lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 4 Dec 2023 17:15:06 +0100
From:   Halil Pasic <pasic@...ux.ibm.com>
To:     Christian Borntraeger <borntraeger@...ux.ibm.com>
Cc:     Tony Krowiak <akrowiak@...ux.ibm.com>, linux-s390@...r.kernel.org,
        linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
        jjherne@...ux.ibm.com, alex.williamson@...hat.com,
        kwankhede@...dia.com, frankja@...ux.ibm.com,
        imbrenda@...ux.ibm.com, david@...hat.com,
        Halil Pasic <pasic@...ux.ibm.com>,
        Reinhard Buendgen <BUENDGEN@...ibm.com>
Subject: Re: [PATCH] s390/vfio-ap: handle response code 01 on queue reset

On Mon, 4 Dec 2023 16:16:31 +0100
Christian Borntraeger <borntraeger@...ux.ibm.com> wrote:

> Am 04.12.23 um 15:53 schrieb Tony Krowiak:
> > 
> > 
> > On 11/29/23 12:12, Christian Borntraeger wrote:  
> >> Am 29.11.23 um 15:35 schrieb Tony Krowiak:  
> >>> In the current implementation, response code 01 (AP queue number not valid)
> >>> is handled as a default case along with other response codes returned from
> >>> a queue reset operation that are not handled specifically. Barring a bug,
> >>> response code 01 will occur only when a queue has been externally removed
> >>> from the host's AP configuration; nn this case, the queue must
> >>> be reset by the machine in order to avoid leaking crypto data if/when the
> >>> queue is returned to the host's configuration. The response code 01 case
> >>> will be handled specifically by logging a WARN message followed by cleaning
> >>> up the IRQ resources.
> >>>  
> >>
> >> To me it looks like this can be triggered by the LPAR admin, correct? So it
> >> is not desireable but possible.
> >> In that case I prefer to not use WARN, maybe use dev_warn or dev_err instead.
> >> WARN can be a disruptive event if panic_on_warn is set.  
> > 
> > Yes, it can be triggered by the LPAR admin. I can't use dev_warn here because we don't have a reference to any device, but I can use pr_warn if that suffices.  
> 
> Ok, please use pr_warn then.

Shouldn't we rather make this an 'info'. I mean we probably do not want
people complaining about this condition. Yes it should be a best practice
to coordinate such things with the guest, and ideally remove the resource
from the guest first. But AFAIU our stack is supposed to be able to
handle something like this. IMHO issuing a warning is excessive measure.
I know Reinhard and Tony probably disagree with the last sentence
though. 

Regards,
Halil

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ