| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1461083204.20056.8.camel@infradead.org>
Date: Tue, 19 Apr 2016 12:26:44 -0400
From: David Woodhouse <dwmw2@...radead.org>
To: "Michael S. Tsirkin" <mst@...hat.com>,
Andy Lutomirski <luto@...capital.net>
Cc: "qemu-devel@...gnu.org Developers" <qemu-devel@...gnu.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Paolo Bonzini <pbonzini@...hat.com>, peterx@...hat.com,
Cornelia Huck <cornelia.huck@...ibm.com>,
Stefan Hajnoczi <stefanha@...hat.com>,
Kevin Wolf <kwolf@...hat.com>,
Amit Shah <amit.shah@...hat.com>, qemu-block@...gnu.org,
Jason Wang <jasowang@...hat.com>,
Alex Williamson <alex.williamson@...hat.com>,
Andy Lutomirski <luto@...nel.org>,
Christian Borntraeger <borntraeger@...ibm.com>,
Wei Liu <wei.liu2@...rix.com>,
Linux Virtualization <virtualization@...ts.linux-foundation.org>,
kvm list <kvm@...r.kernel.org>
Subject: Re: [PATCH RFC] fixup! virtio: convert to use DMA api
On Tue, 2016-04-19 at 19:20 +0300, Michael S. Tsirkin wrote:
>
> > I thought that PLATFORM served that purpose. Woudn't the host
> > advertise PLATFORM support and, if the guest doesn't ack it, the host
> > device would skip translation? Or is that problematic for vfio?
>
> Exactly that's problematic for security.
> You can't allow guest driver to decide whether device skips security.
Right. Because fundamentally, this *isn't* a property of the endpoint
device, and doesn't live in virtio itself.
It's a property of the platform IOMMU, and lives there.
--
dwmw2
Download attachment "smime.p7s" of type "application/x-pkcs7-signature" (5691 bytes)
Powered by blists - more mailing lists