lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <BN9PR11MB527682A9FBDDE82439A3F7E28CBF2@BN9PR11MB5276.namprd11.prod.outlook.com>
Date: Tue, 6 Aug 2024 02:59:53 +0000
From: "Tian, Kevin" <kevin.tian@...el.com>
To: Nicolin Chen <nicolinc@...dia.com>
CC: "jgg@...dia.com" <jgg@...dia.com>, "Liu, Yi L" <yi.l.liu@...el.com>,
	"iommu@...ts.linux.dev" <iommu@...ts.linux.dev>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH] iommufd/device: Enforce reserved IOVA also when attached
 to hwpt_nested

> From: Nicolin Chen <nicolinc@...dia.com>
> Sent: Tuesday, August 6, 2024 2:04 AM
> 
> On Mon, Aug 05, 2024 at 07:40:45AM +0000, Tian, Kevin wrote:
> > > From: Nicolin Chen <nicolinc@...dia.com>
> > > Sent: Friday, August 2, 2024 1:35 PM
> > >
> > >  static int
> > > -iommufd_group_do_replace_paging(struct iommufd_group *igroup,
> > > -                             struct iommufd_hwpt_paging *hwpt_paging)
> > > +iommufd_group_do_replace_reserved_iova(struct iommufd_group
> *igroup,
> > > +                                    struct iommufd_hw_pagetable *hwpt)
> > >  {
> > > +     struct iommufd_hwpt_paging *hwpt_paging =
> > > to_hwpt_paging(hwpt);
> > >       struct iommufd_hw_pagetable *old_hwpt = igroup->hwpt;
> > >       struct iommufd_device *cur;
> > >       int rc;
> > >
> > >       lockdep_assert_held(&igroup->lock);
> > >
> > > -     if (!hwpt_is_paging(old_hwpt) ||
> > > -         hwpt_paging->ioas != to_hwpt_paging(old_hwpt)->ioas) {
> > > +     if (!hwpt_paging)
> > > +             return 0;
> > > +
> > > +     if (iommufd_hw_pagetable_compare_ioas(old_hwpt, hwpt)) {
> >
> > hmm this change is broken. In this helper:
> >
> >         if (!old_hwpt_paging || !new_hwpt_paging)
> >                 return false;
> >         return old_hwpt_paging->ioas != new_hwpt_paging->ioas;
> >
> > Obviously the original code wants to enforce reserved regions if
> > new_hwpt is paging && old_hwpt is not paging, but this change
> > skips this scenario.
> 
> Hmm..I think that is the intention of this patch?
> 
> The original code does that because it didn't enforce reserved
> region (to the parent paging hwpt) when attaching the group to
> a nested one. Now, it does. So, we basically check whether the
> associated ioas has changed or not. Right?
> 

that is too much tied to nested vs. paging type. In case a new
type comes w/o parent/ioas in the future, above will be broken.

IMHO to_hwpt_paging() already resolves the problem about
nested parent while the original code above appears to be
more future proof (w/ the enhanced to_hwpt_paging()), i.e. 
adding reserved region to the new hwpt w/ ioas as long as
old/new hwpts don't belong to a same ioas (including the case
where old has no ioas), instead of adding reserved region 
only when both old/new have an ioas but different. 😊

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ