| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3aa28716-9d91-321a-0e52-58ae425ac598@linux.intel.com>
Date: Wed, 31 Aug 2022 08:57:05 +0800
From: Baolu Lu <baolu.lu@...ux.intel.com>
To: Jacob Pan <jacob.jun.pan@...ux.intel.com>,
LKML <linux-kernel@...r.kernel.org>, iommu@...ts.linux.dev,
x86@...nel.org, Joerg Roedel <joro@...tes.org>
Cc: baolu.lu@...ux.intel.com, Raj Ashok <ashok.raj@...el.com>,
Thomas Gleixner <tglx@...utronix.de>,
Dave Hansen <dave.hansen@...el.com>,
Borislav Petkov <bp@...en8.de>, Ingo Molnar <mingo@...hat.com>,
"Tian, Kevin" <kevin.tian@...el.com>, Yi Liu <yi.l.liu@...el.com>
Subject: Re: [PATCH 2/2] iommu: Use the user PGD for SVA if PTI is enabled
On 8/23/22 4:12 AM, Jacob Pan wrote:
> With page table isolation, the kernel manages two sets of page tables
> for each process: one for user one for kernel. When enabling SVA, the
> current x86 IOMMU drivers bind device and PASID with the kernel copy
> of the process page table.
>
> While there is no known "Meltdown" type of DMA attack, exposing
> kernel mapping to DMA intended for userspace makes the system vulnerable
> unnecessarily. It also breaks the intention of PTI.
>
> This patch replaces kernel page table PGD with the user counterpart,
> thus fulfill the promise of PTI on the DMA side.
>
> Signed-off-by: Jacob Pan<jacob.jun.pan@...ux.intel.com>
Reviewed-by: Lu Baolu <baolu.lu@...ux.intel.com>
Best regards,
baolu
Powered by blists - more mailing lists