wei.liu@...nel.org>,
        <decui@...rosoft.com>, <lorenzo.pieralisi@....com>,
        <robh@...nel.org>, <kw@...ux.com>, <bhelgaas@...gle.com>
CC:     <jakeo@...rosoft.com>, <dazhan@...rosoft.com>,
        <linux-hyperv@...r.kernel.org>, <linux-pci@...r.kernel.org>,
        <linux-kernel@...r.kernel.org>,
        Jeffrey Hugo <quic_jhugo@...cinc.com>
Subject: [PATCH v2 0/2] hyperv compose_msi_msg fixups

While multi-MSI appears to work with pci-hyperv.c, there was a concern about
how linux was doing the ITRE allocations.  Patch 2 addresses the concern.

However, patch 2 exposed an issue with how compose_msi_msg() was freeing a
previous allocation when called for the Nth time.  Imagine a driver using
pci_alloc_irq_vectors() to request 32 MSIs.  This would cause compose_msi_msg()
to be called 32 times, once for each MSI.  With patch 2, MSI0 would allocate
the ITREs needed, and MSI1-31 would use the cached information.  Then the driver
uses request_irq() on MSI1-17.  This would call compose_msi_msg() again on those
MSIs, which would again use the cached information.  Then unmask() would be
called to retarget the MSIs to the right VCPU vectors.  Finally, the driver
calls request_irq() on MSI0.  This would call conpose_msi_msg(), which would
free the block of 32 MSIs, and allocate a new block.  This would undo the
retarget of MSI1-17, and likely leave those MSIs targeting invalid VCPU vectors.
This is addressed by patch 1, which is introduced first to prevent a regression.

Jeffrey Hugo (2):
  PCI: hv: Reuse existing ITRE allocation in compose_msi_msg()
  PCI: hv: Fix interrupt mapping for multi-MSI

 drivers/pci/controller/pci-hyperv.c | 76 ++++++++++++++++++++++++++++---------
 1 file changed, 59 insertions(+), 17 deletions(-)

-- 
2.7.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ