Re: [PATCH 3/5] vfio/pci: add qat devices to blocklist

From: Alex Williamson
Date: Fri Jul 10 2020 - 12:11:13 EST

Next message: Jon Hunter: "Re: [PATCH v2 4/6] devres: handle zero size in devm_kmalloc()"
Previous message: Kees Cook: "Re: Linux kernel in-tree Rust support"
In reply to: Bjorn Helgaas: "Re: [PATCH 3/5] vfio/pci: add qat devices to blocklist"
Next in thread: Giovanni Cabiddu: "Re: [PATCH 3/5] vfio/pci: add qat devices to blocklist"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 10 Jul 2020 10:44:33 -0500
Bjorn Helgaas <helgaas@xxxxxxxxxx> wrote:

> On Fri, Jul 10, 2020 at 10:37:45AM -0500, Bjorn Helgaas wrote:
> > On Fri, Jul 10, 2020 at 04:08:19PM +0100, Giovanni Cabiddu wrote:
> > > On Wed, Jul 01, 2020 at 04:28:12PM -0500, Bjorn Helgaas wrote:
> > > > On Wed, Jul 01, 2020 at 12:03:00PM +0100, Giovanni Cabiddu wrote:
> > > > > The current generation of IntelÂ QuickAssist Technology devices
> > > > > are not designed to run in an untrusted environment because of the
> > > > > following issues reported in the release notes in
> > > > > https://01.org/intel-quickassist-technology:
> > > >
> > > > It would be nice if this link were directly clickable, e.g., if there
> > > > were no trailing ":" or something.
> > > >
> > > > And it would be even better if it went to a specific doc that
> > > > described these issues. I assume these are errata, and it's not easy
> > > > to figure out which doc mentions them.
> > > Sure. I will fix the commit message in the next revision and point to the
> > > actual document:
> > > https://01.org/sites/default/files/downloads/336211-015-qatsoftwareforlinux-rn-hwv1.7-final.pdf
> >
> > Since URLs tend to go stale, please also include the Intel document
> > number and title.
>
> Oh, and is "01.org" really the right place for that? It looks like an
> Intel document, so I'd expect it to be somewhere on intel.com.
>
> I'm still a little confused. That doc seems to be about *software*
> and Linux software in particular. But when you said these "devices
> are not designed to run in an untrusted environment", I thought you
> meant there was some *hardware* design issue that caused a problem.

There seems to be a fair bit of hardware errata in the doc too, see:

3.1.2 QATE-7495 - GEN - An incorrectly formatted request to IntelÂ QAT can
hang the entire IntelÂ QAT Endpoint

3.1.9 QATE-39220 - GEN - QAT API submissions with bad addresses that
trigger DMA to invalid or unmapped addresses can cause a platform
hang

3.1.17 QATE-52389 - SR-IOV -Huge pages may not be compatible with QAT
VF usage

3.1.19 QATE-60953 - GEN â IntelÂ QAT API submissions with bad addresses
that trigger DMA to invalid or unmapped addresses can impact QAT
service availability

Thanks,
Alex

Next message: Jon Hunter: "Re: [PATCH v2 4/6] devres: handle zero size in devm_kmalloc()"
Previous message: Kees Cook: "Re: Linux kernel in-tree Rust support"
In reply to: Bjorn Helgaas: "Re: [PATCH 3/5] vfio/pci: add qat devices to blocklist"
Next in thread: Giovanni Cabiddu: "Re: [PATCH 3/5] vfio/pci: add qat devices to blocklist"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]