From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53994) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fLgOj-00030P-85 for qemu-devel@nongnu.org; Wed, 23 May 2018 22:54:38 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fLgOe-0003LL-DK for qemu-devel@nongnu.org; Wed, 23 May 2018 22:54:37 -0400 Date: Thu, 24 May 2018 10:54:19 +0800 From: Peter Xu Message-ID: <20180524025419.GB756@xz-mi> References: <20180518072517.20901-1-peterx@redhat.com> <20180518072517.20901-10-peterx@redhat.com> <20180523173227-mutt-send-email-mst@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20180523173227-mutt-send-email-mst@kernel.org> Subject: Re: [Qemu-devel] [PATCH v4 9/9] intel-iommu: rework the page walk logic List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Michael S. Tsirkin" Cc: qemu-devel@nongnu.org, Tian Kevin , QEMU Stable , Jintack Lim , Jason Wang , Alex Williamson On Wed, May 23, 2018 at 05:33:34PM +0300, Michael S. Tsirkin wrote: > On Fri, May 18, 2018 at 03:25:17PM +0800, Peter Xu wrote: > > SECURITY IMPLICATION: this patch will fix a potential small window that > > the DMA page table might be incomplete or invalid when the guest sends > > domain/context invalidations to a device. It can cause random DMA > > errors for assigned devices. > > So this is more a correctness IMO. I don't see how can > e.g. an application within guest cause any mischief > with this, it will just get a non working device. Yes, you are right. It causes valid mappings missing so there's no risk to anyone but only unfunction. I should remove the "SECURITY IMPLICATION" wordings. Thanks, -- Peter Xu