| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aD5/AjaQQOKydUWz@yilunxu-OptiPlex-7050>
Date: Tue, 3 Jun 2025 12:50:10 +0800
From: Xu Yilun <yilun.xu@...ux.intel.com>
To: "Aneesh Kumar K.V" <aneesh.kumar@...nel.org>
Cc: kvm@...r.kernel.org, sumit.semwal@...aro.org, christian.koenig@....com,
pbonzini@...hat.com, seanjc@...gle.com, alex.williamson@...hat.com,
jgg@...dia.com, dan.j.williams@...el.com, aik@....com,
linux-coco@...ts.linux.dev, dri-devel@...ts.freedesktop.org,
linux-media@...r.kernel.org, linaro-mm-sig@...ts.linaro.org,
vivek.kasireddy@...el.com, yilun.xu@...el.com,
linux-kernel@...r.kernel.org, lukas@...ner.de, yan.y.zhao@...el.com,
daniel.vetter@...ll.ch, leon@...nel.org, baolu.lu@...ux.intel.com,
zhenzhong.duan@...el.com, tao1.su@...el.com,
linux-pci@...r.kernel.org, zhiw@...dia.com, simona.vetter@...ll.ch,
shameerali.kolothum.thodi@...wei.com, iommu@...ts.linux.dev,
kevin.tian@...el.com
Subject: Re: [RFC PATCH 20/30] vfio/pci: Do TSM Unbind before zapping bars
On Mon, Jun 02, 2025 at 07:30:15PM +0530, Aneesh Kumar K.V wrote:
> Xu Yilun <yilun.xu@...ux.intel.com> writes:
>
> > When device is TSM Bound, some of its MMIO regions are controlled by
> > secure firmware. E.g. TDX Connect would require these MMIO regions
> > mappeed in S-EPT and never unmapped until device Unbound. Zapping bars
> > irrespective of TSM Bound state may cause unexpected secure firmware
> > errors. It is always safe to do TSM Unbind first, transiting the device
> > to shared, then do whatever needed as before.
> >
> > Signed-off-by: Xu Yilun <yilun.xu@...ux.intel.com>
> > ---
> > drivers/vfio/pci/vfio_pci_config.c | 4 +++
> > drivers/vfio/pci/vfio_pci_core.c | 41 +++++++++++++++++++-----------
> > drivers/vfio/pci/vfio_pci_priv.h | 3 +++
> > 3 files changed, 33 insertions(+), 15 deletions(-)
> >
> > diff --git a/drivers/vfio/pci/vfio_pci_config.c b/drivers/vfio/pci/vfio_pci_config.c
> > index 7ac062bd5044..4ffe661c9e59 100644
> > --- a/drivers/vfio/pci/vfio_pci_config.c
> > +++ b/drivers/vfio/pci/vfio_pci_config.c
> > @@ -590,6 +590,7 @@ static int vfio_basic_config_write(struct vfio_pci_core_device *vdev, int pos,
> > new_mem = !!(new_cmd & PCI_COMMAND_MEMORY);
> >
> > if (!new_mem) {
> > + vfio_pci_tsm_unbind(vdev);
> > vfio_pci_zap_and_down_write_memory_lock(vdev);
> > vfio_pci_dma_buf_move(vdev, true);
> >
>
> For a secure device mmio range instead of vfio_pci_zap_and_down_write_memory_lock()
> -> unmap_mapping_range() we want the vfio_pci_dma_buf_move right?
Yes.
> Also is that expected to get called twice as below?
Yes for TDX Connect. First time zap the private MMIOs during unbind.
Second time block all mmio mapping.
Other platforms don't need these tsm handlers. They don't have this
awkwardness.
Thanks,
Yilun
>
> vfio_pci_tsm_unbind-> pci_tsm_unbind -> tdx_tsm_unbind ->
> tsm_handler->disable_mmio() -> vfio_pci_core_tsm_disable_mmio -> vfio_pci_dma_buf_move(vdev, true);
>
> -aneesh
Powered by blists - more mailing lists