| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 3 Oct 2013 09:28:59 +0300 From: Gleb Natapov <gleb@...hat.com> To: Benjamin Herrenschmidt <benh@...nel.crashing.org> Cc: Alexander Graf <agraf@...e.de>, Paolo Bonzini <pbonzini@...hat.com>, Paul Mackerras <paulus@...ba.org>, Michael Ellerman <michael@...erman.id.au>, linux-kernel@...r.kernel.org, mpm@...enic.com, herbert@...dor.hengli.com.au, linuxppc-dev@...abs.org, kvm@...r.kernel.org, kvm-ppc@...r.kernel.org, tytso@....edu Subject: Re: [PATCH 3/3] KVM: PPC: Book3S: Add support for hwrng found on some powernv systems On Thu, Oct 03, 2013 at 08:07:22AM +1000, Benjamin Herrenschmidt wrote: > On Wed, 2013-10-02 at 13:02 +0300, Gleb Natapov wrote: > > > Yes, I alluded to it in my email to Paul and Paolo asked also. How this > > interface is disabled? Also hwrnd is MMIO in a host why guest needs to > > use hypercall instead of emulating the device (in kernel or somewhere > > else?). Another things is that on a host hwrnd is protected from > > direct userspace access by virtue of been a device, but guest code (event > > kernel mode) is userspace as far as hosts security model goes, so by > > implementing this hypercall in a way that directly access hwrnd you > > expose hwrnd to a userspace unconditionally. Why is this a good idea? > > BTW. Is this always going to be like this ? > If something questionable will be noticed explanation will be required. It is like that for all arches and all parts of kernel. > Every *single* architectural or design decision we make for our > architecture has to be justified 30 times over, every piece of code bike > shedded to oblivion for month, etc... ? > This is simply not true, most powerpc patches go in without any comments. > Do we always have to finally get to some kind of agreement on design, go > to the 6 month bike-shedding phase, just to have somebody else come up > and start re-questioning the whole original design (without any > understanding of our specific constraints of course) ? > Do you really think that nobody here understands that exit to userspace is slow? > You guys are the most horrendous community I have ever got to work with. > It's simply impossible to get anything done in any reasonable time > frame . > > At this stage, it would have taken us an order of magnitude less time to > simply rewrite an entire hypervisor from scratch. Of course, it is always much easier to ignore other people input and do everything your way. Why listen to people who deal with migration issues for many years if you can commit the patch and forget about it until migration fails, but who cares, you got there in an order of magnitude less time and this is what counts. > > This is sad. > Agree. -- Gleb. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists