| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <BN9PR11MB5276FC1759F1119C718802848C3E2@BN9PR11MB5276.namprd11.prod.outlook.com> Date: Wed, 11 Dec 2024 07:42:34 +0000 From: "Tian, Kevin" <kevin.tian@...el.com> To: Baolu Lu <baolu.lu@...ux.intel.com>, Joerg Roedel <joro@...tes.org>, "Will Deacon" <will@...nel.org>, Robin Murphy <robin.murphy@....com>, "Liu, Yi L" <yi.l.liu@...el.com> CC: "iommu@...ts.linux.dev" <iommu@...ts.linux.dev>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "stable@...r.kernel.org" <stable@...r.kernel.org> Subject: RE: [PATCH] iommu/vt-d: Remove cache tags before disabling ATS > From: Baolu Lu <baolu.lu@...ux.intel.com> > Sent: Wednesday, December 11, 2024 3:35 PM > > On 2024/12/11 15:21, Tian, Kevin wrote: > >> From: Lu Baolu<baolu.lu@...ux.intel.com> > >> Sent: Friday, November 29, 2024 10:05 AM > >> > >> The current implementation removes cache tags after disabling ATS, > >> leading to potential memory leaks and kernel crashes. Specifically, > >> CACHE_TAG_DEVTLB type cache tags may still remain in the list even > >> after the domain is freed, causing a use-after-free condition. > >> > >> This issue really shows up when multiple VFs from different PFs > >> passed through to a single user-space process via vfio-pci. In such > >> cases, the kernel may crash with kernel messages like: > > Is "multiple VFs from different PFs" the key to trigger the problem? > > This is the real test case that triggered this issue. It's definitely > not the only case that could trigger this issue. > it's the real test case but is a bit misleading when connecting it to the patch. 😊
Powered by blists - more mailing lists