From: Alex Williamson <alex.williamson@redhat.com>
To: Russell King - ARM Linux <linux@armlinux.org.uk>
Cc: Greg KH <greg@kroah.com>,
kvm@vger.kernel.org, eric.auger@redhat.com,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v3 7/9] vfio: Use driver_override to avert binding to compromising drivers
Date: Mon, 26 Jun 2017 13:39:12 -0600 [thread overview]
Message-ID: <20170626133912.7746bdfe@w520.home> (raw)
In-Reply-To: <20170626090854.GE4902@n2100.armlinux.org.uk>
On Mon, 26 Jun 2017 10:08:55 +0100
Russell King - ARM Linux <linux@armlinux.org.uk> wrote:
> On Tue, Jun 20, 2017 at 09:48:31AM -0600, Alex Williamson wrote:
> > If a device is bound to a non-vfio, non-whitelisted driver while a
> > group is in use, then the integrity of the group is compromised and
> > will result in hitting a BUG_ON. This code tries to avoid this case
> > by mangling driver_override to force a no-match for the driver. The
> > driver-core will either follow-up with a DRIVER_NOT_BOUND (preferred)
> > or BOUND_DRIVER, at which point we can remove the driver_override
> > mangling.
>
> Rather than mangling the driver override string to prevent driver binding,
> I wonder if it would make more sense to allow the BUS_NOTIFY_BIND_DRIVER
> notifier to fail the device probe?
>
> The driver override strings are, after all, exposed to userspace, and
> it strikes me that this kind of mangling is racy - userspace can read
> or change the override string at any time.
Indeed, that looks easier. I sent and RFC, let's see what Greg has to
say. Thanks,
Alex
next prev parent reply other threads:[~2017-06-26 19:39 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-20 15:47 [PATCH v3 0/9] vfio: Fix release ordering races and use driver_override Alex Williamson
2017-06-20 15:47 ` [PATCH v3 1/9] vfio: Fix group release deadlock Alex Williamson
2017-06-20 15:47 ` [PATCH v3 2/9] kvm-vfio: Decouple only when we match a group Alex Williamson
2017-06-26 7:30 ` Auger Eric
2017-06-28 17:37 ` Paolo Bonzini
2017-06-20 15:47 ` [PATCH v3 3/9] vfio: New external user group/file match Alex Williamson
2017-06-20 15:48 ` [PATCH v3 4/9] iommu: Add driver-not-bound notification Alex Williamson
2017-06-20 15:48 ` [PATCH v3 5/9] vfio: Create interface for vfio bus drivers to register Alex Williamson
2017-06-20 15:48 ` [PATCH v3 6/9] vfio: Register pci, platform, amba, and mdev bus drivers Alex Williamson
2017-06-20 15:48 ` [PATCH v3 7/9] vfio: Use driver_override to avert binding to compromising drivers Alex Williamson
2017-06-26 9:08 ` Russell King - ARM Linux
2017-06-26 19:39 ` Alex Williamson [this message]
2017-07-10 21:34 ` Alex Williamson
2017-07-11 9:46 ` Greg KH
2017-07-11 16:41 ` Alex Williamson
2017-07-13 8:23 ` Greg KH
2017-07-14 16:03 ` Alex Williamson
2017-07-14 20:09 ` Greg KH
2017-06-20 15:48 ` [PATCH v3 8/9] amba: Export amba_bustype Alex Williamson
2017-06-26 7:30 ` Auger Eric
2017-06-20 15:48 ` [PATCH v3 9/9] vfio: Add AMBA driver_override support Alex Williamson
2017-06-26 7:30 ` Auger Eric
2017-06-26 7:31 ` [PATCH v3 0/9] vfio: Fix release ordering races and use driver_override Auger Eric
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170626133912.7746bdfe@w520.home \
--to=alex.williamson@redhat.com \
--cc=eric.auger@redhat.com \
--cc=greg@kroah.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@armlinux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox