From: Russell King - ARM Linux <linux@armlinux.org.uk>
To: Alex Williamson <alex.williamson@redhat.com>, Greg KH <greg@kroah.com>
Cc: kvm@vger.kernel.org, eric.auger@redhat.com, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v3 7/9] vfio: Use driver_override to avert binding to compromising drivers
Date: Mon, 26 Jun 2017 10:08:55 +0100 [thread overview]
Message-ID: <20170626090854.GE4902@n2100.armlinux.org.uk> (raw)
In-Reply-To: <20170620154830.17487.1861.stgit@gimli.home>
On Tue, Jun 20, 2017 at 09:48:31AM -0600, Alex Williamson wrote:
> If a device is bound to a non-vfio, non-whitelisted driver while a
> group is in use, then the integrity of the group is compromised and
> will result in hitting a BUG_ON. This code tries to avoid this case
> by mangling driver_override to force a no-match for the driver. The
> driver-core will either follow-up with a DRIVER_NOT_BOUND (preferred)
> or BOUND_DRIVER, at which point we can remove the driver_override
> mangling.
Rather than mangling the driver override string to prevent driver binding,
I wonder if it would make more sense to allow the BUS_NOTIFY_BIND_DRIVER
notifier to fail the device probe?
The driver override strings are, after all, exposed to userspace, and
it strikes me that this kind of mangling is racy - userspace can read
or change the override string at any time.
--
RMK's Patch system: http://www.armlinux.org.uk/developer/patches/
FTTC broadband for 0.8mile line: currently at 9.6Mbps down 400kbps up
according to speedtest.net.
next prev parent reply other threads:[~2017-06-26 9:09 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-20 15:47 [PATCH v3 0/9] vfio: Fix release ordering races and use driver_override Alex Williamson
2017-06-20 15:47 ` [PATCH v3 1/9] vfio: Fix group release deadlock Alex Williamson
2017-06-20 15:47 ` [PATCH v3 2/9] kvm-vfio: Decouple only when we match a group Alex Williamson
2017-06-26 7:30 ` Auger Eric
2017-06-28 17:37 ` Paolo Bonzini
2017-06-20 15:47 ` [PATCH v3 3/9] vfio: New external user group/file match Alex Williamson
2017-06-20 15:48 ` [PATCH v3 4/9] iommu: Add driver-not-bound notification Alex Williamson
2017-06-20 15:48 ` [PATCH v3 5/9] vfio: Create interface for vfio bus drivers to register Alex Williamson
2017-06-20 15:48 ` [PATCH v3 6/9] vfio: Register pci, platform, amba, and mdev bus drivers Alex Williamson
2017-06-20 15:48 ` [PATCH v3 7/9] vfio: Use driver_override to avert binding to compromising drivers Alex Williamson
2017-06-26 9:08 ` Russell King - ARM Linux [this message]
2017-06-26 19:39 ` Alex Williamson
2017-07-10 21:34 ` Alex Williamson
2017-07-11 9:46 ` Greg KH
2017-07-11 16:41 ` Alex Williamson
2017-07-13 8:23 ` Greg KH
2017-07-14 16:03 ` Alex Williamson
2017-07-14 20:09 ` Greg KH
2017-06-20 15:48 ` [PATCH v3 8/9] amba: Export amba_bustype Alex Williamson
2017-06-26 7:30 ` Auger Eric
2017-06-20 15:48 ` [PATCH v3 9/9] vfio: Add AMBA driver_override support Alex Williamson
2017-06-26 7:30 ` Auger Eric
2017-06-26 7:31 ` [PATCH v3 0/9] vfio: Fix release ordering races and use driver_override Auger Eric
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170626090854.GE4902@n2100.armlinux.org.uk \
--to=linux@armlinux.org.uk \
--cc=alex.williamson@redhat.com \
--cc=eric.auger@redhat.com \
--cc=greg@kroah.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox