Linux-PCI Archive on lore.kernel.org
 help / color / Atom feed
From: Bjorn Helgaas <helgaas@kernel.org>
To: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Cc: alex.williamson@redhat.com, herbert@gondor.apana.org.au,
	cohuck@redhat.com, nhorman@redhat.com, vdronov@redhat.com,
	bhelgaas@google.com, mark.a.chambers@intel.com,
	gordon.mcfadden@intel.com, ahsan.atta@intel.com,
	qat-linux@intel.com, kvm@vger.kernel.org,
	linux-crypto@vger.kernel.org, linux-pci@vger.kernel.org,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCH 3/5] vfio/pci: add qat devices to blocklist
Date: Wed, 1 Jul 2020 16:28:12 -0500
Message-ID: <20200701212812.GA3661715@bjorn-Precision-5520> (raw)
In-Reply-To: <20200701110302.75199-4-giovanni.cabiddu@intel.com>

On Wed, Jul 01, 2020 at 12:03:00PM +0100, Giovanni Cabiddu wrote:
> The current generation of Intel® QuickAssist Technology devices
> are not designed to run in an untrusted environment because of the
> following issues reported in the release notes in
> https://01.org/intel-quickassist-technology:

It would be nice if this link were directly clickable, e.g., if there
were no trailing ":" or something.

And it would be even better if it went to a specific doc that
described these issues.  I assume these are errata, and it's not easy
to figure out which doc mentions them.

> QATE-39220 - GEN - Intel® QAT API submissions with bad addresses that
>              trigger DMA to invalid or unmapped addresses can cause a
>              platform hang
> QATE-7495  - GEN - An incorrectly formatted request to Intel® QAT can
>              hang the entire Intel® QAT Endpoint
> 
> This patch adds the following QAT devices to the blocklist: DH895XCC,
> C3XXX and C62X.
> 
> Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
> ---
>  drivers/vfio/pci/vfio_pci.c | 15 +++++++++++++++
>  1 file changed, 15 insertions(+)
> 
> diff --git a/drivers/vfio/pci/vfio_pci.c b/drivers/vfio/pci/vfio_pci.c
> index ea5904ca6cbf..dcac5408c764 100644
> --- a/drivers/vfio/pci/vfio_pci.c
> +++ b/drivers/vfio/pci/vfio_pci.c
> @@ -75,6 +75,21 @@ static inline bool vfio_vga_disabled(void)
>  
>  static bool vfio_pci_dev_in_blocklist(struct pci_dev *pdev)
>  {
> +	switch (pdev->vendor) {
> +	case PCI_VENDOR_ID_INTEL:
> +		switch (pdev->device) {
> +		case PCI_DEVICE_ID_INTEL_QAT_C3XXX:
> +		case PCI_DEVICE_ID_INTEL_QAT_C3XXX_VF:
> +		case PCI_DEVICE_ID_INTEL_QAT_C62X:
> +		case PCI_DEVICE_ID_INTEL_QAT_C62X_VF:
> +		case PCI_DEVICE_ID_INTEL_QAT_DH895XCC:
> +		case PCI_DEVICE_ID_INTEL_QAT_DH895XCC_VF:
> +			return true;
> +		default:
> +			return false;
> +		}
> +	}
> +
>  	return false;
>  }
>  
> -- 
> 2.26.2
> 

  reply index

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-07-01 11:02 [PATCH 0/5] vfio/pci: add blocklist and disable qat Giovanni Cabiddu
2020-07-01 11:02 ` [PATCH 1/5] PCI: add Intel QuickAssist device IDs Giovanni Cabiddu
2020-07-01 21:16   ` Bjorn Helgaas
2020-07-01 11:02 ` [PATCH 2/5] vfio/pci: add device blocklist Giovanni Cabiddu
2020-07-01 21:24   ` Bjorn Helgaas
2020-07-01 11:03 ` [PATCH 3/5] vfio/pci: add qat devices to blocklist Giovanni Cabiddu
2020-07-01 21:28   ` Bjorn Helgaas [this message]
2020-07-10 15:08     ` Giovanni Cabiddu
2020-07-10 15:37       ` Bjorn Helgaas
2020-07-10 15:44         ` Bjorn Helgaas
2020-07-10 16:10           ` Alex Williamson
2020-07-10 16:22             ` Giovanni Cabiddu
2020-07-01 11:03 ` [PATCH 4/5] crypto: qat - replace device ids defines Giovanni Cabiddu
2020-07-01 11:03 ` [PATCH 5/5] crypto: qat - use PCI_VDEVICE Giovanni Cabiddu
2020-07-01 12:42 ` [PATCH 0/5] vfio/pci: add blocklist and disable qat Christoph Hellwig
2020-07-10 15:48   ` Christoph Hellwig
2020-07-10 16:13     ` Giovanni Cabiddu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200701212812.GA3661715@bjorn-Precision-5520 \
    --to=helgaas@kernel.org \
    --cc=ahsan.atta@intel.com \
    --cc=alex.williamson@redhat.com \
    --cc=bhelgaas@google.com \
    --cc=cohuck@redhat.com \
    --cc=giovanni.cabiddu@intel.com \
    --cc=gordon.mcfadden@intel.com \
    --cc=herbert@gondor.apana.org.au \
    --cc=kvm@vger.kernel.org \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-pci@vger.kernel.org \
    --cc=mark.a.chambers@intel.com \
    --cc=nhorman@redhat.com \
    --cc=qat-linux@intel.com \
    --cc=vdronov@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-PCI Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-pci/0 linux-pci/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-pci linux-pci/ https://lore.kernel.org/linux-pci \
		linux-pci@vger.kernel.org
	public-inbox-index linux-pci

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-pci


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git