| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 19 Oct 2022 19:02:19 +0530
From: Vinod Koul <vkoul@...nel.org>
To: Fenghua Yu <fenghua.yu@...el.com>
Cc: Arjan Van De Ven <arjan.van.de.ven@...el.com>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Dave Jiang <dave.jiang@...el.com>,
Lu Baolu <baolu.lu@...ux.intel.com>,
Jacob Pan <jacob.jun.pan@...ux.intel.com>,
dmaengine@...r.kernel.org,
linux-kernel <linux-kernel@...r.kernel.org>,
stable@...r.kernel.org
Subject: Re: [PATCH v2] dmaengine: idxd: Do not enable user type Work Queue
without Shared Virtual Addressing
On 14-10-22, 15:25, Fenghua Yu wrote:
> When the idxd_user_drv driver is bound to a Work Queue (WQ) device
> without IOMMU or with IOMMU Passthrough without Shared Virtual
> Addressing (SVA), the application gains direct access to physical
> memory via the device by programming physical address to a submitted
> descriptor. This allows direct userspace read and write access to
> arbitrary physical memory. This is inconsistent with the security
> goals of a good kernel API.
>
> Unlike vfio_pci driver, the IDXD char device driver does not provide any
> ways to pin user pages and translate the address from user VA to IOVA or
> PA without IOMMU SVA. Therefore the application has no way to instruct the
> device to perform DMA function. This makes the char device not usable for
> normal application usage.
>
> Since user type WQ without SVA cannot be used for normal application usage
> and presents the security issue, bind idxd_user_drv driver and enable user
> type WQ only when SVA is enabled (i.e. user PASID is enabled).
Applied, thanks
--
~Vinod
Powered by blists - more mailing lists