Re: [PATCH v2] dmaengine: idxd: Do not enable user type Work Queue without Shared Virtual Addressing

From: Vinod Koul
Date: Wed Oct 19 2022 - 09:50:11 EST

Next message: Köry Maincent: "[PATCH 6/6] clk: spear: Fix SSP clock definition on SPEAr600"
Previous message: Christian Brauner: "Re: Odd interaction with file capabilities and procfs files"
In reply to: Tian, Kevin: "RE: [PATCH v2] dmaengine: idxd: Do not enable user type Work Queue without Shared Virtual Addressing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 14-10-22, 15:25, Fenghua Yu wrote:
> When the idxd_user_drv driver is bound to a Work Queue (WQ) device
> without IOMMU or with IOMMU Passthrough without Shared Virtual
> Addressing (SVA), the application gains direct access to physical
> memory via the device by programming physical address to a submitted
> descriptor. This allows direct userspace read and write access to
> arbitrary physical memory. This is inconsistent with the security
> goals of a good kernel API.
>
> Unlike vfio_pci driver, the IDXD char device driver does not provide any
> ways to pin user pages and translate the address from user VA to IOVA or
> PA without IOMMU SVA. Therefore the application has no way to instruct the
> device to perform DMA function. This makes the char device not usable for
> normal application usage.
>
> Since user type WQ without SVA cannot be used for normal application usage
> and presents the security issue, bind idxd_user_drv driver and enable user
> type WQ only when SVA is enabled (i.e. user PASID is enabled).

Applied, thanks

--
~Vinod

Next message: Köry Maincent: "[PATCH 6/6] clk: spear: Fix SSP clock definition on SPEAr600"
Previous message: Christian Brauner: "Re: Odd interaction with file capabilities and procfs files"
In reply to: Tian, Kevin: "RE: [PATCH v2] dmaengine: idxd: Do not enable user type Work Queue without Shared Virtual Addressing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]