| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250910142110.GE882933@ziepe.ca> Date: Wed, 10 Sep 2025 11:21:10 -0300 From: Jason Gunthorpe <jgg@...pe.ca> To: Arto Merilainen <amerilainen@...dia.com> Cc: "Aneesh Kumar K.V (Arm)" <aneesh.kumar@...nel.org>, linux-pci@...r.kernel.org, linux-kernel@...r.kernel.org, aik@....com, lukas@...ner.de, Samuel Ortiz <sameo@...osinc.com>, Xu Yilun <yilun.xu@...ux.intel.com>, Suzuki K Poulose <Suzuki.Poulose@....com>, Steven Price <steven.price@....com>, Catalin Marinas <catalin.marinas@....com>, Marc Zyngier <maz@...nel.org>, Will Deacon <will@...nel.org>, Oliver Upton <oliver.upton@...ux.dev>, kvmarm@...ts.linux.dev, linux-coco@...ts.linux.dev Subject: Re: [RFC PATCH v1 34/38] coco: guest: arm64: Validate mmio range found in the interface report On Wed, Sep 10, 2025 at 08:47:43AM +0300, Arto Merilainen wrote: > This creates a tricky problem given that RSI_VDEV_VALIDATE_MAPPING requires > both the ipa_base and pa_base which should correspond to the same location. > In above scenario, the PA of the first range would correspond to the BAR > base whereas the second range would correspond to a location residing after > the MSI-X table. This seems like a defect in the RSI_VDEV_VALIDATE_MAPPING - it should be able to consume the same format of data that the tdisp report emits to validate it. >From a kernel side we also should be careful that the driver isn't tricked into mapping MMIO that is not secure when it should be. Presumably all the default io access functions should demand secure memory in T=1 mode, and special ones like the MSI-X code would have some special version to accept either? Jason
Powered by blists - more mailing lists