From: Jason Gunthorpe <jgg@nvidia.com>
To: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Parav Pandit <parav@nvidia.com>,
Christoph Hellwig <hch@infradead.org>,
Yishai Hadas <yishaih@nvidia.com>,
"alex.williamson@redhat.com" <alex.williamson@redhat.com>,
"jasowang@redhat.com" <jasowang@redhat.com>,
"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
"virtualization@lists.linux-foundation.org"
<virtualization@lists.linux-foundation.org>,
Feng Liu <feliu@nvidia.com>, Jiri Pirko <jiri@nvidia.com>,
"kevin.tian@intel.com" <kevin.tian@intel.com>,
"joao.m.martins@oracle.com" <joao.m.martins@oracle.com>,
Leon Romanovsky <leonro@nvidia.com>,
Maor Gottlieb <maorg@nvidia.com>
Subject: Re: [PATCH vfio 10/11] vfio/virtio: Expose admin commands over virtio device
Date: Wed, 11 Oct 2023 14:20:14 -0300 [thread overview]
Message-ID: <20231011172014.GB3952@nvidia.com> (raw)
In-Reply-To: <20231011130018-mutt-send-email-mst@kernel.org>
On Wed, Oct 11, 2023 at 01:03:09PM -0400, Michael S. Tsirkin wrote:
> On Wed, Oct 11, 2023 at 09:18:49AM -0300, Jason Gunthorpe wrote:
> > The simple way to be sure is to never touch the PCI function that has
> > DMA assigned to a VM from the hypervisor, except through config space.
>
> What makes config space different that it's safe though?
Hypervisor fully mediates it and it is not accessible to P2P attacks.
> Isn't this more of a "we can't avoid touching config space" than
> that it's safe? The line doesn't look that bright to me -
> if there's e.g. a memory area designed explicitly for
> hypervisor to poke at, that seems fine.
It is not.
Jason
next prev parent reply other threads:[~2023-10-11 17:20 UTC|newest]
Thread overview: 321+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-21 12:40 [PATCH vfio 00/11] Introduce a vfio driver over virtio devices Yishai Hadas via Virtualization
2023-09-21 12:40 ` Yishai Hadas
2023-09-21 12:40 ` [PATCH vfio 01/11] virtio-pci: Use virtio pci device layer vq info instead of generic one Yishai Hadas via Virtualization
2023-09-21 12:40 ` Yishai Hadas
2023-09-21 13:46 ` Michael S. Tsirkin
2023-09-21 13:46 ` Michael S. Tsirkin
2023-09-26 19:13 ` Feng Liu via Virtualization
2023-09-26 19:13 ` Feng Liu
2023-09-27 18:09 ` Feng Liu via Virtualization
2023-09-27 18:09 ` Feng Liu
2023-09-27 21:24 ` Michael S. Tsirkin
2023-09-27 21:24 ` Michael S. Tsirkin
2023-09-21 12:40 ` [PATCH vfio 02/11] virtio: Define feature bit for administration virtqueue Yishai Hadas via Virtualization
2023-09-21 12:40 ` Yishai Hadas
2023-09-21 12:40 ` [PATCH vfio 03/11] virtio-pci: Introduce admin virtqueue Yishai Hadas via Virtualization
2023-09-21 12:40 ` Yishai Hadas
2023-09-21 13:57 ` Michael S. Tsirkin
2023-09-21 13:57 ` Michael S. Tsirkin
2023-09-26 19:23 ` Feng Liu via Virtualization
2023-09-26 19:23 ` Feng Liu
2023-09-27 18:12 ` Feng Liu via Virtualization
2023-09-27 18:12 ` Feng Liu
2023-09-27 21:27 ` Michael S. Tsirkin
2023-09-27 21:27 ` Michael S. Tsirkin
2023-10-02 18:07 ` Feng Liu via Virtualization
2023-10-02 18:07 ` Feng Liu
2023-09-21 12:40 ` [PATCH vfio 04/11] virtio: Expose the synchronous command helper function Yishai Hadas via Virtualization
2023-09-21 12:40 ` Yishai Hadas
2023-09-21 12:40 ` [PATCH vfio 05/11] virtio-pci: Introduce admin command sending function Yishai Hadas via Virtualization
2023-09-21 12:40 ` Yishai Hadas
2023-09-21 12:40 ` [PATCH vfio 06/11] virtio-pci: Introduce API to get PF virtio device from VF PCI device Yishai Hadas via Virtualization
2023-09-21 12:40 ` Yishai Hadas
2023-09-21 12:40 ` [PATCH vfio 07/11] virtio-pci: Introduce admin commands Yishai Hadas via Virtualization
2023-09-21 12:40 ` Yishai Hadas
2023-09-24 5:18 ` kernel test robot
2023-09-24 5:18 ` kernel test robot
2023-09-25 3:18 ` kernel test robot
2023-09-25 3:18 ` kernel test robot
2023-09-21 12:40 ` [PATCH vfio 08/11] vfio/pci: Expose vfio_pci_core_setup_barmap() Yishai Hadas via Virtualization
2023-09-21 12:40 ` Yishai Hadas
2023-09-21 16:35 ` Alex Williamson
2023-09-21 16:35 ` Alex Williamson
2023-09-26 9:45 ` Yishai Hadas via Virtualization
2023-09-26 9:45 ` Yishai Hadas
2023-09-21 12:40 ` [PATCH vfio 09/11] vfio/pci: Expose vfio_pci_iowrite/read##size() Yishai Hadas via Virtualization
2023-09-21 12:40 ` Yishai Hadas
2023-09-21 12:40 ` [PATCH vfio 10/11] vfio/virtio: Expose admin commands over virtio device Yishai Hadas via Virtualization
2023-09-21 12:40 ` Yishai Hadas
2023-09-21 13:08 ` Michael S. Tsirkin
2023-09-21 13:08 ` Michael S. Tsirkin
2023-09-21 20:34 ` Michael S. Tsirkin
2023-09-21 20:34 ` Michael S. Tsirkin
2023-09-26 10:51 ` Yishai Hadas via Virtualization
2023-09-26 10:51 ` Yishai Hadas
2023-09-26 11:25 ` Michael S. Tsirkin
2023-09-26 11:25 ` Michael S. Tsirkin
2023-09-22 9:54 ` Michael S. Tsirkin
2023-09-22 9:54 ` Michael S. Tsirkin
2023-09-26 11:14 ` Yishai Hadas via Virtualization
2023-09-26 11:14 ` Yishai Hadas
2023-09-26 11:41 ` Michael S. Tsirkin
2023-09-26 11:41 ` Michael S. Tsirkin
2023-09-27 13:18 ` Jason Gunthorpe
2023-09-27 21:30 ` Michael S. Tsirkin
2023-09-27 21:30 ` Michael S. Tsirkin
2023-09-27 23:16 ` Jason Gunthorpe
2023-09-28 5:26 ` Michael S. Tsirkin
2023-09-28 5:26 ` Michael S. Tsirkin
2023-10-02 6:28 ` Christoph Hellwig
2023-10-02 6:28 ` Christoph Hellwig
2023-10-02 15:13 ` Jason Gunthorpe
2023-10-05 8:49 ` Christoph Hellwig
2023-10-05 8:49 ` Christoph Hellwig
2023-10-05 11:10 ` Jason Gunthorpe
2023-10-06 13:09 ` Christoph Hellwig
2023-10-06 13:09 ` Christoph Hellwig
2023-10-10 13:10 ` Jason Gunthorpe
2023-10-10 13:56 ` Michael S. Tsirkin
2023-10-10 13:56 ` Michael S. Tsirkin
2023-10-10 14:08 ` Jason Gunthorpe
2023-10-10 14:54 ` Michael S. Tsirkin
2023-10-10 14:54 ` Michael S. Tsirkin
2023-10-10 15:09 ` Yishai Hadas via Virtualization
2023-10-10 15:09 ` Yishai Hadas
2023-10-10 15:14 ` Michael S. Tsirkin
2023-10-10 15:14 ` Michael S. Tsirkin
2023-10-10 15:43 ` Yishai Hadas via Virtualization
2023-10-10 15:43 ` Yishai Hadas
2023-10-10 15:58 ` Parav Pandit via Virtualization
2023-10-10 15:58 ` Parav Pandit
2023-10-10 15:58 ` Michael S. Tsirkin
2023-10-10 15:58 ` Michael S. Tsirkin
2023-10-10 16:09 ` Yishai Hadas via Virtualization
2023-10-10 16:09 ` Yishai Hadas
2023-10-10 20:42 ` Michael S. Tsirkin
2023-10-10 20:42 ` Michael S. Tsirkin
2023-10-11 7:44 ` Yishai Hadas via Virtualization
2023-10-11 7:44 ` Yishai Hadas
2023-10-11 8:02 ` Michael S. Tsirkin
2023-10-11 8:02 ` Michael S. Tsirkin
2023-10-11 8:58 ` Yishai Hadas via Virtualization
2023-10-11 8:58 ` Yishai Hadas
2023-10-11 9:03 ` Michael S. Tsirkin
2023-10-11 9:03 ` Michael S. Tsirkin
2023-10-11 11:25 ` Yishai Hadas via Virtualization
2023-10-11 11:25 ` Yishai Hadas
2023-10-11 6:12 ` Christoph Hellwig
2023-10-11 6:12 ` Christoph Hellwig
2023-10-10 15:59 ` Jason Gunthorpe
2023-10-10 16:03 ` Michael S. Tsirkin
2023-10-10 16:03 ` Michael S. Tsirkin
2023-10-10 16:07 ` Jason Gunthorpe
2023-10-10 16:21 ` Parav Pandit via Virtualization
2023-10-10 16:21 ` Parav Pandit
2023-10-10 20:38 ` Michael S. Tsirkin
2023-10-10 20:38 ` Michael S. Tsirkin
2023-10-11 6:13 ` Christoph Hellwig
2023-10-11 6:13 ` Christoph Hellwig
2023-10-11 6:43 ` Michael S. Tsirkin
2023-10-11 6:43 ` Michael S. Tsirkin
2023-10-11 6:59 ` Christoph Hellwig
2023-10-11 6:59 ` Christoph Hellwig
2023-10-11 8:00 ` Parav Pandit via Virtualization
2023-10-11 8:00 ` Parav Pandit
2023-10-11 8:10 ` Michael S. Tsirkin
2023-10-11 8:10 ` Michael S. Tsirkin
2023-10-11 12:18 ` Jason Gunthorpe
2023-10-11 17:03 ` Michael S. Tsirkin
2023-10-11 17:03 ` Michael S. Tsirkin
2023-10-11 17:20 ` Jason Gunthorpe [this message]
2023-10-11 17:05 ` Michael S. Tsirkin
2023-10-11 17:05 ` Michael S. Tsirkin
2023-10-12 10:29 ` Zhu, Lingshan
2023-10-12 10:29 ` Zhu, Lingshan
2023-10-12 13:27 ` Jason Gunthorpe
2023-10-13 10:28 ` Zhu, Lingshan
2023-10-13 13:50 ` Michael S. Tsirkin
2023-10-13 13:50 ` Michael S. Tsirkin
2023-10-16 8:33 ` Zhu, Lingshan
2023-10-16 8:33 ` Zhu, Lingshan
2023-10-16 8:52 ` Michael S. Tsirkin
2023-10-16 8:52 ` Michael S. Tsirkin
2023-10-16 9:53 ` Zhu, Lingshan
2023-10-16 9:53 ` Zhu, Lingshan
2023-10-11 8:12 ` Michael S. Tsirkin
2023-10-11 8:12 ` Michael S. Tsirkin
2023-10-12 10:30 ` Zhu, Lingshan
2023-10-12 10:30 ` Zhu, Lingshan
2023-10-11 6:26 ` Christoph Hellwig
2023-10-11 6:26 ` Christoph Hellwig
2023-10-11 13:57 ` Jason Gunthorpe
2023-10-11 14:17 ` Christoph Hellwig
2023-10-11 14:17 ` Christoph Hellwig
2023-10-11 14:58 ` Jason Gunthorpe
2023-10-11 16:59 ` Michael S. Tsirkin
2023-10-11 16:59 ` Michael S. Tsirkin
2023-10-11 17:19 ` Jason Gunthorpe
2023-10-11 20:20 ` Michael S. Tsirkin
2023-10-11 20:20 ` Michael S. Tsirkin
2023-09-21 12:40 ` [PATCH vfio 11/11] vfio/virtio: Introduce a vfio driver over virtio devices Yishai Hadas via Virtualization
2023-09-21 12:40 ` Yishai Hadas
2023-09-21 13:16 ` Michael S. Tsirkin
2023-09-21 13:16 ` Michael S. Tsirkin
2023-09-21 14:11 ` Jason Gunthorpe
2023-09-21 14:16 ` Michael S. Tsirkin
2023-09-21 14:16 ` Michael S. Tsirkin
2023-09-21 16:41 ` Jason Gunthorpe
2023-09-21 16:53 ` Michael S. Tsirkin
2023-09-21 16:53 ` Michael S. Tsirkin
2023-09-21 18:39 ` Jason Gunthorpe
2023-09-21 19:13 ` Michael S. Tsirkin
2023-09-21 19:13 ` Michael S. Tsirkin
2023-09-21 19:49 ` Jason Gunthorpe
2023-09-21 20:45 ` Michael S. Tsirkin
2023-09-21 20:45 ` Michael S. Tsirkin
2023-09-21 22:55 ` Jason Gunthorpe
2023-09-22 3:02 ` Jason Wang
2023-09-22 3:02 ` Jason Wang
2023-09-22 11:23 ` Michael S. Tsirkin
2023-09-22 11:23 ` Michael S. Tsirkin
2023-09-22 12:15 ` Jason Gunthorpe
2023-09-22 3:01 ` Jason Wang
2023-09-22 3:01 ` Jason Wang
2023-09-22 12:11 ` Jason Gunthorpe
2023-09-25 2:34 ` Jason Wang
2023-09-25 2:34 ` Jason Wang
2023-09-25 12:26 ` Jason Gunthorpe
2023-09-25 19:44 ` Michael S. Tsirkin
2023-09-25 19:44 ` Michael S. Tsirkin
2023-09-26 0:40 ` Jason Gunthorpe
2023-09-26 5:34 ` Michael S. Tsirkin
2023-09-26 5:34 ` Michael S. Tsirkin
2023-09-26 5:42 ` Michael S. Tsirkin
2023-09-26 5:42 ` Michael S. Tsirkin
2023-09-26 13:50 ` Jason Gunthorpe
2023-09-27 21:38 ` Michael S. Tsirkin
2023-09-27 21:38 ` Michael S. Tsirkin
2023-09-27 23:20 ` Jason Gunthorpe
2023-09-28 5:31 ` Michael S. Tsirkin
2023-09-28 5:31 ` Michael S. Tsirkin
2023-09-26 4:37 ` Jason Wang
2023-09-26 4:37 ` Jason Wang
2023-09-26 5:33 ` Parav Pandit via Virtualization
2023-09-26 5:33 ` Parav Pandit
2023-09-21 19:17 ` Michael S. Tsirkin
2023-09-21 19:17 ` Michael S. Tsirkin
2023-09-21 19:51 ` Jason Gunthorpe
2023-09-21 20:55 ` Michael S. Tsirkin
2023-09-21 20:55 ` Michael S. Tsirkin
2023-09-21 23:08 ` Jason Gunthorpe
2023-09-25 4:44 ` Zhu, Lingshan
2023-09-25 4:44 ` Zhu, Lingshan
2023-09-22 3:45 ` Zhu, Lingshan
2023-09-22 3:45 ` Zhu, Lingshan
2023-09-21 13:33 ` Michael S. Tsirkin
2023-09-21 13:33 ` Michael S. Tsirkin
2023-09-21 16:43 ` Alex Williamson
2023-09-21 16:43 ` Alex Williamson
2023-09-21 16:52 ` Jason Gunthorpe
2023-09-21 17:01 ` Michael S. Tsirkin
2023-09-21 17:01 ` Michael S. Tsirkin
2023-09-21 17:07 ` Jason Gunthorpe
2023-09-21 17:21 ` Michael S. Tsirkin
2023-09-21 17:21 ` Michael S. Tsirkin
2023-09-21 17:44 ` Jason Gunthorpe
2023-09-21 17:55 ` Michael S. Tsirkin
2023-09-21 17:55 ` Michael S. Tsirkin
2023-09-21 18:16 ` Jason Gunthorpe
2023-09-21 19:34 ` Michael S. Tsirkin
2023-09-21 19:34 ` Michael S. Tsirkin
2023-09-21 19:53 ` Jason Gunthorpe
2023-09-21 20:16 ` Michael S. Tsirkin
2023-09-21 20:16 ` Michael S. Tsirkin
2023-09-21 22:48 ` Jason Gunthorpe
2023-09-22 9:47 ` Michael S. Tsirkin
2023-09-22 9:47 ` Michael S. Tsirkin
2023-09-22 12:23 ` Jason Gunthorpe
2023-09-22 15:45 ` Michael S. Tsirkin
2023-09-22 15:45 ` Michael S. Tsirkin
2023-09-22 3:02 ` Jason Wang
2023-09-22 3:02 ` Jason Wang
2023-09-22 12:22 ` Jason Gunthorpe
2023-09-22 12:25 ` Parav Pandit via Virtualization
2023-09-22 12:25 ` Parav Pandit
2023-09-22 15:13 ` Michael S. Tsirkin
2023-09-22 15:13 ` Michael S. Tsirkin
2023-09-22 15:15 ` Jason Gunthorpe
2023-09-22 15:40 ` Michael S. Tsirkin
2023-09-22 15:40 ` Michael S. Tsirkin
2023-09-22 16:22 ` Jason Gunthorpe
2023-09-25 17:36 ` Michael S. Tsirkin
2023-09-25 17:36 ` Michael S. Tsirkin
2023-09-25 2:30 ` Jason Wang
2023-09-25 2:30 ` Jason Wang
2023-09-25 8:26 ` Parav Pandit via Virtualization
2023-09-25 8:26 ` Parav Pandit
2023-09-25 18:36 ` Michael S. Tsirkin
2023-09-25 18:36 ` Michael S. Tsirkin
2023-09-26 2:34 ` Zhu, Lingshan
2023-09-26 2:34 ` Zhu, Lingshan
2023-09-26 3:45 ` Parav Pandit via Virtualization
2023-09-26 3:45 ` Parav Pandit
2023-09-26 4:37 ` Jason Wang
2023-09-26 4:37 ` Jason Wang
2023-10-12 10:52 ` Michael S. Tsirkin
2023-10-12 10:52 ` Michael S. Tsirkin
2023-10-12 11:11 ` Parav Pandit via Virtualization
2023-10-12 11:11 ` Parav Pandit
2023-10-12 11:30 ` Michael S. Tsirkin
2023-10-12 11:30 ` Michael S. Tsirkin
2023-10-12 11:40 ` Parav Pandit via Virtualization
2023-10-12 11:40 ` Parav Pandit
2023-09-26 2:32 ` Jason Wang
2023-09-26 2:32 ` Jason Wang
2023-09-26 4:01 ` Parav Pandit via Virtualization
2023-09-26 4:01 ` Parav Pandit
2023-09-26 4:37 ` Jason Wang
2023-09-26 4:37 ` Jason Wang
2023-09-26 5:27 ` Parav Pandit via Virtualization
2023-09-26 5:27 ` Parav Pandit
2023-09-26 11:49 ` Michael S. Tsirkin
2023-09-26 11:49 ` Michael S. Tsirkin
2023-10-08 4:28 ` Jason Wang
2023-10-08 4:28 ` Jason Wang
2023-09-22 3:02 ` Jason Wang
2023-09-22 3:02 ` Jason Wang
2023-09-22 12:25 ` Jason Gunthorpe
2023-09-22 15:39 ` Michael S. Tsirkin
2023-09-22 15:39 ` Michael S. Tsirkin
2023-09-22 16:19 ` Jason Gunthorpe
2023-09-25 18:16 ` Michael S. Tsirkin
2023-09-25 18:16 ` Michael S. Tsirkin
2023-09-25 18:53 ` Jason Gunthorpe
2023-09-25 19:52 ` Michael S. Tsirkin
2023-09-25 19:52 ` Michael S. Tsirkin
2023-09-21 17:09 ` Parav Pandit via Virtualization
2023-09-21 17:09 ` Parav Pandit
2023-09-21 17:24 ` Michael S. Tsirkin
2023-09-21 17:24 ` Michael S. Tsirkin
2023-09-21 19:58 ` Alex Williamson
2023-09-21 19:58 ` Alex Williamson
2023-09-21 20:01 ` Jason Gunthorpe
2023-09-21 20:20 ` Michael S. Tsirkin
2023-09-21 20:20 ` Michael S. Tsirkin
2023-09-21 20:59 ` Alex Williamson
2023-09-21 20:59 ` Alex Williamson
2023-09-22 12:37 ` Jason Gunthorpe
2023-09-22 12:59 ` Parav Pandit via Virtualization
2023-09-22 12:59 ` Parav Pandit
2023-09-26 15:20 ` Yishai Hadas via Virtualization
2023-09-26 15:20 ` Yishai Hadas
2023-09-26 17:00 ` Michael S. Tsirkin
2023-09-26 17:00 ` Michael S. Tsirkin
2023-10-02 4:38 ` Parav Pandit via Virtualization
2023-10-02 4:38 ` Parav Pandit
2023-09-22 10:10 ` Michael S. Tsirkin
2023-09-22 10:10 ` Michael S. Tsirkin
2023-09-22 15:53 ` Michael S. Tsirkin
2023-09-22 15:53 ` Michael S. Tsirkin
2023-10-02 11:23 ` Parav Pandit via Virtualization
2023-10-02 11:23 ` Parav Pandit
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231011172014.GB3952@nvidia.com \
--to=jgg@nvidia.com \
--cc=alex.williamson@redhat.com \
--cc=feliu@nvidia.com \
--cc=hch@infradead.org \
--cc=jasowang@redhat.com \
--cc=jiri@nvidia.com \
--cc=joao.m.martins@oracle.com \
--cc=kevin.tian@intel.com \
--cc=kvm@vger.kernel.org \
--cc=leonro@nvidia.com \
--cc=maorg@nvidia.com \
--cc=mst@redhat.com \
--cc=parav@nvidia.com \
--cc=virtualization@lists.linux-foundation.org \
--cc=yishaih@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.