[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v4 2/5] x86/iommu: make code addressing CVE-2011-1898 no VT-d specific

  • To: "Tian, Kevin" <kevin.tian@xxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Wed, 1 Feb 2023 10:30:15 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zTLRIiWcvo51/3o5VlJ0WQIdoSCIxoUaX4X6Ha3xogo=; b=bG8OhZu3SqJkuEl4vEzbRfvjDHOQZxmVDlDIY0YrUwKUuW2WlU90vkx1x1kD5nBF8PLaqT/evay2UXfSu1oaSIENJnlpWtqLKBI/HvaGQfF+M4jsbyrUVKlCwhAlCcoNKKO/JdcBoQ+fSbnS1SLhb4w4d5L8BHoF5EM6RFnNv2ae6EO8t3lF4t6c/gcCYJCbPl6LvNt9HPQn8lud8Gs+S7D3n+dEC4NsaZowiTsp0s4r0q+Dnzwz9cOSs9eUaEtXkWCXlw/bOTh7u1C8FwkAaYDAeoD/XflYXfARHdCFrv0Bihuqx9M6iMUqs2EkRJo/WAkGiCrYDxTqHcZ45I8pDw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=L2p9BN4x+iFuVaExdg6k77YJleSlv2se5R2I3E682ztZOv4t+KilkAsbYpiCP4SGOkfsXiwE9KrwJJJj1n10sApOy5X8mSOfTAQ2Ks9i5tWFgn5l8FiCNvWQefv1iooQcoBA8KffBWeB8nLV1a5QUc5eX0s6h24f5cxRpwAVZEID17BX3Xpd1O/YYrrtdXqBhncvJlConUQIRl9As0Gg/g6BokSEJeF8cRVVSB5lT3w8A4+NLsXY0bf+0I+bXmPx24MN5yNsBhGQdA4Ag5CmyS8fcp/MYvVDV3qV4dYpIpS0Gry17AUmfHAvyHxEf9MeGFET749QTjBIqSi7YRbZgg==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Paul Durrant <paul@xxxxxxx>, Pau Monné, Roger <roger.pau@xxxxxxxxxx>, Xenia Ragiadakou <burzalodowa@xxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Wed, 01 Feb 2023 09:30:43 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 01.02.2023 06:07, Tian, Kevin wrote:
>> From: Xenia Ragiadakou <burzalodowa@xxxxxxxxx>
>> Sent: Tuesday, January 24, 2023 8:42 PM
>>
>> The variable untrusted_msi indicates whether the system is vulnerable to
>> CVE-2011-1898 due to the absence of interrupt remapping support.
>> Although AMD iommus with interrupt remapping disabled are also affected,
>> this case is not handled yet. Given that the issue is not VT-d specific,
>> and to accommodate future use of the flag for covering also the AMD iommu
>> case, move the definition of the flag out of the VT-d specific code to the
>> common x86 iommu code.
>>
>> Also, since the current implementation assumes that only PV guests are
>> prone
>> to this attack, take the opportunity to define untrusted_msi only when PV is
>> enabled.
>>
> 
> I'm fine with this change given no functional change.
> 
> But I'm curious about the statement here that the current code only
> applies to PV guest. I didn't see such statement in original mail [1]
> and in concept a HVM guest with passthrough device can also do such
> attack w/o interrupt remapping.
> 
> Any more context?

Isn't this simply because we don't allow HVM to have devices assigned
without intremap? (I'm not sure, but even for PV allowing this may
have been limited to the xend tool stack.)

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.