From: Avi Kivity <avi@scylladb.com>
To: Alex Williamson <alex.williamson@redhat.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>,
Vlad Zolotarov <vladz@cloudius-systems.com>,
Greg KH <gregkh@linuxfoundation.org>,
linux-kernel@vger.kernel.org, hjk@hansjkoch.de, corbet@lwn.net,
bruce.richardson@intel.com, avi@cloudius-systems.com,
gleb@cloudius-systems.com, stephen@networkplumber.org,
alexander.duyck@gmail.com
Subject: Re: [PATCH v3 2/3] uio_pci_generic: add MSI/MSI-X support
Date: Wed, 7 Oct 2015 19:39:16 +0300 [thread overview]
Message-ID: <56154AB4.1050509@scylladb.com> (raw)
In-Reply-To: <1444235464.4059.169.camel@redhat.com>
On 10/07/2015 07:31 PM, Alex Williamson wrote:
>>> I
>>> guess the no-iommu map would error if the IOVA isn't simply the bus
>>> address of the page mapped.
>>>
>>> Of course this is entirely unsafe and this no-iommu driver should taint
>>> the kernel, but it at least standardizes on one userspace API and you're
>>> already doing completely unsafe things with uio. vfio should be
>>> enlightened at least to the point that it allows only privileged users
>>> access to devices under such a (lack of) iommu.
>> There is an additional complication. With an iommu, userspace programs
>> the device with virtual addresses, but without it, they have to program
>> physical addresses. So vfio would need to communicate this bit of
>> information.
>>
>> We can go further and define a better translation API than the current
>> one (reading /proc/pagemap). But it's going to be a bigger change to
>> vfio than I thought at first.
> It sounds like a separate vfio iommu backend from type1, one that just
> pins the page and returns the bus address. The curse and benefit would
> be that existing type1 users wouldn't "just work" in an insecure mode,
> the DMA mapping code would need to be aware of the difference. Still, I
> do really prefer to keep vfio as only exposing a secure, iommu protected
> device to the user because surely someone will try and users would
> expect that removing iommu restrictions from vfio means they can do
> device assignment to VMs w/o an iommu.
That's what I thought as well, but apparently adding msix support to the
already insecure uio drivers is even worse.
next prev parent reply other threads:[~2015-10-07 16:39 UTC|newest]
Thread overview: 96+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-04 20:43 [PATCH v3 0/3] uio: add MSI/MSI-X support to uio_pci_generic driver Vlad Zolotarov
2015-10-04 20:43 ` [PATCH v3 1/3] uio: add ioctl support Vlad Zolotarov
2015-10-05 3:03 ` Greg KH
2015-10-05 7:33 ` Vlad Zolotarov
2015-10-05 8:01 ` Greg KH
2015-10-05 10:36 ` Vlad Zolotarov
2015-10-05 20:02 ` Michael S. Tsirkin
[not found] ` <CAOYyTHZ2=UCYxuJKvd5S6qxp=84DBq5bMadg5wL0rFLZBh2-8Q@mail.gmail.com>
2015-10-05 22:29 ` Michael S. Tsirkin
2015-10-06 8:33 ` Vlad Zolotarov
2015-10-06 14:19 ` Michael S. Tsirkin
2015-10-06 14:30 ` Gleb Natapov
2015-10-06 15:19 ` Michael S. Tsirkin
2015-10-06 15:31 ` Vlad Zolotarov
2015-10-06 15:57 ` Gleb Natapov
2015-10-04 20:43 ` [PATCH v3 2/3] uio_pci_generic: add MSI/MSI-X support Vlad Zolotarov
2015-10-05 3:11 ` Greg KH
2015-10-05 7:41 ` Vlad Zolotarov
2015-10-05 7:56 ` Greg KH
2015-10-05 10:48 ` Vlad Zolotarov
2015-10-05 10:57 ` Greg KH
2015-10-05 11:09 ` Avi Kivity
2015-10-05 13:08 ` Greg KH
2015-10-05 11:41 ` Vlad Zolotarov
2015-10-05 11:47 ` Avi Kivity
2015-10-05 11:53 ` Vlad Zolotarov
2015-10-05 8:28 ` Avi Kivity
2015-10-05 9:49 ` Greg KH
2015-10-05 10:20 ` Avi Kivity
2015-10-06 14:38 ` Michael S. Tsirkin
2015-10-06 14:43 ` Vlad Zolotarov
2015-10-06 14:56 ` Michael S. Tsirkin
2015-10-06 15:23 ` Avi Kivity
2015-10-06 18:51 ` Alex Williamson
2015-10-06 21:32 ` Stephen Hemminger
2015-10-06 21:41 ` Alex Williamson
[not found] ` <CAOaVG152OrQz-Bbnpr0VeE+vLH7nMGsG6A3sD7eTQHormNGVUg@mail.gmail.com>
2015-10-07 7:57 ` Vlad Zolotarov
[not found] ` <5614C160.6000203@scylladb.com>
2015-10-07 8:00 ` Vlad Zolotarov
2015-10-07 8:01 ` Vlad Zolotarov
2015-10-07 6:52 ` Avi Kivity
2015-10-07 16:31 ` Alex Williamson
2015-10-07 16:39 ` Avi Kivity [this message]
2015-10-07 21:05 ` Michael S. Tsirkin
2015-10-08 4:19 ` Gleb Natapov
2015-10-08 7:41 ` Michael S. Tsirkin
2015-10-08 7:59 ` Gleb Natapov
2015-10-08 9:38 ` Michael S. Tsirkin
2015-10-08 9:45 ` Gleb Natapov
2015-10-08 12:15 ` Michael S. Tsirkin
2015-10-08 5:33 ` Avi Kivity
2015-10-08 7:32 ` Michael S. Tsirkin
2015-10-08 8:46 ` Avi Kivity
2015-10-08 9:16 ` Michael S. Tsirkin
2015-10-08 9:44 ` Avi Kivity
2015-10-08 12:06 ` Michael S. Tsirkin
2015-10-08 12:27 ` Gleb Natapov
2015-10-08 13:20 ` Michael S. Tsirkin
2015-10-08 13:28 ` Gleb Natapov
2015-10-08 16:43 ` Michael S. Tsirkin
2015-10-08 17:01 ` Gleb Natapov
2015-10-08 17:39 ` Michael S. Tsirkin
2015-10-08 17:53 ` Gleb Natapov
2015-10-08 18:38 ` Greg KH
2015-10-08 8:32 ` Michael S. Tsirkin
2015-10-08 8:52 ` Gleb Natapov
2015-10-08 9:19 ` Avi Kivity
2015-10-08 10:26 ` Michael S. Tsirkin
2015-10-08 13:20 ` Avi Kivity
2015-10-08 14:17 ` Michael S. Tsirkin
2015-10-08 15:31 ` Alex Williamson
2015-10-07 20:05 ` Michael S. Tsirkin
2015-10-07 7:55 ` Vlad Zolotarov
2015-10-08 8:48 ` Michael S. Tsirkin
2015-10-06 15:28 ` Vlad Zolotarov
2015-10-06 14:46 ` Michael S. Tsirkin
2015-10-06 15:27 ` Avi Kivity
2015-10-05 8:41 ` Stephen Hemminger
2015-10-05 9:08 ` Vlad Zolotarov
2015-10-05 10:06 ` Vlad Zolotarov
2015-10-05 20:09 ` Michael S. Tsirkin
2015-10-05 9:11 ` Vlad Zolotarov
2015-10-05 19:16 ` Michael S. Tsirkin
2015-10-04 20:43 ` [PATCH v3 3/3] Documentation: update uio-howto Vlad Zolotarov
2015-10-04 20:45 ` [PATCH v3 0/3] uio: add MSI/MSI-X support to uio_pci_generic driver Vlad Zolotarov
2015-10-05 19:50 ` Michael S. Tsirkin
2015-10-06 8:37 ` Vlad Zolotarov
2015-10-06 14:30 ` Michael S. Tsirkin
2015-10-06 14:40 ` Vlad Zolotarov
2015-10-06 15:13 ` Michael S. Tsirkin
2015-10-06 16:35 ` Vlad Zolotarov
2015-10-06 15:11 ` Avi Kivity
2015-10-06 15:15 ` Michael S. Tsirkin
2015-10-06 16:00 ` Gleb Natapov
2015-10-06 16:09 ` Avi Kivity
2015-10-07 10:25 ` Michael S. Tsirkin
2015-10-07 10:28 ` Avi Kivity
-- strict thread matches above, loose matches on Subject: below --
2015-10-04 20:39 Vlad Zolotarov
2015-10-04 20:39 ` [PATCH v3 2/3] uio_pci_generic: add MSI/MSI-X support Vlad Zolotarov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56154AB4.1050509@scylladb.com \
--to=avi@scylladb.com \
--cc=alex.williamson@redhat.com \
--cc=alexander.duyck@gmail.com \
--cc=avi@cloudius-systems.com \
--cc=bruce.richardson@intel.com \
--cc=corbet@lwn.net \
--cc=gleb@cloudius-systems.com \
--cc=gregkh@linuxfoundation.org \
--cc=hjk@hansjkoch.de \
--cc=linux-kernel@vger.kernel.org \
--cc=mst@redhat.com \
--cc=stephen@networkplumber.org \
--cc=vladz@cloudius-systems.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.