lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Mon, 19 Feb 2024 00:40:41 +0000
From: "Tian, Kevin" <kevin.tian@...el.com>
To: Joao Martins <joao.m.martins@...cle.com>, "Liu, Yi L" <yi.l.liu@...el.com>
CC: "alex.williamson@...hat.com" <alex.williamson@...hat.com>,
	"robin.murphy@....com" <robin.murphy@....com>, "eric.auger@...hat.com"
	<eric.auger@...hat.com>, "nicolinc@...dia.com" <nicolinc@...dia.com>,
	"kvm@...r.kernel.org" <kvm@...r.kernel.org>, "chao.p.peng@...ux.intel.com"
	<chao.p.peng@...ux.intel.com>, "yi.y.sun@...ux.intel.com"
	<yi.y.sun@...ux.intel.com>, "iommu@...ts.linux.dev" <iommu@...ts.linux.dev>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"linux-kselftest@...r.kernel.org" <linux-kselftest@...r.kernel.org>, "Duan,
 Zhenzhong" <zhenzhong.duan@...el.com>, "jgg@...dia.com" <jgg@...dia.com>,
	"joro@...tes.org" <joro@...tes.org>, "baolu.lu@...ux.intel.com"
	<baolu.lu@...ux.intel.com>
Subject: RE: [PATCH] iommu/vt-d: Set SSADE when attaching to a parent with
 dirty tracking

> From: Joao Martins <joao.m.martins@...cle.com>
> Sent: Friday, February 9, 2024 6:36 PM
> 
> On 08/02/2024 10:31, Joao Martins wrote:
> > On 08/02/2024 09:14, Yi Liu wrote:
> >> Should set the SSADE (Second Stage Access/Dirty bit Enable) bit of the
> >> pasid entry when attaching a device to a nested domain if its parent
> >> has already enabled dirty tracking.
> >>
> >> Fixes: 111bf85c68f6 ("iommu/vt-d: Add helper to setup pasid nested
> translation")
> >> Signed-off-by: Yi Liu <yi.l.liu@...el.com>
> >
> > Reviewed-by: Joao Martins <joao.m.martins@...cle.com>
> >
> On a second thought, while the patch looks fine if this is what we wanna do,
> just a quick clarification on the why (that's also applicable to the last patch
> of your other series[0]). I am sure I am missing something :)
> 
> Shouldn't the nested domain be subdued to whatever features guest idea of
> ecap/cap instead of host's view? Or is this because guest first-stage page
> table
> on Intel is supposed to be always-enabled dirty tracking (per SDM) ? If it's the
> latter, it probably should be sprinkled in the commit message(s).
> 
> [0] https://lore.kernel.org/linux-iommu/20240208082307.15759-9-
> yi.l.liu@...el.com/
> 

first-stage dirty tracking is always enabled. but the real point here is
that the host has enabled dirty-tracking in second-stage so when 
a device is attached to a nested domain on top of that second-stage
we should set SSADE in the pasid entry for that device.

even if there is a guest ecap/cap for first-stage dirty tracking that
shouldn't affect the host setting for second-stage which is invisible
to the guest.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ