[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] IOMMU: make domctl handler tolerate NULL domain


  • To: Jan Beulich <jbeulich@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
  • Date: Tue, 19 Apr 2022 10:49:03 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/iJe2aOTMqAbfWIsolVNit0xXp/+UJO3grns/FTuwIU=; b=ONPNApyyjQxBE5xrR1xxuAQi4Gd/iCevYUfMmO+3NVpmX2vYych/qQjBxyFhR1E8pWqkZ2Wu3/Cdyc0jtbumQp42AJWl0ksYPeBIiZo+4HYmPclx5A8sguixhf3svxA4uAEwCaS4X5OrDXyYpQPNrI0HCRhGZCN8EeahTUXNB6SYv5bYm81x+yhmc+r8Hg5zpM2HQf4M4/AcGHWPtqubNjYtzosntmJTwDwmb8fdBEiy0p/rQ1e2fghmjWr28ryC0XEg53/U7OUNlbGJlbADt2w0ITqkqUEpaYvlergwlc9ayZejNMWfOSPNoXoyb2EXnVPoiSWwKKvXQcim3e8Rhw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IsU0SufeZ9c0hSjsKs78/X85gU4JVM7+dHeFG0JzK/LFUXIDGA50dL+YJwhp3wBUWNZLBtwqHbMFsgY7jI+7cRE1cLUZdAQizRTFBxS+Vh8bkFr52r5+rTxQQnQLBGhw/nhFFZA/fG9W1LjeEBhaTzrxbR0v6gpw1grinqlZEoONFXkLC/VVTGAD22HdKyZ2aCbDoI+LCdhuL50lfhfhAtWm0TpbPwmtZDLBQzTTK37f9Bz+RpttgjE4ZNTLvncfa2YIDZJ/D41MCszb8vPlqrb6UtfDOJ/wl0SB/7Rvc0cBFtd+EsgNQqNqXg7fmkGwJ6/3p8KUo/ocr9lv1NSxaQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: Paul Durrant <paul@xxxxxxx>
  • Delivery-date: Tue, 19 Apr 2022 10:49:18 +0000
  • Ironport-data: A9a23:Z+w91qP5WpFtqzrvrR3YlsFynXyQoLVcMsEvi/4bfWQNrUp0hGAEn 2sfC2nVbv+CYTDxeo8kbd+x8R4GvJLVn9RkSAto+SlhQUwRpJueD7x1DKtR0wB+jCHnZBg6h ynLQoCYdKjYdleF+lH1dOKJQUBUjclkfJKlYAL/En03FFcMpBsJ00o5wbZl298w2LBVPivW0 T/Mi5yHULOa82Yc3lI8s8pvfzs24ZweEBtB1rAPTagjUG32zhH5P7pGTU2FFFPqQ5E8IwKPb 72rIIdVXI/u10xF5tuNyt4Xe6CRK1LYFVDmZnF+A8BOjvXez8CbP2lS2Pc0MC9qZzu1c99Zl fQVqZORUlcVEZbLmMM6S0d+KnxTMvgTkFPHCSDXXc276WTjKiKp79AwSUY8MMsf5/p9BnxI+ boAMjcRYxufhuWwhrWmVu1rgcdlJ87uVG8dkig4kXeFUrB7HtaaHPuiCdxwhV/cguhnG/rEa tVfQj1odBnaODVEO0sNCYJ4l+Ct7pX6W2MJ8wPL9PJsi4TV5C164J2qL/TZRvG1FPUJrGexg Vv3w02sV3n2M/Tak1Jp6EmEhOXCgCf6U4I6D6Cj+7hhh1j77nweDlgaWEW2pdG9i1WiQJRPJ koM4C0soKMuskuxQbHVRxSlpFaUsxhaXMBfe9DW8ymIw6vQpgqcWG4NS2cYbMR87ZBoAzs3y lWOgtXlQyR1t6GYQm6c8bHSqi6uPS8SLikJYipsoRY53uQPabob1nrnJuuP2obs5jEpMVkcG wy3kRU=
  • Ironport-hdrordr: A9a23:SKVgcaCEIYzK6tblHej1sseALOsnbusQ8zAXPh9KJCC9I/bzqy nxpp8mPEfP+U0ssHFJo6HiBEEZKUmsuaKdkrNhR4tKOzOW91dATbsSoLcKpgeNJ8SQzJ876U 4NSclD4ZjLfCBHZKXBkUeF+rQbsb+6GcmT7I+woUuFDzsaEp2IhD0JaDpzZ3cGIDWucqBJca Z0iPAmmxOQPVAsKuirDHgMWObO4/fRkoj9XBIADxk7rCGTkDKB8tfBYlil9yZbdwkK7aYp8G DDnQC8zL6kqeuHxhjV0HKWx4hKmeHm1sBICKW3+4sow3TX+0SVjbZaKvm/VQMO0aaSAZER4Z /xSiIbToFOArXqDziISFXWqlHdOX0VmgLfIBej8AfeSIrCNXMH4oN69PxkmlGy0TtegPhslK 1MxG6XrJxREFfJmzn8/cHBU1VwmlOzumdKq59as5Vza/ppVFZql/1XwKqVKuZzIAvqrIQ8VO V+BsDV4/hbNVuccnDCp2FqhNihRG46EBuKSlUL/pX96UkdoFlpi08DgMAPlHYJ85wwD5FC+u TfK6xt0LVDVNUfY65xDPoIBcG3FmvOSxTRN3/6GyWtKIgXf3bW75Ln6rQ84++nPJQO0ZspgZ zEFEhVsGYjEniefvFmHKc7hiwlbF/NLQgFkPsulqSRkoeMN4bDIGmEVE0kldemrrEWHtDbMs zDTa5rPw==
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHYU9FUwjuogeCS0EWgGeBVFIanqKz3DoiA
  • Thread-topic: [PATCH] IOMMU: make domctl handler tolerate NULL domain

On 19/04/2022 10:39, Jan Beulich wrote:
> Besides the reporter's issue of hitting a NULL deref when !CONFIG_GDBSX,
> XEN_DOMCTL_test_assign_device can legitimately end up having NULL passed
> here, when the domctl was passed DOMID_INVALID.
>
> Fixes: 71e617a6b8f6 ("use is_iommu_enabled() where appropriate...")
> Reported-by: Cheyenne Wills <cheyenne.wills@xxxxxxxxx>
> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>

I disagree with the Reported-by tag here.  At best, it's "also noticed
while investigating".

Furthermore, under what circumstances is test_assign_device legitimate
when passing DOMID_INVALID ?  This has been broken for 3 years now
without report, so it's clearly an unused codepath under both xl's and
xapi's idea of passthrough.

Finally, as I said in Juergen's email.  The root cause of the bug
reported is that non-IOMMMU subops are ending up here.  That needs
fixing at the caller to iommu_do_domctl(), not inside it.

~Andrew



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.