| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241016141218.GO3559746@nvidia.com> Date: Wed, 16 Oct 2024 11:12:18 -0300 From: Jason Gunthorpe <jgg@...dia.com> To: Suravee Suthikulpanit <suravee.suthikulpanit@....com> Cc: linux-kernel@...r.kernel.org, iommu@...ts.linux.dev, joro@...tes.org, robin.murphy@....com, vasant.hegde@....com, kevin.tian@...el.com, jon.grimm@....com, santosh.shukla@....com, pandoh@...gle.com, kumaranand@...gle.com Subject: Re: [PATCH v6 5/9] iommu/amd: Modify set_dte_entry() to use 256-bit DTE helpers On Wed, Oct 16, 2024 at 05:17:52AM +0000, Suravee Suthikulpanit wrote: > /* > * When SNP is enabled, Only set TV bit when IOMMU > * page translation is in use. > */ > if (!amd_iommu_snp_en || (domid != 0)) > + new.data[0] |= DTE_FLAG_TV; This one still doesn't seem quite right.. Since the blocking domain path now uses make_clear_dte(), the only time we'd get here is for IDENTITY, Except SNP does not support identity: if (amd_iommu_snp_en && (type == IOMMU_DOMAIN_IDENTITY)) return ERR_PTR(-EINVAL); So this is impossible code. /* SNP is not allowed to use identity */ WARN_ON(amd_iommu_snp_en && domid == 0) ?? I guess the original introduction got the rational wrong it should have been "Use TV=0 instead of TV=1/IR=0/IW=0 for BLOCKED/cleared domains because SNP does not support TV=1/Mode=0 at all. IDENTITY is already disabled." Jason
Powered by blists - more mailing lists