From: Jason Gunthorpe <jgg@nvidia.com>
To: Zhi Wang <zhiw@nvidia.com>
Cc: "John Hubbard" <jhubbard@nvidia.com>,
"Alexandre Courbot" <acourbot@nvidia.com>,
"Danilo Krummrich" <dakr@kernel.org>,
"Joel Fernandes" <joelagnelf@nvidia.com>,
"Timur Tabi" <ttabi@nvidia.com>,
"Alistair Popple" <apopple@nvidia.com>,
"Surath Mitra" <smitra@nvidia.com>,
"David Airlie" <airlied@gmail.com>,
"Simona Vetter" <simona@ffwll.ch>,
"Bjorn Helgaas" <bhelgaas@google.com>,
"Krzysztof Wilczyński" <kwilczynski@kernel.org>,
"Miguel Ojeda" <ojeda@kernel.org>,
"Alex Gaynor" <alex.gaynor@gmail.com>,
"Boqun Feng" <boqun.feng@gmail.com>,
"Gary Guo" <gary@garyguo.net>,
"Björn Roy Baron" <bjorn3_gh@protonmail.com>,
"Benno Lossin" <lossin@kernel.org>,
"Andreas Hindborg" <a.hindborg@kernel.org>,
"Alice Ryhl" <aliceryhl@google.com>,
"Trevor Gross" <tmgross@umich.edu>,
"nouveau@lists.freedesktop.org" <nouveau@lists.freedesktop.org>,
"linux-pci@vger.kernel.org" <linux-pci@vger.kernel.org>,
"rust-for-linux@vger.kernel.org" <rust-for-linux@vger.kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
"Alex Williamson" <alex.williamson@redhat.com>,
"Neo Jia" <cjia@nvidia.com>
Subject: Re: [PATCH 0/2] rust: pci: expose is_virtfn() and reject VFs in nova-core
Date: Tue, 7 Oct 2025 08:26:03 -0300 [thread overview]
Message-ID: <20251007112603.GX3360665@nvidia.com> (raw)
In-Reply-To: <75316915-fbae-487a-b710-ce01f088a2ed@nvidia.com>
On Tue, Oct 07, 2025 at 06:51:47AM +0000, Zhi Wang wrote:
> > You'd have to be more specific, I didn't see really any mediation
> > stuff in the vfio driver to explain why the VF in the VM would act so
> > differently that it "couldn't work"
>
> From the device vendor’s perspective, we have no support or use case for
> a bare-metal VF model, not now and not in the foreseeable future.
Again be specific, exactly what mediation in vfio is missing.
> Even hypothetically, such support would not come from nova-core.ko,
> since that would defeat the purpose of maintaining a trimmed-down
> kernel module where minimizing the attack surface and preserving
> strict security boundaries are primary design goals.
Nonsense. If you moved stuff from vfio to noca-core it doesn't change
the "trimmed-down" nature one bit.
I'm strongly against adding that profiling stuff to vfio, and I'm not
hearing any reasons why nova is special and it must be done that way.
Jason
next prev parent reply other threads:[~2025-10-07 11:26 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-30 22:07 [PATCH 0/2] rust: pci: expose is_virtfn() and reject VFs in nova-core John Hubbard
2025-09-30 22:07 ` [PATCH 1/2] rust: pci: add is_virtfn(), to check for VFs John Hubbard
2025-10-01 0:30 ` Alistair Popple
2025-09-30 22:07 ` [PATCH 2/2] gpu: nova-core: reject binding to SR-IOV Virtual Functions John Hubbard
2025-10-01 0:33 ` Alistair Popple
2025-10-01 1:26 ` John Hubbard
2025-10-01 0:26 ` [PATCH 0/2] rust: pci: expose is_virtfn() and reject VFs in nova-core Alexandre Courbot
2025-10-01 1:26 ` John Hubbard
2025-10-01 1:39 ` Alexandre Courbot
2025-10-01 1:45 ` John Hubbard
2025-10-01 8:09 ` Zhi Wang
2025-10-01 14:48 ` Jason Gunthorpe
2025-10-01 21:13 ` Zhi Wang
2025-10-02 1:43 ` Alexandre Courbot
2025-10-02 1:50 ` John Hubbard
2025-10-02 11:58 ` Jason Gunthorpe
2025-10-02 12:59 ` Zhi Wang
2025-10-02 13:42 ` Jason Gunthorpe
2025-10-02 14:29 ` Zhi Wang
2025-10-02 14:31 ` Jason Gunthorpe
2025-10-07 6:51 ` Zhi Wang
2025-10-07 10:14 ` Danilo Krummrich
2025-10-07 11:00 ` Zhi Wang
2025-10-07 11:26 ` Jason Gunthorpe [this message]
2025-10-01 14:46 ` Jason Gunthorpe
2025-10-01 18:16 ` Alex Williamson
2025-10-01 18:30 ` Jason Gunthorpe
2025-10-01 22:35 ` John Hubbard
2025-10-02 7:41 ` Zhi Wang
2025-10-01 0:29 ` Alistair Popple
2025-10-01 1:22 ` John Hubbard
2025-10-01 10:32 ` Danilo Krummrich
2025-10-01 13:52 ` Zhi Wang
2025-10-01 22:38 ` John Hubbard
2025-10-01 22:52 ` Danilo Krummrich
2025-10-01 23:00 ` John Hubbard
2025-10-01 23:47 ` Joel Fernandes
2025-10-01 23:51 ` John Hubbard
2025-10-01 23:55 ` Danilo Krummrich
2025-10-02 0:48 ` Joel Fernandes
2025-10-02 0:54 ` John Hubbard
2025-10-02 12:05 ` Jason Gunthorpe
2025-10-02 12:01 ` Jason Gunthorpe
2025-10-02 12:08 ` Danilo Krummrich
2025-10-02 12:32 ` Jason Gunthorpe
2025-10-02 12:41 ` Danilo Krummrich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251007112603.GX3360665@nvidia.com \
--to=jgg@nvidia.com \
--cc=a.hindborg@kernel.org \
--cc=acourbot@nvidia.com \
--cc=airlied@gmail.com \
--cc=alex.gaynor@gmail.com \
--cc=alex.williamson@redhat.com \
--cc=aliceryhl@google.com \
--cc=apopple@nvidia.com \
--cc=bhelgaas@google.com \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=cjia@nvidia.com \
--cc=dakr@kernel.org \
--cc=gary@garyguo.net \
--cc=jhubbard@nvidia.com \
--cc=joelagnelf@nvidia.com \
--cc=kwilczynski@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=lossin@kernel.org \
--cc=nouveau@lists.freedesktop.org \
--cc=ojeda@kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=simona@ffwll.ch \
--cc=smitra@nvidia.com \
--cc=tmgross@umich.edu \
--cc=ttabi@nvidia.com \
--cc=zhiw@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).