From: Alex Williamson <alex.williamson@redhat.com>
To: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: kvm@vger.kernel.org, Alexey Kardashevskiy <aik@ozlabs.ru>,
Alexander Graf <agraf@suse.de>,
kvm-ppc@vger.kernel.org, linux-kernel@vger.kernel.org,
Paul Mackerras <paulus@samba.org>,
linuxppc-dev@lists.ozlabs.org,
David Gibson <david@gibson.dropbear.id.au>
Subject: Re: [PATCH 3/4] KVM: PPC: Add support for IOMMU in-kernel handling
Date: Mon, 17 Jun 2013 20:32:52 -0600 [thread overview]
Message-ID: <1371522772.22681.140.camel@ul30vt.home> (raw)
In-Reply-To: <1371441361.21896.152.camel@pasglop>
On Mon, 2013-06-17 at 13:56 +1000, Benjamin Herrenschmidt wrote:
> On Sun, 2013-06-16 at 21:13 -0600, Alex Williamson wrote:
>
> > IOMMU groups themselves don't provide security, they're accessed by
> > interfaces like VFIO, which provide the security. Given a brief look, I
> > agree, this looks like a possible backdoor. The typical VFIO way to
> > handle this would be to pass a VFIO file descriptor here to prove that
> > the process has access to the IOMMU group. This is how /dev/vfio/vfio
> > gains the ability to setup an IOMMU domain an do mappings with the
> > SET_CONTAINER ioctl using a group fd. Thanks,
>
> How do you envision that in the kernel ? IE. I'm in KVM code, gets that
> vfio fd, what do I do with it ?
>
> Basically, KVM needs to know that the user is allowed to use that iommu
> group. I don't think we want KVM however to call into VFIO directly
> right ?
Right, we don't want to create dependencies across modules. I don't
have a vision for how this should work. This is effectively a complete
side-band to vfio, so we're really just dealing in the iommu group
space. Maybe there needs to be some kind of registration of ownership
for the group using some kind of token. It would need to include some
kind of notification when that ownership ends. That might also be a
convenient tag to toggle driver probing off for devices in the group.
Other ideas? Thanks,
Alex
next prev parent reply other threads:[~2013-06-18 2:33 UTC|newest]
Thread overview: 69+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-06-05 6:11 [PATCH 0/4 v3] KVM: PPC: IOMMU in-kernel handling Alexey Kardashevskiy
2013-06-05 6:11 ` [PATCH 1/4] KVM: PPC: Add support for multiple-TCE hcalls Alexey Kardashevskiy
2013-06-16 4:20 ` Benjamin Herrenschmidt
2013-06-16 22:06 ` Alexander Graf
2013-06-17 7:55 ` Alexey Kardashevskiy
2013-06-17 8:02 ` Alexander Graf
2013-06-17 8:34 ` Alexey Kardashevskiy
2013-06-17 8:40 ` Alexander Graf
2013-06-17 8:51 ` Alexey Kardashevskiy
2013-06-17 10:46 ` Alexander Graf
2013-06-17 10:48 ` Alexander Graf
2013-06-17 8:37 ` Benjamin Herrenschmidt
2013-06-17 8:42 ` Alexander Graf
2013-06-05 6:11 ` [PATCH 2/4] powerpc: Prepare to support kernel handling of IOMMU map/unmap Alexey Kardashevskiy
2013-06-16 4:26 ` Benjamin Herrenschmidt
2013-06-16 4:31 ` Benjamin Herrenschmidt
2013-06-17 9:17 ` Alexey Kardashevskiy
2013-06-05 6:11 ` [PATCH 3/4] KVM: PPC: Add support for IOMMU in-kernel handling Alexey Kardashevskiy
2013-06-16 4:39 ` Benjamin Herrenschmidt
2013-06-19 3:17 ` Alexey Kardashevskiy
2013-06-16 22:25 ` Alexander Graf
2013-06-16 22:39 ` Benjamin Herrenschmidt
2013-06-17 3:13 ` Alex Williamson
2013-06-17 3:56 ` Benjamin Herrenschmidt
2013-06-18 2:32 ` Alex Williamson [this message]
2013-06-18 4:38 ` Benjamin Herrenschmidt
2013-06-18 14:48 ` Alex Williamson
2013-06-18 21:58 ` Benjamin Herrenschmidt
2013-06-19 3:35 ` Rusty Russell
2013-06-19 4:59 ` Benjamin Herrenschmidt
2013-06-19 9:58 ` Alexander Graf
2013-06-19 14:50 ` Benjamin Herrenschmidt
2013-06-19 15:49 ` Alex Williamson
2013-06-20 4:58 ` Alexey Kardashevskiy
2013-06-20 5:28 ` David Gibson
2013-06-20 7:47 ` Benjamin Herrenschmidt
2013-06-20 8:48 ` Alexey Kardashevskiy
2013-06-20 14:55 ` Alex Williamson
2013-06-22 8:25 ` Alexey Kardashevskiy
2013-06-22 12:03 ` David Gibson
2013-06-22 14:28 ` Alex Williamson
2013-06-24 3:52 ` David Gibson
2013-06-24 4:41 ` Alex Williamson
2013-06-27 11:01 ` David Gibson
2013-06-22 23:28 ` Benjamin Herrenschmidt
2013-06-24 3:54 ` David Gibson
2013-06-24 3:58 ` Benjamin Herrenschmidt
2013-06-05 6:11 ` [PATCH 4/4] KVM: PPC: Add hugepage " Alexey Kardashevskiy
2013-06-16 4:46 ` Benjamin Herrenschmidt
2013-06-17 16:35 ` Paolo Bonzini
2013-06-12 3:14 ` [PATCH 0/4 v3] KVM: PPC: " Benjamin Herrenschmidt
-- strict thread matches above, loose matches on Subject: below --
2013-05-21 3:06 [PATCH 0/4 v2] " Alexey Kardashevskiy
2013-05-21 3:06 ` [PATCH 3/4] KVM: PPC: Add support for " Alexey Kardashevskiy
2013-05-22 21:06 ` Scott Wood
2013-05-25 2:45 ` David Gibson
2013-05-27 2:44 ` Alexey Kardashevskiy
2013-05-28 17:45 ` Scott Wood
2013-05-28 23:30 ` Alexey Kardashevskiy
2013-05-28 23:35 ` Scott Wood
2013-05-29 0:12 ` Alexey Kardashevskiy
2013-05-29 20:05 ` Scott Wood
2013-05-29 23:10 ` Alexey Kardashevskiy
2013-05-29 23:14 ` Scott Wood
2013-05-29 23:29 ` Alexey Kardashevskiy
2013-05-29 23:32 ` Scott Wood
2013-05-27 10:23 ` Paolo Bonzini
2013-05-27 14:26 ` Alexey Kardashevskiy
2013-05-27 14:41 ` Paolo Bonzini
2013-05-28 16:32 ` Scott Wood
2013-05-29 0:20 ` Alexey Kardashevskiy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1371522772.22681.140.camel@ul30vt.home \
--to=alex.williamson@redhat.com \
--cc=agraf@suse.de \
--cc=aik@ozlabs.ru \
--cc=benh@kernel.crashing.org \
--cc=david@gibson.dropbear.id.au \
--cc=kvm-ppc@vger.kernel.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=paulus@samba.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).