| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250220232407.GH50639@nvidia.com>
Date: Thu, 20 Feb 2025 19:24:07 -0400
From: Jason Gunthorpe <jgg@...dia.com>
To: Nicolin Chen <nicolinc@...dia.com>
Cc: robin.murphy@....com, will@...nel.org, kevin.tian@...el.com,
corbet@....net, joro@...tes.org, suravee.suthikulpanit@....com,
dwmw2@...radead.org, baolu.lu@...ux.intel.com, shuah@...nel.org,
linux-kernel@...r.kernel.org, iommu@...ts.linux.dev,
linux-arm-kernel@...ts.infradead.org,
linux-kselftest@...r.kernel.org, linux-doc@...r.kernel.org,
eric.auger@...hat.com, jean-philippe@...aro.org, mdf@...nel.org,
mshavit@...gle.com, shameerali.kolothum.thodi@...wei.com,
smostafa@...gle.com, ddutile@...hat.com, yi.l.liu@...el.com,
patches@...ts.linux.dev
Subject: Re: [PATCH v6 13/14] iommu/arm-smmu-v3: Report events that belong to
devices attached to vIOMMU
On Thu, Feb 20, 2025 at 12:45:46PM -0800, Nicolin Chen wrote:
> ------------------------------------------------------------
> diff --git a/include/uapi/linux/iommufd.h b/include/uapi/linux/iommufd.h
> index fd2f13a63f27..be9746ecdc65 100644
> --- a/include/uapi/linux/iommufd.h
> +++ b/include/uapi/linux/iommufd.h
> @@ -1067,7 +1067,16 @@ enum iommu_veventq_type {
> * struct iommu_vevent_arm_smmuv3 - ARM SMMUv3 Virtual Event
> * (IOMMU_VEVENTQ_TYPE_ARM_SMMUV3)
> * @evt: 256-bit ARM SMMUv3 Event record, little-endian.
> - * (Refer to "7.3 Event records" in SMMUv3 HW Spec)
> + * Reported event records: (Refer to "7.3 Event records" in SMMUv3 HW Spec)
> + * - 0x02 C_BAD_STREAMID
This is documented as 'Transaction StreamID out of range.' so it would
by a hypervisor kernel bug to hit it
> + * - 0x04 C_BAD_STE
I'm not sure we do enough validation to reject all bad STE fragments
so it makes sense this could happen.
> + * - 0x06 F_STREAM_DISABLED
This looked guest triggerable to me.. so it makes sense
> + * - 0x08 C_BAD_SUBSTREAMID
> + * - 0x0a C_BAD_STE
Typo, this is C_BAD_CD
> + * - 0x10 F_TRANSLATION
> + * - 0x11 F_ADDR_SIZE
> + * - 0x12 F_ACCESS
> + * - 0x13 F_PERMISSION
List makes sense to me otherwise
> But F_CD_FETCH and F_STE_FETCH seem to be complicated here, as both
F_STE_FETCH would indicate a hypervisor failure managing the stream
table so no need to forward it.
> report PA in their FetchAddr fields, although the spec does mention
> both might be injected to a guest VM:
> - "Note: This event might be injected into a guest VM, as though
> from a virtual SMMU, when a hypervisor receives a stage 2
> Translation-related fault indicating CD fetch as a cause (with
> CLASS == CD)."
That sounds like the VMM should be catching the
F_TRANSLATION and convert it for the CLASS=CD
> For F_CD_FETCH, at least the CD table pointer in the nested STE is
> an IPA, and all the entries in the CD table that can be 2-level are
> IPAs as well. So, we need some kinda reverse translation from a PA
> to IPA using its stage-2 mapping. I am not sure what's the best way
> to do that...
And if the F_TRANSLATION covers the case then maybe this just stays in
the hypervisor?
> Otherwise, perhaps not-supporting them in this series might be a
> safer bet?
Yeah, I would consider skipping F_CD_FETCH. May also just try it out
and see what events come out on a CD fetch failure..
Jason
Powered by blists - more mailing lists