From: "Michael S. Tsirkin" <mst@redhat.com>
To: Avi Kivity <avi@scylladb.com>
Cc: Alex Williamson <alex.williamson@redhat.com>,
Vlad Zolotarov <vladz@cloudius-systems.com>,
Greg KH <gregkh@linuxfoundation.org>,
linux-kernel@vger.kernel.org, hjk@hansjkoch.de, corbet@lwn.net,
bruce.richardson@intel.com, avi@cloudius-systems.com,
gleb@cloudius-systems.com, stephen@networkplumber.org,
alexander.duyck@gmail.com
Subject: Re: [PATCH v3 2/3] uio_pci_generic: add MSI/MSI-X support
Date: Thu, 8 Oct 2015 11:32:50 +0300 [thread overview]
Message-ID: <20151008104212-mutt-send-email-mst@redhat.com> (raw)
In-Reply-To: <56160039.4090901@scylladb.com>
On Thu, Oct 08, 2015 at 08:33:45AM +0300, Avi Kivity wrote:
> On 08/10/15 00:05, Michael S. Tsirkin wrote:
> >On Wed, Oct 07, 2015 at 07:39:16PM +0300, Avi Kivity wrote:
> >>That's what I thought as well, but apparently adding msix support to the
> >>already insecure uio drivers is even worse.
> >I'm glad you finally agree what these drivers are doing is insecure.
> >
> >And basically kernel cares about security, no one wants to maintain insecure stuff.
> >
> >So you guys should think harder whether this code makes any sense upstream.
>
> You simply ignore everything I write, cherry-picking the word "insecure" as
> if it makes your point. That is very frustrating.
And I'm sorry about the frustration. I didn't intend to twist your
words. It's just that I had to spend literally hours trying to explain
that security matters in kernel, and all I was getting back was a
summary "there's no security issue because there are other way to
corrupt memory".
So I was glad when it looked like there's finally an agreement that yes,
there's value in validating userspace input and yes, it's insecure
not to do this.
> It is good practice to defend against root oopsing the kernel, but in some
> cases it cannot be achieved.
I originally included ways to fix issues that I pointed out, ranging
from harder to implement with more overhead but more secure to easier to
implement with less overhead but less secure. There didn't seem to be
an understanding that the issues are there at all, so I stopped doing
that - seemed like a waste of time.
For example, will it kill your performance to reset devices cleanly, on
open and close, protect them from writes into MSI config, BAR registers
and related capablities etc etc? And if not, why are you people wasting
time arguing about that? The only thing I heard is that it's a hassle.
That's true (though if you follow my advice and try to share code with
vfio/pci you get a lot of this logic for free). So it's an
understandable argument if you just need something that works, quickly.
But if it's such a stopgap hack, there's no need to insist on it
upstream.
--
MST
next prev parent reply other threads:[~2015-10-08 8:33 UTC|newest]
Thread overview: 96+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-04 20:43 [PATCH v3 0/3] uio: add MSI/MSI-X support to uio_pci_generic driver Vlad Zolotarov
2015-10-04 20:43 ` [PATCH v3 1/3] uio: add ioctl support Vlad Zolotarov
2015-10-05 3:03 ` Greg KH
2015-10-05 7:33 ` Vlad Zolotarov
2015-10-05 8:01 ` Greg KH
2015-10-05 10:36 ` Vlad Zolotarov
2015-10-05 20:02 ` Michael S. Tsirkin
[not found] ` <CAOYyTHZ2=UCYxuJKvd5S6qxp=84DBq5bMadg5wL0rFLZBh2-8Q@mail.gmail.com>
2015-10-05 22:29 ` Michael S. Tsirkin
2015-10-06 8:33 ` Vlad Zolotarov
2015-10-06 14:19 ` Michael S. Tsirkin
2015-10-06 14:30 ` Gleb Natapov
2015-10-06 15:19 ` Michael S. Tsirkin
2015-10-06 15:31 ` Vlad Zolotarov
2015-10-06 15:57 ` Gleb Natapov
2015-10-04 20:43 ` [PATCH v3 2/3] uio_pci_generic: add MSI/MSI-X support Vlad Zolotarov
2015-10-05 3:11 ` Greg KH
2015-10-05 7:41 ` Vlad Zolotarov
2015-10-05 7:56 ` Greg KH
2015-10-05 10:48 ` Vlad Zolotarov
2015-10-05 10:57 ` Greg KH
2015-10-05 11:09 ` Avi Kivity
2015-10-05 13:08 ` Greg KH
2015-10-05 11:41 ` Vlad Zolotarov
2015-10-05 11:47 ` Avi Kivity
2015-10-05 11:53 ` Vlad Zolotarov
2015-10-05 8:28 ` Avi Kivity
2015-10-05 9:49 ` Greg KH
2015-10-05 10:20 ` Avi Kivity
2015-10-06 14:38 ` Michael S. Tsirkin
2015-10-06 14:43 ` Vlad Zolotarov
2015-10-06 14:56 ` Michael S. Tsirkin
2015-10-06 15:23 ` Avi Kivity
2015-10-06 18:51 ` Alex Williamson
2015-10-06 21:32 ` Stephen Hemminger
2015-10-06 21:41 ` Alex Williamson
[not found] ` <CAOaVG152OrQz-Bbnpr0VeE+vLH7nMGsG6A3sD7eTQHormNGVUg@mail.gmail.com>
2015-10-07 7:57 ` Vlad Zolotarov
[not found] ` <5614C160.6000203@scylladb.com>
2015-10-07 8:00 ` Vlad Zolotarov
2015-10-07 8:01 ` Vlad Zolotarov
2015-10-07 6:52 ` Avi Kivity
2015-10-07 16:31 ` Alex Williamson
2015-10-07 16:39 ` Avi Kivity
2015-10-07 21:05 ` Michael S. Tsirkin
2015-10-08 4:19 ` Gleb Natapov
2015-10-08 7:41 ` Michael S. Tsirkin
2015-10-08 7:59 ` Gleb Natapov
2015-10-08 9:38 ` Michael S. Tsirkin
2015-10-08 9:45 ` Gleb Natapov
2015-10-08 12:15 ` Michael S. Tsirkin
2015-10-08 5:33 ` Avi Kivity
2015-10-08 7:32 ` Michael S. Tsirkin
2015-10-08 8:46 ` Avi Kivity
2015-10-08 9:16 ` Michael S. Tsirkin
2015-10-08 9:44 ` Avi Kivity
2015-10-08 12:06 ` Michael S. Tsirkin
2015-10-08 12:27 ` Gleb Natapov
2015-10-08 13:20 ` Michael S. Tsirkin
2015-10-08 13:28 ` Gleb Natapov
2015-10-08 16:43 ` Michael S. Tsirkin
2015-10-08 17:01 ` Gleb Natapov
2015-10-08 17:39 ` Michael S. Tsirkin
2015-10-08 17:53 ` Gleb Natapov
2015-10-08 18:38 ` Greg KH
2015-10-08 8:32 ` Michael S. Tsirkin [this message]
2015-10-08 8:52 ` Gleb Natapov
2015-10-08 9:19 ` Avi Kivity
2015-10-08 10:26 ` Michael S. Tsirkin
2015-10-08 13:20 ` Avi Kivity
2015-10-08 14:17 ` Michael S. Tsirkin
2015-10-08 15:31 ` Alex Williamson
2015-10-07 20:05 ` Michael S. Tsirkin
2015-10-07 7:55 ` Vlad Zolotarov
2015-10-08 8:48 ` Michael S. Tsirkin
2015-10-06 15:28 ` Vlad Zolotarov
2015-10-06 14:46 ` Michael S. Tsirkin
2015-10-06 15:27 ` Avi Kivity
2015-10-05 8:41 ` Stephen Hemminger
2015-10-05 9:08 ` Vlad Zolotarov
2015-10-05 10:06 ` Vlad Zolotarov
2015-10-05 20:09 ` Michael S. Tsirkin
2015-10-05 9:11 ` Vlad Zolotarov
2015-10-05 19:16 ` Michael S. Tsirkin
2015-10-04 20:43 ` [PATCH v3 3/3] Documentation: update uio-howto Vlad Zolotarov
2015-10-04 20:45 ` [PATCH v3 0/3] uio: add MSI/MSI-X support to uio_pci_generic driver Vlad Zolotarov
2015-10-05 19:50 ` Michael S. Tsirkin
2015-10-06 8:37 ` Vlad Zolotarov
2015-10-06 14:30 ` Michael S. Tsirkin
2015-10-06 14:40 ` Vlad Zolotarov
2015-10-06 15:13 ` Michael S. Tsirkin
2015-10-06 16:35 ` Vlad Zolotarov
2015-10-06 15:11 ` Avi Kivity
2015-10-06 15:15 ` Michael S. Tsirkin
2015-10-06 16:00 ` Gleb Natapov
2015-10-06 16:09 ` Avi Kivity
2015-10-07 10:25 ` Michael S. Tsirkin
2015-10-07 10:28 ` Avi Kivity
-- strict thread matches above, loose matches on Subject: below --
2015-10-04 20:39 Vlad Zolotarov
2015-10-04 20:39 ` [PATCH v3 2/3] uio_pci_generic: add MSI/MSI-X support Vlad Zolotarov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151008104212-mutt-send-email-mst@redhat.com \
--to=mst@redhat.com \
--cc=alex.williamson@redhat.com \
--cc=alexander.duyck@gmail.com \
--cc=avi@cloudius-systems.com \
--cc=avi@scylladb.com \
--cc=bruce.richardson@intel.com \
--cc=corbet@lwn.net \
--cc=gleb@cloudius-systems.com \
--cc=gregkh@linuxfoundation.org \
--cc=hjk@hansjkoch.de \
--cc=linux-kernel@vger.kernel.org \
--cc=stephen@networkplumber.org \
--cc=vladz@cloudius-systems.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).