From: "Michael S. Tsirkin" <mst@redhat.com>
To: Frank Yang <lfy@google.com>
Cc: virtio-comment@lists.oasis-open.org,
Roman Kiryanov <rkir@google.com>,
"Dr. David Alan Gilbert" <dgilbert@redhat.com>,
Gerd Hoffmann <kraxel@redhat.com>,
Stefan Hajnoczi <stefanha@redhat.com>,
Christoffer Dall <christoffer.dall@arm.com>
Subject: [virtio-comment] Re: RFC v2: virtio-hostmem: static, guest-owned memory regions
Date: Thu, 7 Mar 2019 13:31:14 -0500 [thread overview]
Message-ID: <20190307132849-mutt-send-email-mst@kernel.org> (raw)
In-Reply-To: <CAEkmjvXUGA0m42hnGWkLL2J4YhL7f6=_cW7pzacTG8u8J12j0w@mail.gmail.com>
On Mon, Mar 04, 2019 at 09:57:06AM -0800, Frank Yang wrote:
> - Security model is pushed to the guest-specific layers like selinux; it is
> possible (and this is useful) for a physical page to be shared across guest
> processes, and it is up to the guest's current security model to enforce
> malicious apps not having access.
However mechanisms such as selinux are all kernel based. In your scheme
kernel has no knowledge about the content of the memory and data flows
through direct mmap to guest userspace bypassing guest kernel. I don't
see how you will be able to come up with an selinux policy to decide
which memory is safe to share.
--
MST
This publicly archived list offers a means to provide input to the
OASIS Virtual I/O Device (VIRTIO) TC.
In order to verify user consent to the Feedback License terms and
to minimize spam in the list archive, subscription is required
before posting.
Subscribe: virtio-comment-subscribe@lists.oasis-open.org
Unsubscribe: virtio-comment-unsubscribe@lists.oasis-open.org
List help: virtio-comment-help@lists.oasis-open.org
List archive: https://lists.oasis-open.org/archives/virtio-comment/
Feedback License: https://www.oasis-open.org/who/ipr/feedback_license.pdf
List Guidelines: https://www.oasis-open.org/policies-guidelines/mailing-lists
Committee: https://www.oasis-open.org/committees/virtio/
Join OASIS: https://www.oasis-open.org/join/
prev parent reply other threads:[~2019-03-07 18:31 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-04 17:57 [virtio-comment] RFC v2: virtio-hostmem: static, guest-owned memory regions Frank Yang
2019-03-06 16:58 ` [virtio-comment] " Stefan Hajnoczi
2019-03-07 17:34 ` [virtio-comment] " Dr. David Alan Gilbert
2019-03-07 18:31 ` Michael S. Tsirkin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190307132849-mutt-send-email-mst@kernel.org \
--to=mst@redhat.com \
--cc=christoffer.dall@arm.com \
--cc=dgilbert@redhat.com \
--cc=kraxel@redhat.com \
--cc=lfy@google.com \
--cc=rkir@google.com \
--cc=stefanha@redhat.com \
--cc=virtio-comment@lists.oasis-open.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.