Re: [PATCH 0/9 v2] vfio-pci: add support for Freescale IOMMU (PAMU)

From: Scott Wood
Date: Fri Dec 06 2013 - 14:00:16 EST

Next message: John W. Linville: "pull request: wireless-next 2013-12-06"
Previous message: Kees Cook: "[PATCH] test: fix sparse warnings in user_copy tests"
In reply to: Bharat Bhushan: "RE: [PATCH 0/9 v2] vfio-pci: add support for Freescale IOMMU (PAMU)"
Next in thread: Alex Williamson: "Re: [PATCH 0/9 v2] vfio-pci: add support for Freescale IOMMU (PAMU)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2013-12-05 at 22:11 -0600, Bharat Bhushan wrote:
>
> > -----Original Message-----
> > From: Wood Scott-B07421
> > Sent: Friday, December 06, 2013 5:52 AM
> > To: Bhushan Bharat-R65777
> > Cc: Alex Williamson; linux-pci@xxxxxxxxxxxxxxx; agraf@xxxxxxx; Yoder Stuart-
> > B08248; iommu@xxxxxxxxxxxxxxxxxxxxxxxxxx; bhelgaas@xxxxxxxxxx; linuxppc-
> > dev@xxxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx
> > Subject: Re: [PATCH 0/9 v2] vfio-pci: add support for Freescale IOMMU (PAMU)
> >
> > On Thu, 2013-11-28 at 03:19 -0600, Bharat Bhushan wrote:
> > >
> > > > -----Original Message-----
> > > > From: Bhushan Bharat-R65777
> > > > Sent: Wednesday, November 27, 2013 9:39 PM
> > > > To: 'Alex Williamson'
> > > > Cc: Wood Scott-B07421; linux-pci@xxxxxxxxxxxxxxx; agraf@xxxxxxx;
> > > > Yoder Stuart- B08248; iommu@xxxxxxxxxxxxxxxxxxxxxxxxxx;
> > > > bhelgaas@xxxxxxxxxx; linuxppc- dev@xxxxxxxxxxxxxxxx;
> > > > linux-kernel@xxxxxxxxxxxxxxx
> > > > Subject: RE: [PATCH 0/9 v2] vfio-pci: add support for Freescale
> > > > IOMMU (PAMU)
> > > >
> > > > If we just provide the size of MSI bank to userspace then userspace
> > > > cannot do anything wrong.
> > >
> > > So userspace does not know address, so it cannot mmap and cause any
> > interference by directly reading/writing.
> >
> > That's security through obscurity... Couldn't the malicious user find out the
> > address via other means, such as experimentation on another system over which
> > they have full control? What would happen if the user reads from their device's
> > PCI config space? Or gets the information via some back door in the PCI device
> > they own? Or pokes throughout the address space looking for something that
> > generates an interrupt to its own device?
>
> So how to solve this problem, Any suggestion ?
>
> We have to map one window in PAMU for MSIs and a malicious user can ask
> its device to do DMA to MSI window region with any pair of address and
> data, which can lead to unexpected MSIs in system?

I don't think there are any solutions other than to limit each bank to
one user, unless the admin turns some knob that says they're OK with the
partial loss of isolation.

-Scott

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: John W. Linville: "pull request: wireless-next 2013-12-06"
Previous message: Kees Cook: "[PATCH] test: fix sparse warnings in user_copy tests"
In reply to: Bharat Bhushan: "RE: [PATCH 0/9 v2] vfio-pci: add support for Freescale IOMMU (PAMU)"
Next in thread: Alex Williamson: "Re: [PATCH 0/9 v2] vfio-pci: add support for Freescale IOMMU (PAMU)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]