lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4c07d54f-6c6c-47be-9e5a-3cff8162dd3b@linux.intel.com>
Date: Tue, 9 Apr 2024 09:53:26 +0800
From: Baolu Lu <baolu.lu@...ux.intel.com>
To: Jason Gunthorpe <jgg@...dia.com>
Cc: baolu.lu@...ux.intel.com, Kevin Tian <kevin.tian@...el.com>,
 Joerg Roedel <joro@...tes.org>, Will Deacon <will@...nel.org>,
 Robin Murphy <robin.murphy@....com>,
 Jean-Philippe Brucker <jean-philippe@...aro.org>,
 Nicolin Chen <nicolinc@...dia.com>, Yi Liu <yi.l.liu@...el.com>,
 Jacob Pan <jacob.jun.pan@...ux.intel.com>,
 Joel Granados <j.granados@...sung.com>, iommu@...ts.linux.dev,
 virtualization@...ts.linux-foundation.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v4 1/9] iommu: Introduce domain attachment handle

On 4/8/24 10:05 PM, Jason Gunthorpe wrote:
>> void iommufd_fault_domain_detach_dev(struct iommufd_hw_pagetable *hwpt,
>>                                       struct iommufd_device *idev)
>>   {
>> +       struct iommufd_fault *fault = hwpt->fault;
>> +       struct iommu_attach_handle *handle;
>> +
>>          if (WARN_ON(!hwpt->fault_capable))
>>                  return;
>>
>> +       handle = iommu_attach_handle_get(idev->igroup->group,
>> IOMMU_NO_PASID);
>>          iommu_detach_group(hwpt->domain, idev->igroup->group);
>>          iommufd_fault_iopf_disable(idev);
> But is this right? Couldn't there be PASID's doing PRI?

As far as I can see, there are two types of user PASID.

1. When a device is assigned to userspace, the PASID table is managed by
    the userspace.

    Userspace doesn't need PASID attach/detach/replace uAPIs in this
    scenario. All I/O page faults are directed to userspace through the
    hw pagetable attached to the RID.

    If hw pagetable is detached from the RID, or a non-iopf-capable
    hw pagetable is attached the RID, the PRI for user PASID is already
    broken.

2. When a device is assigned to userspace, the PASID table is managed by
    the host kernel. Userspace then needs PASID attach/detach/replace
    uAPIs to manage the hw page table for each PASID. Each PASID has its
    own hw page table for handling I/O page faults.

    Here, disabling PRI is only safe after all iopf-capable hw page
    tables for both the RID and all PASIDs are detached.

    The current code base doesn't yet support PASID attach/detach/replace
    uAPIs. Therefore, above code is safe and reasonable. However, we will
    need to revisit this code when those APIs become available.

Please correct me if my understanding is incorrect.

Best regards,
baolu

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ