| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <41ed7ddc-58d4-4691-b3fc-1da2c7dc41bd@amd.com> Date: Mon, 20 Oct 2025 20:26:10 -0500 From: "Suthikulpanit, Suravee" <suravee.suthikulpanit@....com> To: Jason Gunthorpe <jgg@...dia.com> Cc: nicolinc@...dia.com, linux-kernel@...r.kernel.org, robin.murphy@....com, will@...nel.org, joro@...tes.org, kevin.tian@...el.com, jsnitsel@...hat.com, vasant.hegde@....com, iommu@...ts.linux.dev, santosh.shukla@....com, sairaj.arunkodilkar@....com, jon.grimm@....com, prashanthpra@...gle.com, wvw@...gle.com, wnliu@...gle.com, gptran@...gle.com, kpsingh@...gle.com, joao.m.martins@...cle.com, alejandro.j.jimenez@...cle.com Subject: Re: [PATCH v3 14/15] iommu/amd: Refactor logic to program the host page table in DTE On 10/10/2025 6:09 PM, Jason Gunthorpe wrote: > On Thu, Oct 09, 2025 at 11:57:54PM +0000, Suravee Suthikulpanit wrote: >> ... >> @@ -2061,36 +2087,14 @@ static void set_dte_entry(struct amd_iommu *iommu, >> >> amd_iommu_make_clear_dte(dev_data, &new); >> >> - if (domain->iop.mode != PAGE_MODE_NONE) >> - new.data[0] |= iommu_virt_to_phys(domain->iop.root); >> - >> - new.data[0] |= (domain->iop.mode & DEV_ENTRY_MODE_MASK) >> - << DEV_ENTRY_MODE_SHIFT; >> - >> - new.data[0] |= DTE_FLAG_IR | DTE_FLAG_IW; >> + old_domid = READ_ONCE(dte->data[1]) & DTE_DOMID_MASK; >> >> - /* >> - * When SNP is enabled, we can only support TV=1 with non-zero domain ID. >> - * This is prevented by the SNP-enable and IOMMU_DOMAIN_IDENTITY check in >> - * do_iommu_domain_alloc(). >> - */ >> - WARN_ON(amd_iommu_snp_en && (domid == 0)); >> - new.data[0] |= DTE_FLAG_TV; >> + set_dte_v1(dev_data, domain, domid, &new); >> + set_dte_gcr3_table(iommu, dev_data, &new); > > This seems weird, I would expect this to be written: > > if (gcr3_info && gcr3_info->gcr3_tbl) > set_dte_gcr3_table(iommu, dev_data, &new); > else > set_dte_v1(dev_data, domain, domid, &new); > > It is nonsense to call both gcr3 and v1 in this function that does not > setup two stages. > > So, I'd just put this code in both the v1 and gcr3 functions: > > + new->data[0] |= DTE_FLAG_IR | DTE_FLAG_IW | DTE_FLAG_TV; > + if (dev_data->ats_enabled) > + new->data[1] |= DTE_FLAG_IOTLB; > > (does IR/IW apply to GCR3?) IR/IW apply to both host and GCR3 tables. I'll add comment to the V4. > And then WARN_ON(domain->iop.mode != PAGE_MODE_NONE) as it should be > illegal to call set_dte_v1() on a domain that is not a v1 domain. I'll rework the logic in the set_dte_entry() as you suggested in V4. Thanks, Suravee > But this is overall the right idea and direction. > > Jason
Powered by blists - more mailing lists