| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 11 Sep 2012 21:24:32 +0200 From: Paolo Bonzini <pbonzini@...hat.com> To: Tejun Heo <tj@...nel.org> CC: linux-kernel@...r.kernel.org, axboe@...nel.dk, linux-scsi@...r.kernel.org, "James E.J. Bottomley" <JBottomley@...allels.com> Subject: Re: [PATCH] sg_io: allow UNMAP and WRITE SAME without CAP_SYS_RAWIO Il 11/09/2012 21:13, Tejun Heo ha scritto: > Hello, Paolo. > > On Tue, Sep 11, 2012 at 08:54:03PM +0200, Paolo Bonzini wrote: >>> On Tue, Sep 11, 2012 at 07:56:53PM +0200, Paolo Bonzini wrote: >>>> Understood; unfortunately, there is another major user of it >>>> (virtualization). If you are passing "raw" LUNs down to a virtual >>>> machine, there's no possibility at all to use a properly encapsulated >>> >>> Is there still command filtering issue when you're passing "raw" LUNs >>> down? >> >> Yes, the passing down is just a userland program that gets SCSI >> commands from the guest, sends them via SG_IO, and passes back the >> result. If the userland program is unprivileged (it usually is), then >> you go through the filter. > > Could being able to bypass the filters for this "you own this LUN" be > a solution? Or is it that we still need command filtering for > whatever reason? Yes, it could be. Enabling/disabling the filters from a privileged program and passing the unfiltered fd via SCM_RIGHTS would be enough. >> This is the userland for virtio-scsi (the kernel part of virtio-scsi is just >> a driver running in the guest). It can run in two mode: it can do its own >> SCSI emulation, or it can just relay CDBs and their results. >> >> It can (and does) use higher-level services if SCSI emulation is done in >> userland. In that case, trim/discard can become a BLKDISCARD or a fallocate >> for example. However, in this case userland doesn't do any emulation and in >> fact doesn't even need to know that this CDB is a discard. > > Couldn't it intercept some of them - e.g. RWs and discards? > What's the benifit / use case of doing pure bypass? Basically, using the same storage technology for bare metal and virtualized systems. IMHO losing sense data is a no-no, but the above solution could be feasible too. > Would the benefits be strong enough to justify whole bpf cdb filtering? If we can get a simpler solution that is okay with kernel maintainers, I'm all for it. >>> Hmmm? This was about discard, no? >> >> One example of block layer interfaces that I want to add is BLKPING, so >> that you can see if the NAS is reachable. Then SCSI emulation can map >> the "test unit ready" command to BLKPING. There's a handful of such >> ioctls that would be useful, such as BLKDISCARD itself. > > Can't you make use of the existing disk events mechanism for that? > Block layer already knows how to watch readiness of a device and tell > the userland about it via uevent. How? But anyway i don't want to divert the discussion from the actual topic... Paolo -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists