| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 18 Jun 2013 20:52:43 -0600 From: Bjorn Helgaas <bhelgaas@...gle.com> To: Don Dutile <ddutile@...hat.com> Cc: Alex Williamson <alex.williamson@...hat.com>, "linux-pci@...r.kernel.org" <linux-pci@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "kvm@...r.kernel.org" <kvm@...r.kernel.org> Subject: Re: [PATCH] pci: Enable overrides for missing ACS capabilities On Tue, Jun 18, 2013 at 5:03 PM, Don Dutile <ddutile@...hat.com> wrote: > On 06/18/2013 06:22 PM, Alex Williamson wrote: >> >> On Tue, 2013-06-18 at 15:31 -0600, Bjorn Helgaas wrote: >>> >>> On Tue, Jun 18, 2013 at 12:20 PM, Alex Williamson >>> <alex.williamson@...hat.com> wrote: >>>> >>>> On Tue, 2013-06-18 at 11:28 -0600, Bjorn Helgaas wrote: >>>>> >>>>> On Thu, May 30, 2013 at 12:40:19PM -0600, Alex Williamson wrote: > ... >>>>> Who do you expect to decide whether to use this option? I think it >>>>> requires intimate knowledge of how the device works. >>>>> >>>>> I think the benefit of using the option is that it makes assignment of >>>>> devices to guests more flexible, which will make it attractive to >>>>> users. >>>>> But most users have no way of knowing whether it's actually *safe* to >>>>> use this. So I worry that you're adding an easy way to pretend >>>>> isolation >>>>> exists when there's no good way of being confident that it actually >>>>> does. > ... >>> I wonder if we should taint the kernel if this option is used (but not >>> for specific devices added to pci_dev_acs_enabled[]). It would also >>> be nice if pci_dev_specific_acs_enabled() gave some indication in >>> dmesg for the specific devices you're hoping to add to >>> pci_dev_acs_enabled[]. It's not an enumeration-time quirk right now, >>> so I'm not sure how we'd limit it to one message per device. >> >> Right, setup vs use and getting single prints is a lot of extra code. >> Tainting is troublesome for support, Don had some objections when I >> suggested the same to him. >> > For RH GSS (Global Support Services), a 'taint' in the kernel printk means > RH doesn't support that system. The 'non-support' due to 'taint' being > printed > out in this case may be incorrect -- RH may support that use, at least until > a more sufficient patched kernel is provided. > Thus my dissension that 'taint' be output. WARN is ok. 'driver beware', > 'unleashed dog afoot'.... sure... So ... that's really a RH-specific support issue, and easily worked around by RH adding a patch that turns off tainting. It still sounds like a good idea to me for upstream, where use of this option can very possibly lead to corruption or information leakage between devices the user claimed were isolated, but in fact were not. Bjorn -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists