virtualization.lists.linux-foundation.org archive mirror
 help / color / mirror / Atom feed
From: "Michael S. Tsirkin" <mst@redhat.com>
To: Andi Kleen <ak@linux.intel.com>
Cc: "Kuppuswamy,
	Sathyanarayanan" <sathyanarayanan.kuppuswamy@linux.intel.com>,
	Kuppuswamy Sathyanarayanan <knsathya@kernel.org>,
	Linux Doc Mailing List <linux-doc@vger.kernel.org>,
	Peter Zijlstra <peterz@infradead.org>,
	Linux PCI <linux-pci@vger.kernel.org>,
	linux-mips@vger.kernel.org,
	James E J Bottomley <James.Bottomley@hansenpartnership.com>,
	Dave Hansen <dave.hansen@intel.com>,
	Peter H Anvin <hpa@zytor.com>,
	sparclinux@vger.kernel.org, Thomas Gleixner <tglx@linutronix.de>,
	linux-arch <linux-arch@vger.kernel.org>,
	Jonathan Corbet <corbet@lwn.net>, Helge Deller <deller@gmx.de>,
	X86 ML <x86@kernel.org>, Ingo Molnar <mingo@redhat.com>,
	Arnd Bergmann <arnd@arndb.de>, Tony Luck <tony.luck@intel.com>,
	Borislav Petkov <bp@alien8.de>, Andy Lutomirski <luto@kernel.org>,
	Bjorn Helgaas <bhelgaas@google.com>,
	Dan Williams <dan.j.williams@intel.com>,
	virtualization@lists.linux-foundation.org,
	Richard Henderson <rth@twiddle.net>,
	Thomas Bogendoerfer <tsbogend@alpha.franken.de>,
	linux-parisc@vger.kernel.org,
	Sean Christopherson <seanjc@google.com>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	linux-alpha@vger.kernel.org,
	"David S . Miller" <davem@davemloft.net>,
	Kirill Shutemov <kirill.shutemov@linux.intel.com>
Subject: Re: [PATCH v4 11/15] pci: Add pci_iomap_shared{,_range}
Date: Mon, 27 Sep 2021 05:07:42 -0400	[thread overview]
Message-ID: <20210927044738-mutt-send-email-mst@kernel.org> (raw)
In-Reply-To: <ad1e41d1-3f4e-8982-16ea-18a3b2c04019@linux.intel.com>

On Fri, Sep 24, 2021 at 03:43:40PM -0700, Andi Kleen wrote:
> 
> > > Hmm, yes that's true. I guess we can make it default to opt-in for
> > > pci_iomap.
> > > 
> > > It only really matters for device less ioremaps.
> > OK. And same thing for other things with device, such as
> > devm_platform_ioremap_resource.
> > If we agree on all that, this will basically remove virtio
> > changes from the picture ;)
> 
> Hi we revisited this now. One problem with removing the ioremap opt-in is
> that it's still possible for drivers to get at devices without going through
> probe. For example they can walk the PCI device list. Some drivers do that
> for various reasons. So if we remove the opt-in we would need to audit and
> possibly fix all that, which would be potentially a lot of churn. That's why
> I think it's better to keep the opt-in.
> 
> 
> -Andi
> 

I've been thinking about why this still feels wrong to me.

Here's what I came up with: at some point someone will want one of these
modules (poking at devices in the initcall) in the encrypted
environment, and will change ioremap to ioremap_shared.
At that point the allowlist will be broken again, and
by that time it will be set in stone and too late to fix.

Isn't the problem that what is actually audited is modules,
but you are trying to add devices to allow list?
So why not have modules/initcalls in the allowlist then?
For built-in modules, we already have initcall_blacklisted, right?
This could be an extension ... no?

-- 
MST

_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization

  reply	other threads:[~2021-09-27  9:07 UTC|newest]

Thread overview: 33+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20210805005218.2912076-1-sathyanarayanan.kuppuswamy@linux.intel.com>
     [not found] ` <20210805005218.2912076-11-sathyanarayanan.kuppuswamy@linux.intel.com>
2021-08-12 19:46   ` [PATCH v4 10/15] asm/io.h: Add ioremap_shared fallback Bjorn Helgaas
2021-08-13  7:58   ` Christoph Hellwig
     [not found] ` <20210805005218.2912076-13-sathyanarayanan.kuppuswamy@linux.intel.com>
2021-08-13  8:07   ` [PATCH v4 12/15] pci: Mark MSI data shared Christoph Hellwig
     [not found] ` <20210805005218.2912076-12-sathyanarayanan.kuppuswamy@linux.intel.com>
2021-08-13  8:02   ` [PATCH v4 11/15] pci: Add pci_iomap_shared{,_range} Christoph Hellwig
2021-08-23 23:56   ` Michael S. Tsirkin
     [not found]     ` <26a3cce5-ddf7-cbe6-a41e-58a2aea48f78@linux.intel.com>
2021-08-24  1:04       ` Dan Williams
2021-08-24  2:14         ` Andi Kleen
2021-08-24  9:47           ` Michael S. Tsirkin
2021-08-24 17:20             ` Andi Kleen
2021-08-24 18:55               ` Bjorn Helgaas
2021-08-24 20:14                 ` Andi Kleen
2021-08-24 20:31                   ` Bjorn Helgaas
2021-08-24 20:50                     ` Andi Kleen
2021-08-24 21:05                       ` Dan Williams
2021-08-25 14:52                       ` Bjorn Helgaas
2021-08-29 15:27               ` Michael S. Tsirkin
2021-08-29 16:17                 ` Andi Kleen
2021-08-29 22:26                   ` Michael S. Tsirkin
2021-08-30  5:11                     ` Andi Kleen
2021-08-30 20:59                       ` Michael S. Tsirkin
2021-08-31  0:23                         ` Andi Kleen
2021-09-10  9:54                           ` Michael S. Tsirkin
2021-09-10 16:34                             ` Andi Kleen
2021-09-11 23:54                               ` Michael S. Tsirkin
2021-09-13  5:53                                 ` Michael S. Tsirkin
2021-09-24 22:43                                 ` Andi Kleen
2021-09-27  9:07                                   ` Michael S. Tsirkin [this message]
     [not found]         ` <CACK8Z6E+__kZqU8mVUnYhFc0wz_e81qBLO3ffqSDghVtztNeQw@mail.gmail.com>
2021-08-24 21:59           ` Dan Williams
2021-08-24  7:07       ` Christoph Hellwig
2021-08-24 17:04         ` Andi Kleen
2021-08-29 15:34           ` Michael S. Tsirkin
2021-08-29 16:43             ` Andi Kleen
2021-08-24  9:12       ` Michael S. Tsirkin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210927044738-mutt-send-email-mst@kernel.org \
    --to=mst@redhat.com \
    --cc=James.Bottomley@hansenpartnership.com \
    --cc=ak@linux.intel.com \
    --cc=arnd@arndb.de \
    --cc=bhelgaas@google.com \
    --cc=bp@alien8.de \
    --cc=corbet@lwn.net \
    --cc=dan.j.williams@intel.com \
    --cc=dave.hansen@intel.com \
    --cc=davem@davemloft.net \
    --cc=deller@gmx.de \
    --cc=hpa@zytor.com \
    --cc=kirill.shutemov@linux.intel.com \
    --cc=knsathya@kernel.org \
    --cc=linux-alpha@vger.kernel.org \
    --cc=linux-arch@vger.kernel.org \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mips@vger.kernel.org \
    --cc=linux-parisc@vger.kernel.org \
    --cc=linux-pci@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=mingo@redhat.com \
    --cc=peterz@infradead.org \
    --cc=rth@twiddle.net \
    --cc=sathyanarayanan.kuppuswamy@linux.intel.com \
    --cc=seanjc@google.com \
    --cc=sparclinux@vger.kernel.org \
    --cc=tglx@linutronix.de \
    --cc=tony.luck@intel.com \
    --cc=tsbogend@alpha.franken.de \
    --cc=virtualization@lists.linux-foundation.org \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).