Linux Kernel VFIO PDS Driver Detach IOAS Operation Missing Vulnerability

A vulnerability exists in the Linux kernel's VFIO PDS driver due to a missing detach IOAS operation. This issue arises when the IOMMUFD configuration is enabled and a device is bound to the PDS VFIO PCI driver. The absence of the detach IOAS operation causes the device probe to fail, generating a warning message and an error. The vulnerability has been addressed by incorporating the generic detach IOAS function into the driver operations.

Impact

The missing detach IOAS operation can lead to improper management of IOMMU address spaces, potentially causing issues with device memory access and virtualization.

Reproduction

To reproduce this vulnerability, enable the IOMMUFD configuration in the Linux kernel. Then, bind a device to the PDS VFIO PCI driver. The device probe will fail, and a warning will be generated, indicating that the detach IOAS operation is not set. This can be observed in the VFIO device registration process, where the missing operation leads to an error, causing the probe to fail.

Remediation

The vulnerability has been fixed in the Linux kernel by adding the missing detach IOAS operation to the PDS VFIO PCI driver. Users should upgrade to the latest version of the Linux kernel where this fix has been applied.