| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 8 Oct 2015 12:44:09 +0300 From: Avi Kivity <avi@...lladb.com> To: "Michael S. Tsirkin" <mst@...hat.com> Cc: Alex Williamson <alex.williamson@...hat.com>, Vlad Zolotarov <vladz@...udius-systems.com>, Greg KH <gregkh@...uxfoundation.org>, linux-kernel@...r.kernel.org, hjk@...sjkoch.de, corbet@....net, bruce.richardson@...el.com, avi@...udius-systems.com, gleb@...udius-systems.com, stephen@...workplumber.org, alexander.duyck@...il.com Subject: Re: [PATCH v3 2/3] uio_pci_generic: add MSI/MSI-X support On 10/08/2015 12:16 PM, Michael S. Tsirkin wrote: > On Thu, Oct 08, 2015 at 11:46:30AM +0300, Avi Kivity wrote: >> >> On 10/08/2015 10:32 AM, Michael S. Tsirkin wrote: >>> On Thu, Oct 08, 2015 at 08:33:45AM +0300, Avi Kivity wrote: >>>> It is good practice to defend against root oopsing the kernel, but in some >>>> cases it cannot be achieved. >>> Absolutely. That's one of the issues with these patches. They don't even >>> try where it's absolutely possible. >>> >> Are you referring to blocking the maps of the msix BAR areas? > For example. There are more. I listed some of the issues on the mailing > list, and I might have missed some. VFIO has code to address all this, > people should share code to avoid duplication, or at least read it > to understand the issues. All but one of those are unrelated to the patch that adds msix support. > >> I think there is value in that. The value is small because a >> corruption is more likely in the dynamic memory responsible for tens >> of millions of DMA operations per second, rather than a static 4K >> area, but it exists. > There are other bugs which will hurt e.g. each time application does not > exit gracefully. uio_pci_generic disables DMA when the device is removed, so we're safe here, at least if files are released before the address space. > > But well, heh :) That's precisely my feeling about the whole "running > userspace drivers without an IOMMU" project. The value is small > since modern hardware has fast IOMMUs, but it exists. > For users that don't have iommus at all (usually because it is taken by the hypervisor), it has great value. I can't comment on iommu overhead; for my use case it is likely negligible and we will use an iommu when available; but apparently it matters for others. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists