Re: [PATCH] vfio/type1: Cleanup remaining vaddr removal/update fragments

public inbox for kvm@vger.kernel.org
 help / color / mirror / Atom feed

From: Steven Sistare <steven.sistare@oracle.com>
To: Alex Williamson <alex.williamson@redhat.com>
Cc: "Tian, Kevin" <kevin.tian@intel.com>,
	"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
	"jgg@ziepe.ca" <jgg@ziepe.ca>
Subject: Re: [PATCH] vfio/type1: Cleanup remaining vaddr removal/update fragments
Date: Fri, 9 Dec 2022 14:52:49 -0500	[thread overview]
Message-ID: <5f494e1f-536d-7225-e2c7-5ec9c993f13a@oracle.com> (raw)
In-Reply-To: <20221209124212.672b7a9c.alex.williamson@redhat.com>

On 12/9/2022 2:42 PM, Alex Williamson wrote:
> On Fri, 9 Dec 2022 13:40:29 -0500
> Steven Sistare <steven.sistare@oracle.com> wrote:
> 
>> On 12/8/2022 11:40 AM, Alex Williamson wrote:
>>> On Thu, 8 Dec 2022 07:56:30 +0000
>>> "Tian, Kevin" <kevin.tian@intel.com> wrote:
>>>   
>>>>> From: Alex Williamson <alex.williamson@redhat.com>
>>>>> Sent: Thursday, December 8, 2022 5:45 AM
>>>>>
>>>>> Fix several loose ends relative to reverting support for vaddr removal
>>>>> and update.  Mark feature and ioctl flags as deprecated, restore local
>>>>> variable scope in pin pages, remove remaining support in the mapping
>>>>> code.
>>>>>
>>>>> Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
>>>>> ---
>>>>>
>>>>> This applies on top of Steve's patch[1] to fully remove and deprecate
>>>>> this feature in the short term, following the same methodology we used
>>>>> for the v1 migration interface removal.  The intention would be to pick
>>>>> Steve's patch and this follow-on for v6.2 given that existing support
>>>>> exposes vulnerabilities and no known upstream userspaces make use of
>>>>> this feature.
>>>>>
>>>>> [1]https://lore.kernel.org/all/1670363753-249738-2-git-send-email-
>>>>> steven.sistare@oracle.com/
>>>>>     
>>>>
>>>> Reviewed-by: Kevin Tian <kevin.tian@intel.com>
>>>>
>>>> btw given the exposure and no known upstream usage should this be
>>>> also pushed to stable kernels?  
>>>
>>> I'll add to both:
>>>
>>> Cc: stable@vger.kernel.org # v5.12+  
>>
>> We maintain and use a version of qemu that contains the live update patches,
>> and requires these kernel interfaces. Other companies are also experimenting 
>> with it.  Please do not remove it from stable.
> 
> The interface has been determined to have vulnerabilities and the
> proposal to resolve those vulnerabilities is to implement a new API.
> If we think it's worthwhile to remove the existing, vulnerable interface
> in the current kernel, what makes it safe to keep it for stable kernels?

I do not think it's worth while, but I have stopped fighting for 6.2.

> Existing users that could choose not to accept the revert in their
> downstream kernel and allowing users evaluating the interface more time
> before they know it's been removed upstream, are not terribly
> compelling reasons to keep it in upstream stable kernels.  Thanks,

The compelling reason is that stable is supposed to be stable and maintain
existing interfaces, and now I will need to re-merge the interfaces at
regular intervals when we update UEK from stable. Oracle is a current user 
of these interfaces in our business. Do we count?

- Steve

next prev parent reply	other threads:[~2022-12-09 19:53 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-12-07 21:45 [PATCH] vfio/type1: Cleanup remaining vaddr removal/update fragments Alex Williamson
2022-12-07 23:21 ` Jason Gunthorpe
2022-12-08  7:56 ` Tian, Kevin
2022-12-08 16:40   ` Alex Williamson
2022-12-09 18:40     ` Steven Sistare
2022-12-09 19:42       ` Alex Williamson
2022-12-09 19:52         ` Steven Sistare [this message]
2022-12-09 21:01           ` Alex Williamson
2022-12-10 14:14             ` Steven Sistare
2022-12-12 13:17               ` Jason Gunthorpe
2022-12-12 13:54                 ` Steven Sistare
2022-12-12 15:58                 ` Alex Williamson
2022-12-12 20:59                   ` Steven Sistare
2022-12-12 21:26                     ` Alex Williamson
2022-12-12 23:08                       ` Jason Gunthorpe
2022-12-12 23:29                         ` Alex Williamson
2022-12-12 23:35                           ` Jason Gunthorpe
2022-12-13  0:04                             ` Alex Williamson
2022-12-13  0:11                               ` Jason Gunthorpe

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5f494e1f-536d-7225-e2c7-5ec9c993f13a@oracle.com \
    --to=steven.sistare@oracle.com \
    --cc=alex.williamson@redhat.com \
    --cc=jgg@ziepe.ca \
    --cc=kevin.tian@intel.com \
    --cc=kvm@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox