lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1319733103.5715.3.camel@x201.home>
Date:	Thu, 27 Oct 2011 10:31:42 -0600
From:	Alex Williamson <alex.williamson@...hat.com>
To:	joerg.roedel@....com
Cc:	dwmw2@...radead.org, iommu@...ts.linux-foundation.org,
	linux-kernel@...r.kernel.org, chrisw@...hat.com, agraf@...e.de,
	dwg@....ibm.com, scottwood@...escale.com, B08248@...escale.com,
	benh@...nel.crashing.org
Subject: Re: [PATCH 0/4] iommu: iommu_ops group interface

On Fri, 2011-10-21 at 13:55 -0600, Alex Williamson wrote:
> IOMMUs can't always distiguish transactions from each individual
> device in a system.  Sometimes this is by design (such as powerpc
> partitionable endpoints), other times by topology (PCIe-to-PCI
> bridges masking downstream devices).  We call these sets of
> indistinguishable devices "groups".
> 
> In order to support secure userspace drivers, like vfio, we need
> an interface to expose the device-to-group relationship.  This
> allows us to create policies ensuring that userspace controls all
> of the devices in the group before allowing individual device
> access.
> 
> This series implements the iommu_ops API interface and sysfs
> interface for exposing groups to userspace.  This also includes
> the intel-iommu and amd-iommu backend implementations.  It's
> intended that the vfio driver will make use of these interfaces
> to support generic device assignment for virtual machines.  See
> git://github.com/awilliam/linux-vfio.git (vfio-ng) for a working
> example using this interface.
> 
> Patches based on Joerg's next branch to support per-bus iommu_ops.
> 
> Note the amd-iommu is untested, I'm still working on setting up
> an AMD-Vi capable system.  Thanks,

Now tested, even seems to work :)

Alex

> ---
> 
> Alex Williamson (4):
>       iommu: Add option to group multi-function devices
>       amd-iommu: Implement iommu_device_group
>       intel-iommu: Implement iommu_device_group
>       iommu: Add iommu_device_group callback and iommu_group sysfs entry
> 
> 
>  Documentation/kernel-parameters.txt |    4 ++
>  arch/ia64/include/asm/iommu.h       |    2 +
>  arch/ia64/kernel/pci-dma.c          |    1 +
>  arch/x86/include/asm/iommu.h        |    1 +
>  arch/x86/kernel/pci-dma.c           |   11 ++++++
>  drivers/iommu/amd_iommu.c           |   21 ++++++++++++
>  drivers/iommu/intel-iommu.c         |   47 +++++++++++++++++++++++++++
>  drivers/iommu/iommu.c               |   61 +++++++++++++++++++++++++++++++++++
>  include/linux/iommu.h               |    7 ++++
>  9 files changed, 154 insertions(+), 1 deletions(-)



--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ