| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 4 Aug 2023 10:12:45 -0300
From: Jason Gunthorpe <jgg@...pe.ca>
To: Baolu Lu <baolu.lu@...ux.intel.com>
Cc: "Tian, Kevin" <kevin.tian@...el.com>,
Joerg Roedel <joro@...tes.org>, Will Deacon <will@...nel.org>,
Robin Murphy <robin.murphy@....com>,
Jean-Philippe Brucker <jean-philippe@...aro.org>,
Nicolin Chen <nicolinc@...dia.com>,
"Liu, Yi L" <yi.l.liu@...el.com>,
Jacob Pan <jacob.jun.pan@...ux.intel.com>,
"iommu@...ts.linux.dev" <iommu@...ts.linux.dev>,
"kvm@...r.kernel.org" <kvm@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 0/2] iommu: Make pasid array per device
On Fri, Aug 04, 2023 at 10:30:12AM +0800, Baolu Lu wrote:
> On 2023/8/4 10:20, Baolu Lu wrote:
> > On 2023/8/3 23:18, Jason Gunthorpe wrote:
> > > On Thu, Aug 03, 2023 at 12:44:03AM +0000, Tian, Kevin wrote:
> > > > > From: Jason Gunthorpe<jgg@...pe.ca>
> > > > > Sent: Wednesday, August 2, 2023 10:16 PM
> > > > >
> > > > > On Tue, Aug 01, 2023 at 02:31:23PM +0800, Lu Baolu wrote:
> > > > > > The PCI PASID enabling interface guarantees that the
> > > > > > address space used
> > > > > > by each PASID is unique. This is achieved by checking that the PCI ACS
> > > > > > path is enabled for the device. If the path is not enabled, then the
> > > > > > PASID feature cannot be used.
> > > > > >
> > > > > > if (!pci_acs_path_enabled(pdev, NULL, PCI_ACS_RR | PCI_ACS_UF))
> > > > > > return -EINVAL;
> > > > > >
> > > > > > The PASID array is not an attribute of the IOMMU group. It is more
> > > > > > natural to store the PASID array in the per-device IOMMU data. This
> > > > > > makes the code clearer and easier to understand. No functional changes
> > > > > > are intended.
> > > > > Is there a reason to do this?
> > > > >
> > > > > *PCI* requires the ACS/etc because PCI kind of messed up how switches
> > > > > handled PASID so PASID doesn't work otherwise.
> > > > >
> > > > > But there is nothing that says other bus type can't have working
> > > > > (non-PCI) PASID and still have device isolation issues.
> > > > >
> > > > > So unless there is a really strong reason to do this we should keep
> > > > > the PASID list in the group just like the domain.
> > > > >
> > > > this comes from the consensus in [1].
> > > >
> > > > [1]https://lore.kernel.org/linux-iommu/ZAcyEzN4102gPsWC@nvidia.com/
> > > That consensus was that we don't have PASID support if there is
> > > multi-device groups, at least in iommufd.. That makes sense. If we
> > > want to change the core code to enforce this that also makes sense
> >
> > In my initial plan, I had a third patch that would have enforced single-
> > device groups for PASID interfaces in the core. But I ultimately dropped
> > it because it is the fact for PCI devices, but I am not sure about other
> > buses although perhaps there is none.
> >
> > > But this series is just moving the array?
> >
> > So I took the first step by moving the pasid_array from iommu group to
> > the device. 😄
>
> In my mind, iommu_group was introduced to solve the PCI alias and P2P
> transactions which bypass IOMMU translation. When we enter the PASID
> world, the architecture should disallow these anymore. Hence, it's safe
> to move pasid_array to device.
>
> This was the motivation of this series.
I think you should add a protection as well, directly prevent
multi-device groups being used with pasid.
Jason
Powered by blists - more mailing lists