lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aWUY-f3kvM94z4qh@willie-the-truck>
Date: Mon, 12 Jan 2026 15:53:29 +0000
From: Will Deacon <will@...nel.org>
To: Jason Gunthorpe <jgg@...dia.com>
Cc: Nicolin Chen <nicolinc@...dia.com>, robin.murphy@....com,
	joro@...tes.org, linux-arm-kernel@...ts.infradead.org,
	iommu@...ts.linux.dev, linux-kernel@...r.kernel.org,
	skolothumtho@...dia.com, praan@...gle.com,
	xueshuai@...ux.alibaba.com, smostafa@...gle.com
Subject: Re: [PATCH rc v5 1/4] iommu/arm-smmu-v3: Add update_safe bits to fix
 STE update sequence

On Wed, Jan 07, 2026 at 08:36:46PM -0400, Jason Gunthorpe wrote:
> On Wed, Jan 07, 2026 at 09:20:06PM +0000, Will Deacon wrote:
> > >  drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.h   |  2 ++
> > >  .../iommu/arm/arm-smmu-v3/arm-smmu-v3-test.c  | 18 ++++++++++---
> > >  drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c   | 27 ++++++++++++++-----
> > >  3 files changed, 37 insertions(+), 10 deletions(-)
> > 
> > Hmm. So this appears to ignore the safe bits entirely, whereas the
> > rationale for the change is that going from {MEV,EATS} disabled to
> > enabled is safe (which I agree with). 
> 
> The argument was it doesn't matter for either direction be it disabled
> to enabled or vice versa, see my reply to Mustfa in the v4 posting:
> 
> https://lore.kernel.org/all/20251218180129.GA254720@nvidia.com/

It would be good to include some of that rationale in the comment and
commit message for patch 3, as at the moment it only talks about the
change in one direction.

I'm also still not convinced that this is generally safe, even if it
works within what Linux currently does. For example, if somebody tries
to disable S2S and enable ATS at the same time, couldn't you transiently
get an illegal STE?

Will

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ