Xen project Mailing List

Re: [PATCH v2 1/2] VT-d: avoid NULL deref on domain_context_mapping_one() error paths

To: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Date: Thu, 7 Apr 2022 09:50:06 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=HDWPZgW3PnKuc7oxBCrFOLRo1A13WwxHzKdhk1RsW7s=; b=WSZDtnZoWD3OpFYyzvg9KecxR6aMH053qBkmNPbRz3xKB8G3/+4NvIvhLhm5VW2hCpEhdYQPqAhPSLCMhZecx2fZ0ddoFsoEs+9daGVi3Q2VH5pVecepLyPGSqVrR6Ie3ZdAYL+7Klfr5skpp3PdOlQXyTW2LB1/AQr2kWn4knwi9gUKot2NpxN3UEVL3ix+Xn8RZ1+cTLNFVWsCOyLpfpB4m93XFLbQiWHlTL+BOJOjXE64WUE2rgkDtm1Ix73N/KTWB86pv86S/6BRxY9HP1wcZMojbkil3eaGnumF0opQTyxV3wfsuGkGeXGbFqMSwyR7QhtGpTvThvUZiGeTaA==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GpmXgaOLf4crsAymoN8f502ZP/vG4BxoCPKuKw868cuYkzDz7yKzIcEl5Ib1uQ4YrZRP/XjJYdR2V+cUM8Sxy2d3JwgoTTMWolbSM7YIt8Cc3AVDhz+8AJbNOOj96fMx7Uu/fL5Gv6jkWl26OoZvCYy/xukop6YFuSsjQIvEzlRCRznePGBLHbvz7tDdI5LNNXja6qFk17XPb964cHcSL8ewSM1hAWYvOwgp/BjCi76mkustPTn4eCp6RNGCCBRLpSCtb0sQ81Kx6LpnrIuo4KTkFm8i8eoM4bS2H4+avMT6cN1ldJk+v6Rku36HRfVC0j7U8ZzLhxx63wQxqvx0nQ==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;

Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Kevin Tian <kevin.tian@xxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Paul Durrant <paul@xxxxxxx>

Delivery-date: Thu, 07 Apr 2022 07:50:21 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 07.04.2022 09:41, Roger Pau Monné wrote: > On Thu, Apr 07, 2022 at 08:11:06AM +0200, Jan Beulich wrote: >> First there's a printk() which actually wrongly uses pdev in the first >> place: We want to log the coordinates of the (perhaps fake) device >> acted upon, which may not be pdev. >> >> Then it was quite pointless for eb19326a328d ("VT-d: prepare for per- >> device quarantine page tables (part I)") to add a domid_t parameter to >> domain_context_unmap_one(): It's only used to pass back here via >> me_wifi_quirk() -> map_me_phantom_function(). Drop the parameter again. >> >> Finally there's the invocation of domain_context_mapping_one(), which >> needs to be passed the correct domain ID. Avoid taking that path when >> pdev is NULL and the quarantine state is what would need restoring to. >> This means we can't security-support PCI devices with RMRRs (if such >> exist in practice) any longer. > > The sentence: > > "This means we can't security-support PCI devices with RMRRs" > > Seems too broad and could lead to confusion. So I would maybe use: > "legacy PCI devices" or "non PCI Express devices". Right. I did actually forget to either drop or edit that sentence. I've now extended this to "This means we can't security-support non-PCI-Express devices with RMRRs (if such exist in practice) any longer; note that as of trhe 1st of the two commits referenced below assigning them to DomU-s is unsupported anyway." >> Fixes: 8f41e481b485 ("VT-d: re-assign devices directly") >> Fixes: 14dd241aad8a ("IOMMU/x86: use per-device page tables for >> quarantining") >> Coverity ID: 1503784 >> Reported-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> >> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> > > Reviewed-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> Thanks. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.