lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20241029190941.GN209124@nvidia.com>
Date: Tue, 29 Oct 2024 16:09:41 -0300
From: Jason Gunthorpe <jgg@...dia.com>
To: Nicolin Chen <nicolinc@...dia.com>
Cc: kevin.tian@...el.com, will@...nel.org, joro@...tes.org,
	suravee.suthikulpanit@....com, robin.murphy@....com,
	dwmw2@...radead.org, baolu.lu@...ux.intel.com, shuah@...nel.org,
	linux-kernel@...r.kernel.org, iommu@...ts.linux.dev,
	linux-arm-kernel@...ts.infradead.org,
	linux-kselftest@...r.kernel.org, eric.auger@...hat.com,
	jean-philippe@...aro.org, mdf@...nel.org, mshavit@...gle.com,
	shameerali.kolothum.thodi@...wei.com, smostafa@...gle.com,
	yi.l.liu@...el.com, aik@....com, zhangfei.gao@...aro.org,
	patches@...ts.linux.dev
Subject: Re: [PATCH v5 05/13] iommufd: Allow hwpt_id to carry viommu_id for
 IOMMU_HWPT_INVALIDATE

On Fri, Oct 25, 2024 at 04:50:34PM -0700, Nicolin Chen wrote:
> @@ -497,17 +497,35 @@ int iommufd_hwpt_invalidate(struct iommufd_ucmd *ucmd)
>  		goto out;
>  	}
>  
> -	hwpt = iommufd_get_hwpt_nested(ucmd, cmd->hwpt_id);
> -	if (IS_ERR(hwpt)) {
> -		rc = PTR_ERR(hwpt);
> +	pt_obj = iommufd_get_object(ucmd->ictx, cmd->hwpt_id, IOMMUFD_OBJ_ANY);
> +	if (IS_ERR(pt_obj)) {
> +		rc = PTR_ERR(pt_obj);
>  		goto out;
>  	}
> +	if (pt_obj->type == IOMMUFD_OBJ_HWPT_NESTED) {
> +		struct iommufd_hw_pagetable *hwpt =
> +			container_of(pt_obj, struct iommufd_hw_pagetable, obj);
> +
> +		rc = hwpt->domain->ops->cache_invalidate_user(hwpt->domain,
> +							      &data_array);
> +	} else if (pt_obj->type == IOMMUFD_OBJ_VIOMMU) {
> +		struct iommufd_viommu *viommu =
> +			container_of(pt_obj, struct iommufd_viommu, obj);
> +
> +		if (!viommu->ops || !viommu->ops->cache_invalidate) {
> +			rc = -EOPNOTSUPP;
> +			goto out_put_pt;
> +		}
> +		rc = viommu->ops->cache_invalidate(viommu, &data_array);
> +	} else {
> +		rc = -EINVAL;
> +		goto out_put_pt;
> +	}

Given the test in iommufd_viommu_alloc_hwpt_nested() is:

	if (WARN_ON_ONCE(hwpt->domain->type != IOMMU_DOMAIN_NESTED ||
			 (!viommu->ops->cache_invalidate &&
			  !hwpt->domain->ops->cache_invalidate_user)))
			  {

We will crash if the user passes a viommu allocated domain as
IOMMUFD_OBJ_HWPT_NESTED since the above doesn't check it.

I suggest we put the required if (ops..) -EOPNOTSUPP above and remove
the ops->cache_invalidate checks from both WARN_ONs.

Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ