From: Stefan Hajnoczi <stefanha@redhat.com>
To: elena.reshetova@intel.com
Cc: "Michael S. Tsirkin" <mst@redhat.com>,
virtio-dev@lists.oasis-open.org, virtualization@lists.linux.dev
Subject: [virtio-dev] Using packed virtqueues in Confidential VMs
Date: Thu, 16 Nov 2023 15:02:45 -0500 [thread overview]
Message-ID: <20231116200245.GA336841@fedora> (raw)
[-- Attachment #1: Type: text/plain, Size: 1819 bytes --]
Hi Elena,
You raised concerns about using packed virtqueues with untrusted devices at
Linux Plumbers Conference. I reviewed the specification and did not find
fundamental issues that would preclude the use of packed virtqueues in
untrusted devices. Do you have more information about issues with packed
virtqueues?
I also reviewed Linux's virtio_ring.c to look for implementation issues. One
thing I noticed was that detach_buf_packed -> vring_unmap_desc_packed trusts
the fields of indirect descriptors that have been mapped to the device:
flags = le16_to_cpu(desc->flags);
dma_unmap_page(vring_dma_dev(vq),
le64_to_cpu(desc->addr),
le32_to_cpu(desc->len),
(flags & VRING_DESC_F_WRITE) ?
DMA_FROM_DEVICE : DMA_TO_DEVICE);
This could be problematic if the device is able to modify indirect descriptors.
However, the indirect descriptor table is mapped with DMA_TO_DEVICE:
addr = vring_map_single(vq, desc,
total_sg * sizeof(struct vring_packed_desc),
DMA_TO_DEVICE);
There is no problem when there is an enforcing IOMMU that maps the page with
read-only permissions but that's not always the case. Software devices (QEMU,
vhost kernel, or vhost-user) usually have full access to guest RAM. They can
cause dma_unmap_page() to be invoked with arguments of their choice (except for
the first argument) by modifying indirect descriptors.
I am not sure if this poses a danger since software devices already have access
to guest RAM, but I think this code is risky. It would be safer for the driver
to stash away the arguments needed for dma_unmap_page() in memory that is not
mapped to the device.
Other than that, I didn't find any issues with the packed virtqueue
implementation.
Stefan
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
next reply other threads:[~2023-11-16 22:22 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-16 20:02 Stefan Hajnoczi [this message]
2023-11-16 22:26 ` [virtio-dev] Re: Using packed virtqueues in Confidential VMs Michael S. Tsirkin
[not found] ` <DM8PR11MB5750765B1310C904A8B1B00BE7B4A@DM8PR11MB5750.namprd11.prod.outlook.com>
2023-11-20 11:02 ` Stefan Hajnoczi
2023-11-20 12:29 ` Michael S. Tsirkin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231116200245.GA336841@fedora \
--to=stefanha@redhat.com \
--cc=elena.reshetova@intel.com \
--cc=mst@redhat.com \
--cc=virtio-dev@lists.oasis-open.org \
--cc=virtualization@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).