Re: [PATCH 0/3] userfaultfd: allow to forbid unprivileged users

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Paolo Bonzini <pbonzini@redhat.com>
To: Andrea Arcangeli <aarcange@redhat.com>
Cc: Peter Xu <peterx@redhat.com>,
	Mike Kravetz <mike.kravetz@oracle.com>,
	linux-kernel@vger.kernel.org, Hugh Dickins <hughd@google.com>,
	Luis Chamberlain <mcgrof@kernel.org>,
	Maxime Coquelin <maxime.coquelin@redhat.com>,
	kvm@vger.kernel.org, Jerome Glisse <jglisse@redhat.com>,
	Pavel Emelyanov <xemul@virtuozzo.com>,
	Johannes Weiner <hannes@cmpxchg.org>,
	Martin Cracauer <cracauer@cons.org>,
	Denis Plotnikov <dplotnikov@virtuozzo.com>,
	linux-mm@kvack.org, Marty McFadden <mcfadden8@llnl.gov>,
	Maya Gokhale <gokhale2@llnl.gov>,
	Mike Rapoport <rppt@linux.vnet.ibm.com>,
	Kees Cook <keescook@chromium.org>, Mel Gorman <mgorman@suse.de>,
	"Kirill A . Shutemov" <kirill@shutemov.name>,
	linux-fsdevel@vger.kernel.org,
	"Dr . David Alan Gilbert" <dgilbert@redhat.com>,
Subject: Re: [PATCH 0/3] userfaultfd: allow to forbid unprivileged users
Date: Wed, 13 Mar 2019 15:12:28 -0400 (EDT)	[thread overview]
Message-ID: <1934896481.7779933.1552504348591.JavaMail.zimbra@redhat.com> (raw)
In-Reply-To: <20190313185230.GH25147@redhat.com>


> On Wed, Mar 13, 2019 at 09:22:31AM +0100, Paolo Bonzini wrote:
> Unless somebody suggests a consistent way to make hugetlbfs "just
> work" (like we could achieve clean with CRIU and KVM), I think Oracle
> will need a one liner change in the Oracle setup to echo into that
> file in addition of running the hugetlbfs mount.

Hi Andrea, can you explain more in detail the risks of enabling
userfaultfd for unprivileged users?

Paolo

> Note that DPDK host bridge process will also need a one liner change
> to do a dummy open/close of /dev/kvm to unblock the syscall.
> 
> Thanks,
> Andrea
>

WARNING: multiple messages have this Message-ID (diff)

From: Paolo Bonzini <pbonzini@redhat.com>
To: Andrea Arcangeli <aarcange@redhat.com>
Cc: Peter Xu <peterx@redhat.com>,
	Mike Kravetz <mike.kravetz@oracle.com>,
	linux-kernel@vger.kernel.org, Hugh Dickins <hughd@google.com>,
	Luis Chamberlain <mcgrof@kernel.org>,
	Maxime Coquelin <maxime.coquelin@redhat.com>,
	kvm@vger.kernel.org, Jerome Glisse <jglisse@redhat.com>,
	Pavel Emelyanov <xemul@virtuozzo.com>,
	Johannes Weiner <hannes@cmpxchg.org>,
	Martin Cracauer <cracauer@cons.org>,
	Denis Plotnikov <dplotnikov@virtuozzo.com>,
	linux-mm@kvack.org, Marty McFadden <mcfadden8@llnl.gov>,
	Maya Gokhale <gokhale2@llnl.gov>,
	Mike Rapoport <rppt@linux.vnet.ibm.com>,
	Kees Cook <keescook@chromium.org>, Mel Gorman <mgorman@suse.de>,
	"Kirill A . Shutemov" <kirill@shutemov.name>,
	linux-fsdevel@vger.kernel.org,
	"Dr . David Alan Gilbert" <dgilbert@redhat.com>,
	Andrew Morton <akpm@linux-foundation.org>
Subject: Re: [PATCH 0/3] userfaultfd: allow to forbid unprivileged users
Date: Wed, 13 Mar 2019 15:12:28 -0400 (EDT)	[thread overview]
Message-ID: <1934896481.7779933.1552504348591.JavaMail.zimbra@redhat.com> (raw)
In-Reply-To: <20190313185230.GH25147@redhat.com>


> On Wed, Mar 13, 2019 at 09:22:31AM +0100, Paolo Bonzini wrote:
> Unless somebody suggests a consistent way to make hugetlbfs "just
> work" (like we could achieve clean with CRIU and KVM), I think Oracle
> will need a one liner change in the Oracle setup to echo into that
> file in addition of running the hugetlbfs mount.

Hi Andrea, can you explain more in detail the risks of enabling
userfaultfd for unprivileged users?

Paolo

> Note that DPDK host bridge process will also need a one liner change
> to do a dummy open/close of /dev/kvm to unblock the syscall.
> 
> Thanks,
> Andrea
>

next prev parent reply	other threads:[~2019-03-13 19:12 UTC|newest]

Thread overview: 57+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-03-11  9:36 [PATCH 0/3] userfaultfd: allow to forbid unprivileged users Peter Xu
2019-03-11  9:36 ` Peter Xu
2019-03-11  9:36 ` [PATCH 1/3] userfaultfd/sysctl: introduce unprivileged_userfaultfd Peter Xu
2019-03-11  9:36   ` Peter Xu
2019-03-12  6:58   ` Mike Rapoport
2019-03-12  6:58     ` Mike Rapoport
2019-03-12 12:26     ` Peter Xu
2019-03-12 12:26       ` Peter Xu
2019-03-12 13:53       ` Mike Rapoport
2019-03-12 13:53         ` Mike Rapoport
2019-03-11  9:37 ` [PATCH 2/3] kvm/mm: introduce MMF_USERFAULTFD_ALLOW flag Peter Xu
2019-03-11  9:37   ` Peter Xu
2019-03-11  9:37 ` [PATCH 3/3] userfaultfd: apply unprivileged_userfaultfd check Peter Xu
2019-03-11  9:37   ` Peter Xu
2019-03-11  9:58   ` Peter Xu
2019-03-11  9:58     ` Peter Xu
2019-03-12  7:01 ` [PATCH 0/3] userfaultfd: allow to forbid unprivileged users Mike Rapoport
2019-03-12  7:01   ` Mike Rapoport
2019-03-12 12:29   ` Peter Xu
2019-03-12 12:29     ` Peter Xu
2019-03-12  7:49 ` Kirill A. Shutemov
2019-03-12  7:49   ` Kirill A. Shutemov
2019-03-12  7:49   ` Kirill A. Shutemov
2019-03-12 12:43   ` Peter Xu
2019-03-12 12:43     ` Peter Xu
2019-03-12 12:43     ` Peter Xu
2019-03-12 19:59 ` Mike Kravetz
2019-03-12 19:59   ` Mike Kravetz
2019-03-13  6:00   ` Peter Xu
2019-03-13  6:00     ` Peter Xu
2019-03-13  8:22     ` Paolo Bonzini
2019-03-13  8:22       ` Paolo Bonzini
2019-03-13 18:52       ` Andrea Arcangeli
2019-03-13 18:52         ` Andrea Arcangeli
2019-03-13 19:12         ` Paolo Bonzini [this message]
2019-03-13 19:12           ` Paolo Bonzini
2019-03-13 23:44           ` Andrea Arcangeli
2019-03-13 23:44             ` Andrea Arcangeli
2019-03-14 10:58             ` Paolo Bonzini
2019-03-14 10:58               ` Paolo Bonzini
2019-03-14 15:23               ` Alexei Starovoitov
2019-03-14 15:23                 ` Alexei Starovoitov
2019-03-14 16:00                 ` Paolo Bonzini
2019-03-14 16:00                   ` Paolo Bonzini
2019-03-14 16:16               ` Andrea Arcangeli
2019-03-14 16:16                 ` Andrea Arcangeli
2019-03-15 16:09                 ` Kees Cook
2019-03-15 16:09                   ` Kees Cook
2019-03-13 20:01         ` Mike Kravetz
2019-03-13 23:55           ` Andrea Arcangeli
2019-03-13 23:55             ` Andrea Arcangeli
2019-03-14  3:32             ` Mike Kravetz
2019-03-14  3:32               ` Mike Kravetz
2019-03-13 17:50     ` Mike Kravetz
2019-03-13 17:50       ` Mike Kravetz
2019-03-15  8:26       ` Peter Xu
2019-03-15  8:26         ` Peter Xu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1934896481.7779933.1552504348591.JavaMail.zimbra@redhat.com \
    --to=pbonzini@redhat.com \
    --cc=aarcange@redhat.com \
    --cc=cracauer@cons.org \
    --cc=dgilbert@redhat.com \
    --cc=dplotnikov@virtuozzo.com \
    --cc=gokhale2@llnl.gov \
    --cc=hannes@cmpxchg.org \
    --cc=hughd@google.com \
    --cc=jglisse@redhat.com \
    --cc=keescook@chromium.org \
    --cc=kirill@shutemov.name \
    --cc=kvm@vger.kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=maxime.coquelin@redhat.com \
    --cc=mcfadden8@llnl.gov \
    --cc=mcgrof@kernel.org \
    --cc=mgorman@suse.de \
    --cc=mike.kravetz@oracle.com \
    --cc=peterx@redhat.com \
    --cc=rppt@linux.vnet.ibm.com \
    --cc=xemul@virtuozzo.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.