From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-qk1-f182.google.com (mail-qk1-f182.google.com [209.85.222.182])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id E149E37C92E
	for <netdev@vger.kernel.org>; Wed, 22 Apr 2026 16:29:30 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.222.182
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1776875372; cv=none; b=JcJV7+1/0+9S6dcXgHcL9bd4J3474RpicWPpunGcLBcXSEucrOrDupnbmlB56tmkx51SER/6FcIwDY00psWMiww7RBR0O3rCq78bdZf/7KDgyUFePgMS++GyxguChwkOkaC/b527PhI95jZjdJTe3Yq/KAAgD5lSCSCtP5ze/Y0=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1776875372; c=relaxed/simple;
	bh=7nUTpLDZcNwHVIBFnUXlZ2h+DqdD9r7qtP5b75FfdX8=;
	h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:
	 Content-Type:Content-Disposition:In-Reply-To; b=q1LIOFXdVRn10sWAFqIJkvIWnegizOxvrTQPQFAs0kftCZ+w9eVBaEOFaJN1CdZjUnfN/QyGu8GWFcTVqHI2kco05uVkhFUVFAki3A7JgSpWpznr+yGOLuegZEG3kuA6vmO0BcZc4MvUDQci8nW58LtdDqgBKK5k+argt7wc/tU=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=ziepe.ca; spf=pass smtp.mailfrom=ziepe.ca; dkim=pass (2048-bit key) header.d=ziepe.ca header.i=@ziepe.ca header.b=pJvx2Y7f; arc=none smtp.client-ip=209.85.222.182
Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=ziepe.ca
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=ziepe.ca
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=ziepe.ca header.i=@ziepe.ca header.b="pJvx2Y7f"
Received: by mail-qk1-f182.google.com with SMTP id af79cd13be357-8cb5c9ba82bso895094885a.2
        for <netdev@vger.kernel.org>; Wed, 22 Apr 2026 09:29:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=ziepe.ca; s=google; t=1776875370; x=1777480170; darn=vger.kernel.org;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to;
        bh=h9IY/0ZHCf/patsFxziV9u+pjgUJWDhTV7Q7rdgygPM=;
        b=pJvx2Y7fJ5pRaa87U2jGMRAagGCpZPf/KPXYOkaL7GhCt6l6UhqQZ/A0y/BhTI0DcR
         7ESGzMELWUIIPm4cauAh9D/DzCJU3MXqnZn2QEj6UXZlGvpe5AaCgULd5jhGWP5gbC5k
         cjW1khqmaDO4AAgE+7i1Jw32Lif3HY4W15HkkQ1O8iHli1j3wVrEWMW1GJlZlvSYlXmi
         RGyaDzp7uoxx3YF1rVKy04lCwZazcXGkSorGhtUb9eygF71AqmacasFi+VsHlXGIZeln
         +7qjZktq7NYcYRfxHPfvoZyhSRbvw9gYj1nNZUu7kCiMf3BpsGBEvSzo4Jfcxon6U5zl
         k5SA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1776875370; x=1777480170;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:x-gm-gg:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=h9IY/0ZHCf/patsFxziV9u+pjgUJWDhTV7Q7rdgygPM=;
        b=HN/vfIWLtPBbrwbtaS56QYlaOQaQLMklaiDNd3E7fOrvMixkGKsc1OMawM8Qt9Nzyw
         T19GUtFUV47fRoSk7dsHUA5a/87Qh9ocq6Ujt0xNZgfM6xPD0prEUNeQ/HGtwE3UFSIt
         +1ut+PiGp7GbyBX5gTZgbnKEBQDiamfzqulpHZ1VfJjaR81XLEYhWgZqxdMawFgAyjMa
         5TOw+3Z6KaFnaXDrMa3P6BrRRN3z1FrkI+AUGZhJoiuAEwv1sXp9gW6Og/nHohZRuyr0
         a+yjnoi9b+fNND76tNrmRc8bDEGgCplLeP8l3z4Ng2k3vtBwdpax4/KA0z2T9hgON10u
         +oow==
X-Forwarded-Encrypted: i=1; AFNElJ/M8YsaNUBGk9zWWrYlhWabFFHF+2FzWIr2InaHaLETH5jFKoKCVlyvjmsv4kH/MYtkKIfY9VA=@vger.kernel.org
X-Gm-Message-State: AOJu0YxoPpi48+L6YZXIrVpPiJt3pe+8RlhOw8XEz5wi/KWF7VNIkz5r
	jZTdUlyVqghdC0CONmIG6tawRHOum1RNczh6J/7XXWJeVadPKg8q8VMnUI8gAbTthPRQLgZMG1V
	9fj/VE4Y=
X-Gm-Gg: AeBDieuLaaXTsnUysRnm+FyH93ygZwWJalJpVumitZxq30mex0HuzFQg/B9tjyZh1mz
	TSkZOnmzo2jgc4yBGjOz5QYaxGEmuZcMLBgaGDecKOnU01aENnPyeQ5yT/Ey4SfADS6lwBhL6+h
	uAQ/7LEQanYrcEvlgfjRLJ0IVkXBguneYhlDGoz7HCGxLfKnrcjd4EIrnXaS0QIgMA2bRaB2VkE
	aDMUG8Ifti9Hr9F+sIcrCxXPm1e9nh5ATuKXlv9Im+sYPVn/Jwn1gx0giDqkRto2wYEtaS1J6Du
	B8vKjOd8NJxOouOZIY+LYI/LvuPBCaa/zXTZQ5qo1w7DKWLKuyyYTSMz9dkZvnjlXcTSIdtAXxY
	gGUmMVQueRrO1yGc6ac4Itfn0p9Xjqje9lUMiCHoCbWMvZWLt7ZU0SRvpgLaGn6RYYuVMZGp9bz
	mFKXntquk5KF46TYwjZPkctlJF7tYsF8r3qepQV6Ga0VYyZxa/2KYMnb4rcdHAqW8BSCaTRNivk
	Xvn5cnu1TrwITLR
X-Received: by 2002:ac8:58c6:0:b0:50e:635b:5579 with SMTP id d75a77b69052e-50e635b57e4mr184629681cf.19.1776875369960;
        Wed, 22 Apr 2026 09:29:29 -0700 (PDT)
Received: from ziepe.ca (crbknf0213w-47-54-130-67.pppoe-dynamic.high-speed.nl.bellaliant.net. [47.54.130.67])
        by smtp.gmail.com with ESMTPSA id d75a77b69052e-50e5d5ecffdsm83483301cf.29.2026.04.22.09.29.29
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 22 Apr 2026 09:29:29 -0700 (PDT)
Received: from jgg by wakko with local (Exim 4.97)
	(envelope-from <jgg@ziepe.ca>)
	id 1wFaS8-00000008cG7-3pDK;
	Wed, 22 Apr 2026 13:29:28 -0300
Date: Wed, 22 Apr 2026 13:29:28 -0300
From: Jason Gunthorpe <jgg@ziepe.ca>
To: Alex Williamson <alex@shazbot.org>
Cc: Zhiping Zhang <zhipingz@meta.com>, Stanislav Fomichev <sdf@meta.com>,
	Keith Busch <kbusch@kernel.org>, Leon Romanovsky <leon@kernel.org>,
	Bjorn Helgaas <helgaas@kernel.org>, linux-rdma@vger.kernel.org,
	linux-pci@vger.kernel.org, netdev@vger.kernel.org,
	dri-devel@lists.freedesktop.org, Yochai Cohen <yochai@nvidia.com>,
	Yishai Hadas <yishaih@nvidia.com>
Subject: Re: [PATCH v1 1/2] vfio: add callback to get tph info for dma-buf
Message-ID: <20260422162928.GL3611611@ziepe.ca>
References: <20260420183920.3626389-1-zhipingz@meta.com>
 <20260420183920.3626389-2-zhipingz@meta.com>
 <20260422092327.3f629ad6@shazbot.org>
Precedence: bulk
X-Mailing-List: netdev@vger.kernel.org
List-Id: <netdev.vger.kernel.org>
List-Subscribe: <mailto:netdev+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:netdev+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20260422092327.3f629ad6@shazbot.org>

On Wed, Apr 22, 2026 at 09:23:27AM -0600, Alex Williamson wrote:
> In general though, I'm really hoping that someone interested in
> enabling TPH as an interface through vfio actually decides to take
> resource targeting and revocation seriously.  There's no validation of
> the steering tag here relative to what the user has access to and no
> mechanism to revoke those tags if access changes.  In fact, there's not
> even a proposed mechanism allowing the user to derive valid steering
> tags.  Does the user implicitly know the value and the kernel just
> allows it because... yolo? 

This is the steering tag that remote devices will send *INTO* the VFIO
device.

IMHO it is entirely appropriate that the driver controlling the device
decide what tags are sent into it and when, so that's the VFIO
userspace.

There is no concept of access here since the entire device is captured
by VFIO.

If the VFIO device catastrophically malfunctions when receiving
certain steering tags then it is incompatible with VFIO and we should
at least block this new API..

The only requirement is that the device limit the TPH to only the
function that is perceiving them. If a device is really broken and
doesn't meet that then it should be blocked off and it is probably not
safe to be used with VMs at all.

Jason