From: Benjamin Herrenschmidt <benh@kernel.crashing.org>
To: Alexey Kardashevskiy <aik@ozlabs.ru>
Cc: linuxppc-dev@lists.ozlabs.org,
David Gibson <david@gibson.dropbear.id.au>,
Alexander Graf <agraf@suse.de>, Paul Mackerras <paulus@samba.org>,
kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
kvm-ppc@vger.kernel.org,
Alex Williamson <alex.williamson@redhat.com>
Subject: Re: [PATCH 3/4] KVM: PPC: Add support for IOMMU in-kernel handling
Date: Sun, 16 Jun 2013 22:39:03 +0000 [thread overview]
Message-ID: <1371422343.21896.143.camel@pasglop> (raw)
In-Reply-To: <1370412673-1345-4-git-send-email-aik@ozlabs.ru>
On Wed, 2013-06-05 at 16:11 +1000, Alexey Kardashevskiy wrote:
> +long kvm_vm_ioctl_create_spapr_tce_iommu(struct kvm *kvm,
> + struct kvm_create_spapr_tce_iommu *args)
> +{
> + struct kvmppc_spapr_tce_table *tt = NULL;
> + struct iommu_group *grp;
> + struct iommu_table *tbl;
> +
> + /* Find an IOMMU table for the given ID */
> + grp = iommu_group_get_by_id(args->iommu_id);
> + if (!grp)
> + return -ENXIO;
> +
> + tbl = iommu_group_get_iommudata(grp);
> + if (!tbl)
> + return -ENXIO;
So Alex Graf pointed out here, there is a security issue here, or are we
missing something ?
What prevents a malicious program that has access to /dev/kvm from
taking over random iommu groups (including host used ones) that way?
What is the security model of that whole iommu stuff to begin with ?
Cheers,
Ben.
WARNING: multiple messages have this Message-ID (diff)
From: Benjamin Herrenschmidt <benh@kernel.crashing.org>
To: Alexey Kardashevskiy <aik@ozlabs.ru>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
kvm-ppc@vger.kernel.org, Alexander Graf <agraf@suse.de>,
Alex Williamson <alex.williamson@redhat.com>,
Paul Mackerras <paulus@samba.org>,
linuxppc-dev@lists.ozlabs.org,
David Gibson <david@gibson.dropbear.id.au>
Subject: Re: [PATCH 3/4] KVM: PPC: Add support for IOMMU in-kernel handling
Date: Mon, 17 Jun 2013 08:39:03 +1000 [thread overview]
Message-ID: <1371422343.21896.143.camel@pasglop> (raw)
In-Reply-To: <1370412673-1345-4-git-send-email-aik@ozlabs.ru>
On Wed, 2013-06-05 at 16:11 +1000, Alexey Kardashevskiy wrote:
> +long kvm_vm_ioctl_create_spapr_tce_iommu(struct kvm *kvm,
> + struct kvm_create_spapr_tce_iommu *args)
> +{
> + struct kvmppc_spapr_tce_table *tt = NULL;
> + struct iommu_group *grp;
> + struct iommu_table *tbl;
> +
> + /* Find an IOMMU table for the given ID */
> + grp = iommu_group_get_by_id(args->iommu_id);
> + if (!grp)
> + return -ENXIO;
> +
> + tbl = iommu_group_get_iommudata(grp);
> + if (!tbl)
> + return -ENXIO;
So Alex Graf pointed out here, there is a security issue here, or are we
missing something ?
What prevents a malicious program that has access to /dev/kvm from
taking over random iommu groups (including host used ones) that way?
What is the security model of that whole iommu stuff to begin with ?
Cheers,
Ben.
WARNING: multiple messages have this Message-ID (diff)
From: Benjamin Herrenschmidt <benh@kernel.crashing.org>
To: Alexey Kardashevskiy <aik@ozlabs.ru>
Cc: linuxppc-dev@lists.ozlabs.org,
David Gibson <david@gibson.dropbear.id.au>,
Alexander Graf <agraf@suse.de>, Paul Mackerras <paulus@samba.org>,
kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
kvm-ppc@vger.kernel.org,
Alex Williamson <alex.williamson@redhat.com>
Subject: Re: [PATCH 3/4] KVM: PPC: Add support for IOMMU in-kernel handling
Date: Mon, 17 Jun 2013 08:39:03 +1000 [thread overview]
Message-ID: <1371422343.21896.143.camel@pasglop> (raw)
In-Reply-To: <1370412673-1345-4-git-send-email-aik@ozlabs.ru>
On Wed, 2013-06-05 at 16:11 +1000, Alexey Kardashevskiy wrote:
> +long kvm_vm_ioctl_create_spapr_tce_iommu(struct kvm *kvm,
> + struct kvm_create_spapr_tce_iommu *args)
> +{
> + struct kvmppc_spapr_tce_table *tt = NULL;
> + struct iommu_group *grp;
> + struct iommu_table *tbl;
> +
> + /* Find an IOMMU table for the given ID */
> + grp = iommu_group_get_by_id(args->iommu_id);
> + if (!grp)
> + return -ENXIO;
> +
> + tbl = iommu_group_get_iommudata(grp);
> + if (!tbl)
> + return -ENXIO;
So Alex Graf pointed out here, there is a security issue here, or are we
missing something ?
What prevents a malicious program that has access to /dev/kvm from
taking over random iommu groups (including host used ones) that way?
What is the security model of that whole iommu stuff to begin with ?
Cheers,
Ben.
next prev parent reply other threads:[~2013-06-16 22:39 UTC|newest]
Thread overview: 212+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-06-05 6:11 [PATCH 0/4 v3] KVM: PPC: IOMMU in-kernel handling Alexey Kardashevskiy
2013-06-05 6:11 ` Alexey Kardashevskiy
2013-06-05 6:11 ` Alexey Kardashevskiy
2013-06-05 6:11 ` [PATCH 1/4] KVM: PPC: Add support for multiple-TCE hcalls Alexey Kardashevskiy
2013-06-05 6:11 ` Alexey Kardashevskiy
2013-06-05 6:11 ` Alexey Kardashevskiy
2013-06-16 4:20 ` Benjamin Herrenschmidt
2013-06-16 4:20 ` Benjamin Herrenschmidt
2013-06-16 4:20 ` Benjamin Herrenschmidt
2013-06-16 22:06 ` Alexander Graf
2013-06-16 22:06 ` Alexander Graf
2013-06-16 22:06 ` Alexander Graf
2013-06-17 7:55 ` Alexey Kardashevskiy
2013-06-17 7:55 ` Alexey Kardashevskiy
2013-06-17 7:55 ` Alexey Kardashevskiy
2013-06-17 8:02 ` Alexander Graf
2013-06-17 8:02 ` Alexander Graf
2013-06-17 8:02 ` Alexander Graf
2013-06-17 8:34 ` Alexey Kardashevskiy
2013-06-17 8:34 ` Alexey Kardashevskiy
2013-06-17 8:34 ` Alexey Kardashevskiy
2013-06-17 8:40 ` Alexander Graf
2013-06-17 8:40 ` Alexander Graf
2013-06-17 8:40 ` Alexander Graf
2013-06-17 8:51 ` Alexey Kardashevskiy
2013-06-17 8:51 ` Alexey Kardashevskiy
2013-06-17 8:51 ` Alexey Kardashevskiy
2013-06-17 10:46 ` Alexander Graf
2013-06-17 10:46 ` Alexander Graf
2013-06-17 10:46 ` Alexander Graf
2013-06-17 10:48 ` Alexander Graf
2013-06-17 10:48 ` Alexander Graf
2013-06-17 10:48 ` Alexander Graf
2013-06-17 8:37 ` Benjamin Herrenschmidt
2013-06-17 8:37 ` Benjamin Herrenschmidt
2013-06-17 8:37 ` Benjamin Herrenschmidt
2013-06-17 8:42 ` Alexander Graf
2013-06-17 8:42 ` Alexander Graf
2013-06-17 8:42 ` Alexander Graf
2013-06-05 6:11 ` [PATCH 2/4] powerpc: Prepare to support kernel handling of IOMMU map/unmap Alexey Kardashevskiy
2013-06-05 6:11 ` Alexey Kardashevskiy
2013-06-05 6:11 ` Alexey Kardashevskiy
2013-06-16 4:26 ` Benjamin Herrenschmidt
2013-06-16 4:26 ` Benjamin Herrenschmidt
2013-06-16 4:26 ` Benjamin Herrenschmidt
2013-06-16 4:26 ` Benjamin Herrenschmidt
2013-06-16 4:31 ` Benjamin Herrenschmidt
2013-06-16 4:31 ` Benjamin Herrenschmidt
2013-06-16 4:31 ` Benjamin Herrenschmidt
2013-06-16 4:31 ` Benjamin Herrenschmidt
2013-06-17 9:17 ` Alexey Kardashevskiy
2013-06-17 9:17 ` Alexey Kardashevskiy
2013-06-17 9:17 ` Alexey Kardashevskiy
2013-06-17 9:17 ` Alexey Kardashevskiy
2013-06-05 6:11 ` [PATCH 3/4] KVM: PPC: Add support for IOMMU in-kernel handling Alexey Kardashevskiy
2013-06-05 6:11 ` Alexey Kardashevskiy
2013-06-05 6:11 ` Alexey Kardashevskiy
2013-06-16 4:39 ` Benjamin Herrenschmidt
2013-06-16 4:39 ` Benjamin Herrenschmidt
2013-06-16 4:39 ` Benjamin Herrenschmidt
2013-06-19 3:17 ` Alexey Kardashevskiy
2013-06-19 3:17 ` Alexey Kardashevskiy
2013-06-19 3:17 ` Alexey Kardashevskiy
2013-06-16 22:25 ` Alexander Graf
2013-06-16 22:25 ` Alexander Graf
2013-06-16 22:25 ` Alexander Graf
2013-06-16 22:39 ` Benjamin Herrenschmidt [this message]
2013-06-16 22:39 ` Benjamin Herrenschmidt
2013-06-16 22:39 ` Benjamin Herrenschmidt
2013-06-17 3:13 ` Alex Williamson
2013-06-17 3:13 ` Alex Williamson
2013-06-17 3:13 ` Alex Williamson
2013-06-17 3:56 ` Benjamin Herrenschmidt
2013-06-17 3:56 ` Benjamin Herrenschmidt
2013-06-17 3:56 ` Benjamin Herrenschmidt
2013-06-18 2:32 ` Alex Williamson
2013-06-18 2:32 ` Alex Williamson
2013-06-18 2:32 ` Alex Williamson
2013-06-18 4:38 ` Benjamin Herrenschmidt
2013-06-18 4:38 ` Benjamin Herrenschmidt
2013-06-18 4:38 ` Benjamin Herrenschmidt
2013-06-18 14:48 ` Alex Williamson
2013-06-18 14:48 ` Alex Williamson
2013-06-18 14:48 ` Alex Williamson
2013-06-18 21:58 ` Benjamin Herrenschmidt
2013-06-18 21:58 ` Benjamin Herrenschmidt
2013-06-18 21:58 ` Benjamin Herrenschmidt
2013-06-19 3:35 ` Rusty Russell
2013-06-19 3:47 ` Rusty Russell
2013-06-19 3:35 ` Rusty Russell
2013-06-19 4:59 ` Benjamin Herrenschmidt
2013-06-19 4:59 ` Benjamin Herrenschmidt
2013-06-19 4:59 ` Benjamin Herrenschmidt
2013-06-19 9:58 ` Alexander Graf
2013-06-19 9:58 ` Alexander Graf
2013-06-19 9:58 ` Alexander Graf
2013-06-19 14:50 ` Benjamin Herrenschmidt
2013-06-19 14:50 ` Benjamin Herrenschmidt
2013-06-19 14:50 ` Benjamin Herrenschmidt
2013-06-19 15:49 ` Alex Williamson
2013-06-19 15:49 ` Alex Williamson
2013-06-19 15:49 ` Alex Williamson
2013-06-20 4:58 ` Alexey Kardashevskiy
2013-06-20 4:58 ` Alexey Kardashevskiy
2013-06-20 4:58 ` Alexey Kardashevskiy
2013-06-20 5:28 ` David Gibson
2013-06-20 5:28 ` David Gibson
2013-06-20 5:28 ` David Gibson
2013-06-20 7:47 ` Benjamin Herrenschmidt
2013-06-20 7:47 ` Benjamin Herrenschmidt
2013-06-20 7:47 ` Benjamin Herrenschmidt
2013-06-20 8:48 ` Alexey Kardashevskiy
2013-06-20 8:48 ` Alexey Kardashevskiy
2013-06-20 8:48 ` Alexey Kardashevskiy
2013-06-20 14:55 ` Alex Williamson
2013-06-20 14:55 ` Alex Williamson
2013-06-20 14:55 ` Alex Williamson
2013-06-22 8:25 ` Alexey Kardashevskiy
2013-06-22 8:25 ` Alexey Kardashevskiy
2013-06-22 8:25 ` Alexey Kardashevskiy
2013-06-22 12:03 ` David Gibson
2013-06-22 12:03 ` David Gibson
2013-06-22 12:03 ` David Gibson
2013-06-22 14:28 ` Alex Williamson
2013-06-22 14:28 ` Alex Williamson
2013-06-22 14:28 ` Alex Williamson
2013-06-24 3:52 ` David Gibson
2013-06-24 3:52 ` David Gibson
2013-06-24 3:52 ` David Gibson
2013-06-24 3:52 ` David Gibson
2013-06-24 4:41 ` Alex Williamson
2013-06-24 4:41 ` Alex Williamson
2013-06-24 4:41 ` Alex Williamson
2013-06-27 11:01 ` David Gibson
2013-06-27 11:01 ` David Gibson
2013-06-27 11:01 ` David Gibson
2013-06-22 23:28 ` Benjamin Herrenschmidt
2013-06-22 23:28 ` Benjamin Herrenschmidt
2013-06-22 23:28 ` Benjamin Herrenschmidt
2013-06-24 3:54 ` David Gibson
2013-06-24 3:54 ` David Gibson
2013-06-24 3:54 ` David Gibson
2013-06-24 3:58 ` Benjamin Herrenschmidt
2013-06-24 3:58 ` Benjamin Herrenschmidt
2013-06-24 3:58 ` Benjamin Herrenschmidt
2013-06-05 6:11 ` [PATCH 4/4] KVM: PPC: Add hugepage " Alexey Kardashevskiy
2013-06-05 6:11 ` Alexey Kardashevskiy
2013-06-05 6:11 ` Alexey Kardashevskiy
2013-06-16 4:46 ` Benjamin Herrenschmidt
2013-06-16 4:46 ` Benjamin Herrenschmidt
2013-06-16 4:46 ` Benjamin Herrenschmidt
2013-06-17 16:35 ` Paolo Bonzini
2013-06-17 16:35 ` Paolo Bonzini
2013-06-17 16:35 ` Paolo Bonzini
2013-06-12 3:14 ` [PATCH 0/4 v3] KVM: PPC: " Benjamin Herrenschmidt
2013-06-12 3:14 ` Benjamin Herrenschmidt
2013-06-12 3:14 ` Benjamin Herrenschmidt
-- strict thread matches above, loose matches on Subject: below --
2013-05-21 3:06 [PATCH 0/4 v2] " Alexey Kardashevskiy
2013-05-21 3:06 ` [PATCH 3/4] KVM: PPC: Add support for " Alexey Kardashevskiy
2013-05-21 3:06 ` Alexey Kardashevskiy
2013-05-21 3:06 ` Alexey Kardashevskiy
2013-05-22 21:06 ` Scott Wood
2013-05-22 21:06 ` Scott Wood
2013-05-22 21:06 ` Scott Wood
2013-05-25 2:45 ` David Gibson
2013-05-25 2:45 ` David Gibson
2013-05-25 2:45 ` David Gibson
2013-05-27 2:44 ` Alexey Kardashevskiy
2013-05-27 2:44 ` Alexey Kardashevskiy
2013-05-27 2:44 ` Alexey Kardashevskiy
2013-05-27 10:23 ` Paolo Bonzini
2013-05-27 10:23 ` Paolo Bonzini
2013-05-27 10:23 ` Paolo Bonzini
2013-05-27 14:26 ` Alexey Kardashevskiy
2013-05-27 14:26 ` Alexey Kardashevskiy
2013-05-27 14:26 ` Alexey Kardashevskiy
2013-05-27 14:41 ` Paolo Bonzini
2013-05-27 14:41 ` Paolo Bonzini
2013-05-27 14:41 ` Paolo Bonzini
2013-05-28 16:32 ` Scott Wood
2013-05-28 16:32 ` Scott Wood
2013-05-28 16:32 ` Scott Wood
2013-05-29 0:20 ` Alexey Kardashevskiy
2013-05-29 0:20 ` Alexey Kardashevskiy
2013-05-29 0:20 ` Alexey Kardashevskiy
2013-05-28 17:45 ` Scott Wood
2013-05-28 17:45 ` Scott Wood
2013-05-28 17:45 ` Scott Wood
2013-05-28 23:30 ` Alexey Kardashevskiy
2013-05-28 23:30 ` Alexey Kardashevskiy
2013-05-28 23:30 ` Alexey Kardashevskiy
2013-05-28 23:35 ` Scott Wood
2013-05-28 23:35 ` Scott Wood
2013-05-28 23:35 ` Scott Wood
2013-05-29 0:12 ` Alexey Kardashevskiy
2013-05-29 0:12 ` Alexey Kardashevskiy
2013-05-29 0:12 ` Alexey Kardashevskiy
2013-05-29 20:05 ` Scott Wood
2013-05-29 20:05 ` Scott Wood
2013-05-29 20:05 ` Scott Wood
2013-05-29 23:10 ` Alexey Kardashevskiy
2013-05-29 23:10 ` Alexey Kardashevskiy
2013-05-29 23:10 ` Alexey Kardashevskiy
2013-05-29 23:14 ` Scott Wood
2013-05-29 23:14 ` Scott Wood
2013-05-29 23:14 ` Scott Wood
2013-05-29 23:14 ` Scott Wood
2013-05-29 23:29 ` Alexey Kardashevskiy
2013-05-29 23:29 ` Alexey Kardashevskiy
2013-05-29 23:29 ` Alexey Kardashevskiy
2013-05-29 23:32 ` Scott Wood
2013-05-29 23:32 ` Scott Wood
2013-05-29 23:32 ` Scott Wood
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1371422343.21896.143.camel@pasglop \
--to=benh@kernel.crashing.org \
--cc=agraf@suse.de \
--cc=aik@ozlabs.ru \
--cc=alex.williamson@redhat.com \
--cc=david@gibson.dropbear.id.au \
--cc=kvm-ppc@vger.kernel.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=paulus@samba.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.