lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <6c2193a3-02f7-4374-bc64-e9dde471da44@nvidia.com>
Date: Sun, 27 Apr 2025 18:47:09 -0700
From: Tushar Dave <tdave@...dia.com>
To: Jason Gunthorpe <jgg@...dia.com>
Cc: Vasant Hegde <vasant.hegde@....com>, Baolu Lu <baolu.lu@...ux.intel.com>,
 joro@...tes.org, will@...nel.org, robin.murphy@....com,
 kevin.tian@...el.com, yi.l.liu@...el.com, iommu@...ts.linux.dev,
 linux-kernel@...r.kernel.org, linux-pci@...r.kernel.org,
 stable@...r.kernel.org
Subject: Re: [PATCH rc] iommu: Skip PASID validation for devices without PASID
 capability



On 4/25/25 05:00, Jason Gunthorpe wrote:
> On Thu, Apr 24, 2025 at 05:49:20PM -0700, Tushar Dave wrote:
> 
>> In the above topology, we setup ACS flags on DSP 0008:02:03.0 and
>> 0008:02:00.0 to achieve desired p2p configuration for GPU and DMA-PF.
>> Apparently, this creates multi-device group with GPU being only device with
>> PASID support in that group. In this case, set_dev_pasid() ops invoked for
>> each device within the group with pasid=1 and doesn't fail.
> 
> Hurm, it doesn't fail, but it corrupts memory in the driver :\
> 
> int arm_smmu_set_pasid(struct arm_smmu_master *master,
> 		       struct arm_smmu_domain *smmu_domain, ioasid_t pasid,
> 		       struct arm_smmu_cd *cd, struct iommu_domain *old)
> {
> 	struct iommu_domain *sid_domain = iommu_get_domain_for_dev(master->dev);
> 	struct arm_smmu_attach_state state = {
> 		.master = master,
> 		.ssid = pasid,
> 		.old_domain = old,
> 	};
> 	struct arm_smmu_cd *cdptr;
> 	int ret;
> 
> 	/* The core code validates pasid */
>                  ^^^^^^^^^^
> 
> Which is not true after this patch.
> 
> The core code may not call the driver's set_pasid() function with a PASID
> larger than that specific device's device->dev->iommu->max_pasids

Yup. And I should be adding similar check (i.e. max_pasid > 0 ) before invoking 
set_dev_pasid and remove_dev_pasid (as Kevin already asked earlier).
I can do that in v2.

-Tushar

> 
> Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ