Re: [for-4.15][PATCH v3 1/3] xen/iommu: x86: Clear the root page-table before freeing the page-tables

Hi Jan,

On 17/02/2021 14:54, Jan Beulich wrote:
On 17.02.2021 15:24, Julien Grall wrote:
--- a/xen/drivers/passthrough/x86/iommu.c
+++ b/xen/drivers/passthrough/x86/iommu.c
@@ -267,6 +267,15 @@ int iommu_free_pgtables(struct domain *d)
      struct page_info *pg;
      unsigned int done = 0;
+ if ( !is_iommu_enabled(d) )
+        return 0;
+    /*
+     * Pages will be moved to the free list below. So we want to
+     * clear the root page-table to avoid any potential use after-free.
+     */
+    hd->platform_ops->clear_root_pgtable(d);

Taking amd_iommu_alloc_root() as example, is this really correct
prior to what is now patch 2?

Yes, there are no more use-after-free...
What guarantees a new root table
won't get allocated subsequently?

It doesn't prevent root table allocation. I view the two as distincts issues, hence the two patches.


Julien Grall



