|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PATCH v2] xen/arm: fix gnttab_need_iommu_mapping
Hi Stefano, On 09/02/2021 01:57, Stefano Stabellini wrote: On Mon, 8 Feb 2021, Julien Grall wrote:On Mon, 8 Feb 2021 at 20:24, Stefano Stabellini <sstabellini@xxxxxxxxxx> wrote:@Ian, I think this wants to go in 4.15. Without it, Xen may receive an IOMMU fault for DMA transaction using granted page.Backport: 4.12+ --- Given the severity of the bug, I would like to request this patch to be backported to 4.12 too, even if 4.12 is security-fixes only since Oct 2020.I would agree that the bug is bad, but it is not clear to me why this would be warrant for an exception for backporting. Can you outline what's the worse that can happen? Correct me if I am wrong, if one can hit this error, then it should be pretty reliable. Therefore, anyone wanted to use 4.12 in production should have seen if the error on there setup by now (4.12 has been out for nearly two years). If not, then they are most likely not affected. Any new users of Xen should use the latest stable rather than starting with an old version.Yes, the bug reproduces reliably but it takes more than a smoke test to find it. That's why it wasn't found by OSSTest and also our internal CI-loop at Xilinx.Ok. So a user should be able to catch it during testing, is that correct?Yes, probably. The failure is that PV drivers do not work (they trigger the IOMMU fault), specifically PV network and block, maybe others too. I think it is unlikely but possible that an hardware update would also trigger the bug. For instance, a change of the network card might trigger the bug, if the previous network card driver was always bouncing requests on bounce buffers, while the new drivers uses the provided memory pages directly. I don't know how realistic this scenario is.Users can be very slow at upgrading, so I am worried that 4.12 might still be picked by somebody, especially given that it is still security supported for a while.Don't tell me about upgrading Xen... ;) But I am a bit confused, are you worried about existing users or new users?I am mostly worried about people that start using 4.12. I think it would be a big mistake for anyone to start using 4.12 now. I can already cite a few bugs (including in the SMMU driver) that haven't been backport to 4.12 . This is only going to be worse as it is not stable anymore. It is also not clear why someone would decide to use 4.12 when 4.13/4.14 are still supported and will also come with an extra 1 year and half security support. If a user was already on 4.12 and not seeing any errors, they are unlikely to see this error. It would only happen if: - they didn't use PV drivers before, and they want to start using PV drivers now - they are upgrading hardware (not sure how likely to happen, see above) Right, if you decide to switch device or upgrade HW, then you may also face other issues either in Xen or Linux. Once a tree is out of support, we make no promise that it will work on new setup (including dom0 software). We only promise that it will continue to work on existing setup and we will address security issue. Based on all the information you provided, this is not a fix I would recommend to backport to 4.12 because it is only impacting new/upgraded system (software or HW).- is the submitter willing to provide the backport? - is the backport low-risk? - is the underlying bug important?You wrote multiple times that this is serious but it is still not clear what's the worse that can happen...PV drivers don't work: each data transfer involving granted pages causes an IOMMU fault. Cheers, -- Julien Grall
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |