lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20250826184858.GI2130239@nvidia.com>
Date: Tue, 26 Aug 2025 15:48:58 -0300
From: Jason Gunthorpe <jgg@...dia.com>
To: "Suthikulpanit, Suravee" <suravee.suthikulpanit@....com>
Cc: linux-kernel@...r.kernel.org, joro@...tes.org, kevin.tian@...el.com,
	vasant.hegde@....com, iommu@...ts.linux.dev, santosh.shukla@....com,
	sairaj.arunkodilkar@....com, jon.grimm@....com,
	prashanthpra@...gle.com, wvw@...gle.com, wnliu@...gle.com,
	gptran@...gle.com, kpsingh@...gle.com
Subject: Re: [PATCH] iommu/amd: Add support for hw_info for iommu capability
 query

On Tue, Aug 26, 2025 at 01:43:59PM -0500, Suthikulpanit, Suravee wrote:
> 
> 
> On 8/26/2025 12:58 PM, Jason Gunthorpe wrote:
> > On Tue, Aug 26, 2025 at 12:36:23PM -0500, Suthikulpanit, Suravee wrote:
> > > > I think you should probably just pass the raw HW value through and
> > > > require the VMM to figure out what bits it needs based on feature
> > > > flags elsewhere.
> > > 
> > > The problem is some of the features are virtualized by hardware, which needs
> > > enabling from the Linux AMD IOMMU driver. We cannot just provide all flags
> > > since VMM would not know if the kernel has the support enabled.
> > 
> > The VMM is not supposed to forward these flags as-is! It is sort of
> > some kind of maximum what the underlying HW can support.
> > 
> > If you forward as-is then the VMM will forward broken flags it doesn't
> > support when the kernel gets updated, that isn't OK.
> 
> I got this part. That's why we mask out unsupported feature flags before
> returning the EFR/EFR2 to the VMM.

The kernel can't do anything on behalf of the VMM, it doesn't know
what the VMM even supports emulating.

The VMM alone is responsible to build the efr/efr2 values. The VMM may
choose to copy only some bits from the kernel, but only if it knows it
can support whatever it is copying.

> > Each and every feature the VMM wants to show in the EFR has to figured
> > out on its own if it can be supported based on other kernel features.
> > 
> > The utility of the get_info return is for HW features that don't
> > require any special kernel enablement.
> 
> Not sure if I got this part. Are you referring to the struct
> vfio_iommu_type1_info and vfio_iommu_type1_get_info()?

Sorry hw_info.

Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ