From: Akihiko Odaki <akihiko.odaki@gmail.com>
To: Alyssa Ross <hi@alyssa.is>,
Gurchetan Singh <gurchetansingh@chromium.org>,
Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Cc: qemu-devel@nongnu.org,
"Xenia Ragiadakou" <xenia.ragiadakou@amd.com>,
marcandre.lureau@redhat.com, ray.huang@amd.com,
alex.bennee@linaro.org, shentey@gmail.com, ernunes@redhat.com,
manos.pitsidianakis@linaro.org, philmd@linaro.org,
"Gerd Hoffmann" <kraxel@redhat.com>,
"Michael S . Tsirkin" <mst@redhat.com>,
"Stefano Stabellini" <sstabellini@kernel.org>,
"Anthony PERARD" <anthony.perard@citrix.com>,
"Antonio Caggiano" <quic_acaggian@quicinc.com>,
"Dr . David Alan Gilbert" <dgilbert@redhat.com>,
"Robert Beckett" <bob.beckett@collabora.com>,
"Dmitry Osipenko" <dmitry.osipenko@collabora.com>,
xen-devel@lists.xenproject.org,
"Albert Esteve" <aesteve@redhat.com>,
"Roger Pau Monné" <roger.pau@citrix.com>,
"Alex Deucher" <alexander.deucher@amd.com>,
"Christian König" <christian.koenig@amd.com>,
"Pierre-Eric Pelloux-Prayer" <pierre-eric.pelloux-prayer@amd.com>,
"Honglei Huang" <honglei1.huang@amd.com>,
"Julia Zhang" <julia.zhang@amd.com>,
"Chen Jiqian" <Jiqian.Chen@amd.com>
Subject: Re: [PATCH v13 6/9] gfxstream + rutabaga: add initial support for gfxstream
Date: Fri, 22 Sep 2023 16:54:51 +0900 [thread overview]
Message-ID: <faae6c7b-2b2b-44e5-99b8-261f17f28645@gmail.com> (raw)
In-Reply-To: <87lecyejry.fsf@alyssa.is>
On 2023/09/22 16:42, Alyssa Ross wrote:
> Akihiko Odaki <akihiko.odaki@gmail.com> writes:
>
>> Practically there is very low chance to hit the bug. I think only
>> fuzzers and malicious actors will trigger it, and probably no one will
>> dare using virtio-gpu-rutabaga or virtio-gpu-gl in a security-sensitive
>> context.
>
> Well, this is exactly what Chrome OS does, albiet with crosvm rather
> than QEMU, right?
I think so, but QEMU's virtio-gpu-rutabaga and virtio-gpu-gl should be
very different from crosvm in terms that it does not isolate the
graphics stack into a separate process while I believe crosvm does so.
Having the entire graphics stack in a VMM is a security nightmare; it
means giving a complex shader compiler the highest privilege. We need to
use vhost-user-gpu instead for process isolation.
Since we already have such a serious security hazard, I don't think we
have to care much about security. But security approximately equals to
reliability, which matters for virtio-gpu-rutabaga and virtio-gpu-gl
too, so it's still nice to get the bug fixed.
next prev parent reply other threads:[~2023-09-22 7:55 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-29 0:36 [PATCH v13 0/9] rutabaga_gfx + gfxstream Gurchetan Singh
2023-08-29 0:36 ` [PATCH v13 1/9] virtio: Add shared memory capability Gurchetan Singh
2023-08-29 0:36 ` [PATCH v13 2/9] virtio-gpu: CONTEXT_INIT feature Gurchetan Singh
2023-08-29 0:36 ` [PATCH v13 3/9] virtio-gpu: hostmem Gurchetan Singh
2023-08-29 0:36 ` [PATCH v13 4/9] virtio-gpu: blob prep Gurchetan Singh
2023-08-29 0:36 ` [PATCH v13 5/9] gfxstream + rutabaga prep: added need defintions, fields, and options Gurchetan Singh
2023-08-29 0:36 ` [PATCH v13 6/9] gfxstream + rutabaga: add initial support for gfxstream Gurchetan Singh
2023-09-20 11:42 ` Akihiko Odaki
2023-09-20 12:04 ` Mark Cave-Ayland
2023-09-22 0:03 ` Gurchetan Singh
2023-09-22 2:53 ` Akihiko Odaki
2023-09-22 7:42 ` Alyssa Ross
2023-09-22 7:54 ` Akihiko Odaki [this message]
2023-09-27 11:45 ` Thomas Huth
2023-09-27 12:24 ` Markus Armbruster
2023-09-27 12:26 ` Mark Cave-Ayland
2023-08-29 0:36 ` [PATCH v13 7/9] gfxstream + rutabaga: meson support Gurchetan Singh
2023-08-29 0:36 ` [PATCH v13 8/9] gfxstream + rutabaga: enable rutabaga Gurchetan Singh
2023-08-29 0:36 ` [PATCH v13 9/9] docs/system: add basic virtio-gpu documentation Gurchetan Singh
2023-08-31 2:25 ` [PATCH v13 0/9] rutabaga_gfx + gfxstream Huang Rui
2023-09-06 1:20 ` Gurchetan Singh
2023-09-06 6:25 ` Marc-André Lureau
2023-09-13 21:03 ` Bernhard Beschow
2023-09-12 13:59 ` Marc-André Lureau
2023-09-13 1:08 ` Gurchetan Singh
2023-09-13 13:49 ` Marc-André Lureau
2023-09-14 4:10 ` Gurchetan Singh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=faae6c7b-2b2b-44e5-99b8-261f17f28645@gmail.com \
--to=akihiko.odaki@gmail.com \
--cc=Jiqian.Chen@amd.com \
--cc=aesteve@redhat.com \
--cc=alex.bennee@linaro.org \
--cc=alexander.deucher@amd.com \
--cc=anthony.perard@citrix.com \
--cc=bob.beckett@collabora.com \
--cc=christian.koenig@amd.com \
--cc=dgilbert@redhat.com \
--cc=dmitry.osipenko@collabora.com \
--cc=ernunes@redhat.com \
--cc=gurchetansingh@chromium.org \
--cc=hi@alyssa.is \
--cc=honglei1.huang@amd.com \
--cc=julia.zhang@amd.com \
--cc=kraxel@redhat.com \
--cc=manos.pitsidianakis@linaro.org \
--cc=marcandre.lureau@redhat.com \
--cc=mark.cave-ayland@ilande.co.uk \
--cc=mst@redhat.com \
--cc=philmd@linaro.org \
--cc=pierre-eric.pelloux-prayer@amd.com \
--cc=qemu-devel@nongnu.org \
--cc=quic_acaggian@quicinc.com \
--cc=ray.huang@amd.com \
--cc=roger.pau@citrix.com \
--cc=shentey@gmail.com \
--cc=sstabellini@kernel.org \
--cc=xen-devel@lists.xenproject.org \
--cc=xenia.ragiadakou@amd.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.