[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] xen/arm: fix gnttab_need_iommu_mapping

Hi Stefano,

On 09/02/2021 01:57, Stefano Stabellini wrote:
On Mon, 8 Feb 2021, Julien Grall wrote:
On Mon, 8 Feb 2021 at 20:24, Stefano Stabellini <sstabellini@xxxxxxxxxx> wrote:
@Ian, I think this wants to go in 4.15. Without it, Xen may receive an IOMMU
fault for DMA transaction using granted page.

Backport: 4.12+


Given the severity of the bug, I would like to request this patch to be
backported to 4.12 too, even if 4.12 is security-fixes only since Oct

I would agree that the bug is bad, but it is not clear to me why this would be
warrant for an exception for backporting. Can you outline what's the worse
that can happen?

Correct me if I am wrong, if one can hit this error, then it should be pretty
reliable. Therefore, anyone wanted to use 4.12 in production should have seen
if the error on there setup by now (4.12 has been out for nearly two years).
If not, then they are most likely not affected.

Any new users of Xen should use the latest stable rather than starting with an
old version.

Yes, the bug reproduces reliably but it takes more than a smoke test to
find it. That's why it wasn't found by OSSTest and also our internal
CI-loop at Xilinx.

Ok. So a user should be able to catch it during testing, is that correct?

Yes, probably. The failure is that PV drivers do not work (they trigger
the IOMMU fault), specifically PV network and block, maybe others too.

I think it is unlikely but possible that an hardware update would also
trigger the bug. For instance, a change of the network card might
trigger the bug, if the previous network card driver was always bouncing
requests on bounce buffers, while the new drivers uses the provided
memory pages directly. I don't know how realistic this scenario is.

Users can be very slow at upgrading, so I am worried that 4.12 might still
be picked by somebody, especially given that it is still security
supported for a while.

Don't tell me about upgrading Xen... ;) But I am a bit confused, are
you worried about existing users or new users?

I am mostly worried about people that start using 4.12.

I think it would be a big mistake for anyone to start using 4.12 now. I can already cite a few bugs (including in the SMMU driver) that haven't been backport to 4.12 . This is only going to be worse as it is not stable anymore.

It is also not clear why someone would decide to use 4.12 when 4.13/4.14 are still supported and will also come with an extra 1 year and half security support.

If a user was already on 4.12 and not seeing any errors, they are
unlikely to see this error. It would only happen if:
- they didn't use PV drivers before, and they want to start using PV
   drivers now
- they are upgrading hardware (not sure how likely to happen, see above)

Right, if you decide to switch device or upgrade HW, then you may also face other issues either in Xen or Linux.

Once a tree is out of support, we make no promise that it will work on new setup (including dom0 software). We only promise that it will continue to work on existing setup and we will address security issue.

- is the submitter willing to provide the backport?
- is the backport low-risk?
- is the underlying bug important?

You wrote multiple times that this is serious but it is still not
clear what's the worse that can happen...

PV drivers don't work: each data transfer involving granted pages causes
an IOMMU fault.
Based on all the information you provided, this is not a fix I would recommend to backport to 4.12 because it is only impacting new/upgraded system (software or HW).


Julien Grall



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.