lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <9792396a-ba1d-4d69-a24b-472609e08d1d@amd.com>
Date: Mon, 20 Oct 2025 18:17:29 -0500
From: "Suthikulpanit, Suravee" <suravee.suthikulpanit@....com>
To: Jason Gunthorpe <jgg@...dia.com>
Cc: nicolinc@...dia.com, linux-kernel@...r.kernel.org, robin.murphy@....com,
 will@...nel.org, joro@...tes.org, kevin.tian@...el.com, jsnitsel@...hat.com,
 vasant.hegde@....com, iommu@...ts.linux.dev, santosh.shukla@....com,
 sairaj.arunkodilkar@....com, jon.grimm@....com, prashanthpra@...gle.com,
 wvw@...gle.com, wnliu@...gle.com, gptran@...gle.com, kpsingh@...gle.com,
 joao.m.martins@...cle.com, alejandro.j.jimenez@...cle.com
Subject: Re: [PATCH v3 15/15] iommu/amd: Add support for nested domain
 attach/detach



On 10/10/2025 6:20 PM, Jason Gunthorpe wrote:
> On Thu, Oct 09, 2025 at 11:57:55PM +0000, Suravee Suthikulpanit wrote:
>> Introduce set_dte_nested() to program guest translation settings in
>> the host DTE when attaches the nested domain to a device.
>> .....
>>
>> +static int nested_attach_device(struct iommu_domain *dom, struct device *dev)
>> +{
>> +	struct iommu_dev_data *dev_data = dev_iommu_priv_get(dev);
>> +	struct amd_iommu *iommu = get_amd_iommu_from_dev_data(dev_data);
>> +	int ret = 0;
>> +
>> +	if (WARN_ON(dom->type != IOMMU_DOMAIN_NESTED))
>> +		return -EINVAL;
>> +
>> +	mutex_lock(&dev_data->mutex);
>> +
>> +	/* Update device table entry */
>> +	set_dte_nested(iommu, dom, dev_data);
>> +	amd_iommu_device_flush_dte(dev_data);
>> +	amd_iommu_completion_wait(iommu);
>> +
>> +	mutex_unlock(&dev_data->mutex);
> 
> Where does the code record the ndom->id to push invalidates when the
> S2 is changed? Seems like an important thing to be missing!
> 
> Shouldn't all this attach related stuff be in here too??
> 
>          ret = pdom_attach_iommu(iommu, domain);
>          dev_data->domain = domain;
> 
>          spin_lock_irqsave(&domain->lock, flags);
>          list_add(&dev_data->list, &domain->dev_list);
>          spin_unlock_irqrestore(&domain->lock, flags);
> 
> At a bare minimum if the series is going to stop here then it must
> also do correct invalidation for any S2 changes.
> 
> Given that, I'd suggest to also fix the domain id's with the xarray so
> you don't have to redo the invalidation logic.
> 
> Jason

I am reworking this series to include S2 flushing, and will be sending 
out v4.

Thanks,
Suravee

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ