[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [PATCH v4 2/5] x86/iommu: make code addressing CVE-2011-1898 no VT-d specific
- To: "Beulich, Jan" <JBeulich@xxxxxxxx>
- From: "Tian, Kevin" <kevin.tian@xxxxxxxxx>
- Date: Thu, 2 Feb 2023 03:47:11 +0000
- Accept-language: en-US
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=BE+zvSmVO6w/55TnSEmoRkCo49DJVphCeVu/vQLoedw=; b=b+Ob07ObT3VWL4Z9Pco2DLGvpuj7s63HwibTxGli0DSR0ZjlnoZdGHwcARvy030ukMG9thiBRUVK9jAAsV0PJMG69ogHqZ/tE2wPITf4smcoCh2/hHXVsJM7KOXjcgetaJK/Sqjsdhgdozs5HWQ7Ft/1AUuXUTtJkomvfCeaRj9gE3T3ae6ecmnynwyLlgINCjkLnm5c41tZInSx3XLgGK1X98fYZIABtjT/1hppgQjzHvSODh5hLhM2rtCrLpmtfymw7e3JSgSI0xpTmJr60J32Act/LzralmO+Y/0dqC9kfi3GJWgKWUr/tJGih44Thk7dn820R0w9c7smXCEjwg==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=OWAe8qafv9lh/kmrSXmGCPkPOYYmM9JRAZeSuaQGYBVeuU1h5NDJ/ym4/EEx09y6JrzlGlZti/AcVvoOzuneyI+9rEACjJoC0S7DveWp/juINwv7nTPjkuI+VFLyvRC6xPbaD+aRZSAEY83TtO1SOsr+CzPqrb9a/0uP96jUQ0pZpfWWt4PlEKtiuTihyr6m7NhMIquCDG0UTG9KK+rQFp7W7xMutKYkzTB6Q/2AyVAdpCIzGEVhQKHOaK91T2xxCPNo2IwIUrW8tR+jhaG3VwIG65qw5jzpDPSFt0LsRRlzGZ3IhAgtHJ0DWiBvKho99zluBSicNPVNDjV/vu2N0A==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com;
- Cc: Paul Durrant <paul@xxxxxxx>, Pau Monné, Roger <roger.pau@xxxxxxxxxx>, Xenia Ragiadakou <burzalodowa@xxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- Delivery-date: Thu, 02 Feb 2023 03:47:47 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
- Thread-index: AQHZL/FVJOdom3IWD0Wag5ryo7ERT665k35wgABMM4CAATJKcA==
- Thread-topic: [PATCH v4 2/5] x86/iommu: make code addressing CVE-2011-1898 no VT-d specific
> From: Jan Beulich <jbeulich@xxxxxxxx>
> Sent: Wednesday, February 1, 2023 5:30 PM
>
> On 01.02.2023 06:07, Tian, Kevin wrote:
> >> From: Xenia Ragiadakou <burzalodowa@xxxxxxxxx>
> >> Sent: Tuesday, January 24, 2023 8:42 PM
> >>
> >> The variable untrusted_msi indicates whether the system is vulnerable to
> >> CVE-2011-1898 due to the absence of interrupt remapping support.
> >> Although AMD iommus with interrupt remapping disabled are also
> affected,
> >> this case is not handled yet. Given that the issue is not VT-d specific,
> >> and to accommodate future use of the flag for covering also the AMD
> iommu
> >> case, move the definition of the flag out of the VT-d specific code to the
> >> common x86 iommu code.
> >>
> >> Also, since the current implementation assumes that only PV guests are
> >> prone
> >> to this attack, take the opportunity to define untrusted_msi only when PV
> is
> >> enabled.
> >>
> >
> > I'm fine with this change given no functional change.
> >
> > But I'm curious about the statement here that the current code only
> > applies to PV guest. I didn't see such statement in original mail [1]
> > and in concept a HVM guest with passthrough device can also do such
> > attack w/o interrupt remapping.
> >
> > Any more context?
>
> Isn't this simply because we don't allow HVM to have devices assigned
> without intremap? (I'm not sure, but even for PV allowing this may
> have been limited to the xend tool stack.)
>
OK, this is what I'm seeking.
Reviewed-by: Kevin Tian <kevin.tian@xxxxxxxxx>
|
