| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 9 Mar 2012 14:40:02 +1100 From: David Gibson <david@...son.dropbear.id.au> To: Alex Williamson <alex.williamson@...hat.com> Cc: dwmw2@...radead.org, iommu@...ts.linux-foundation.org, aik@...abs.ru, benh@...nel.crashing.org, qemu-devel@...gnu.org, joerg.roedel@....com, kvm@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: RFC: Device isolation groups On Wed, Feb 29, 2012 at 12:30:55PM -0700, Alex Williamson wrote: > On Thu, 2012-02-02 at 12:24 +1100, David Gibson wrote: > > On Wed, Feb 01, 2012 at 01:08:39PM -0700, Alex Williamson wrote: [snip] > Any update to this series? It would be great if we could map out the > functionality to the point of breaking down and distributing work... or > determining if the end result has any value add to what VFIO already > does. Thanks, Yes and no. No real change on the isolation code per se. I had been hoping for feedback from David Woodhouse, but I guess he's been too busy. In the meantime, however, Alexey has been working on a different approach to doing PCI passthrough which is more suitable for our machines. It is based on passing through an entire virtual host bridge (which could be a whole host side host bridge, or a subset, depending on host isolation capabilities), rather than individual devices. This makes it substantially simpler than VFIO (we don't need to virtualize config space or device addresses), and it provides better enforcement of isolation guarantees (VFIO isolation can be broken if devices have MMIO backdoors to config space, or if they can be made to DMA to other devices MMIO addresses instead of RAM addresses), but does require suitable bridge hardware - pSeries has such hardware, x86 mostly doesn't (although it wouldn't surprise me if large server class x86 machines do or will provide the necessary things). Even on this sort of hardware the device-centred VFIO approach may have uses, since it might allow finer grained division, at the cost of isolation enforcement. This provides a more concrete case for the isolation infrastructure, since it would allow the virtual-PHB and VFIO approaches to co-exist. As Alexey's prototype comes into shape, it should illuminate what other content we need in the isolation infrastructure to make it fully usable. -- David Gibson | I'll have my music baroque, and my code david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_ | _way_ _around_! http://www.ozlabs.org/~dgibson -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists