lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20241016141218.GO3559746@nvidia.com>
Date: Wed, 16 Oct 2024 11:12:18 -0300
From: Jason Gunthorpe <jgg@...dia.com>
To: Suravee Suthikulpanit <suravee.suthikulpanit@....com>
Cc: linux-kernel@...r.kernel.org, iommu@...ts.linux.dev, joro@...tes.org,
	robin.murphy@....com, vasant.hegde@....com, kevin.tian@...el.com,
	jon.grimm@....com, santosh.shukla@....com, pandoh@...gle.com,
	kumaranand@...gle.com
Subject: Re: [PATCH v6 5/9] iommu/amd: Modify set_dte_entry() to use 256-bit
 DTE helpers

On Wed, Oct 16, 2024 at 05:17:52AM +0000, Suravee Suthikulpanit wrote:
>  	/*
>  	 * When SNP is enabled, Only set TV bit when IOMMU
>  	 * page translation is in use.
>  	 */
>  	if (!amd_iommu_snp_en || (domid != 0))
> +		new.data[0] |= DTE_FLAG_TV;

This one still doesn't seem quite right..

Since the blocking domain path now uses make_clear_dte(), the only
time we'd get here is for IDENTITY,

Except SNP does not support identity:

	if (amd_iommu_snp_en && (type == IOMMU_DOMAIN_IDENTITY))
		return ERR_PTR(-EINVAL);

So this is impossible code.

  /* SNP is not allowed to use identity */
  WARN_ON(amd_iommu_snp_en && domid == 0)

??

I guess the original introduction got the rational wrong it should
have been "Use TV=0 instead of TV=1/IR=0/IW=0 for BLOCKED/cleared
domains because SNP does not support TV=1/Mode=0 at all. IDENTITY is
already disabled."

Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ