lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 5 Nov 2020 17:02:00 +0800
From:   Shuo A Liu <shuo.a.liu@...el.com>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     linux-kernel@...r.kernel.org, x86@...nel.org,
        "H . Peter Anvin" <hpa@...or.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        Sean Christopherson <sean.j.christopherson@...el.com>,
        Yu Wang <yu1.wang@...el.com>,
        Reinette Chatre <reinette.chatre@...el.com>,
        Zhi Wang <zhi.a.wang@...el.com>,
        Zhenyu Wang <zhenyuw@...ux.intel.com>
Subject: Re: [PATCH v5 06/17] virt: acrn: Introduce VM management interfaces

On Thu  5.Nov'20 at  9:26:39 +0100, Greg Kroah-Hartman wrote:
>On Thu, Nov 05, 2020 at 03:35:45PM +0800, Shuo A Liu wrote:
>> On Thu  5.Nov'20 at  7:29:07 +0100, Greg Kroah-Hartman wrote:
>> > On Thu, Nov 05, 2020 at 11:10:29AM +0800, Shuo A Liu wrote:
>> > > On Wed  4.Nov'20 at 20:02:35 +0100, Greg Kroah-Hartman wrote:
>> > > > On Mon, Oct 19, 2020 at 02:17:52PM +0800, shuo.a.liu@...el.com wrote:
>> > > > > --- /dev/null
>> > > > > +++ b/include/uapi/linux/acrn.h
>> > > > > @@ -0,0 +1,56 @@
>> > > > > +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
>> > > > > +/*
>> > > > > + * Userspace interface for /dev/acrn_hsm - ACRN Hypervisor Service Module
>> > > > > + *
>> > > > > + * This file can be used by applications that need to communicate with the HSM
>> > > > > + * via the ioctl interface.
>> > > > > + */
>> > > > > +
>> > > > > +#ifndef _UAPI_ACRN_H
>> > > > > +#define _UAPI_ACRN_H
>> > > > > +
>> > > > > +#include <linux/types.h>
>> > > > > +
>> > > > > +/**
>> > > > > + * struct acrn_vm_creation - Info to create a User VM
>> > > > > + * @vmid:		User VM ID returned from the hypervisor
>> > > > > + * @reserved0:		Reserved
>> > > > > + * @vcpu_num:		Number of vCPU in the VM. Return from hypervisor.
>> > > > > + * @reserved1:		Reserved
>> > > > > + * @uuid:		UUID of the VM. Pass to hypervisor directly.
>> > > > > + * @vm_flag:		Flag of the VM creating. Pass to hypervisor directly.
>> > > > > + * @ioreq_buf:		Service VM GPA of I/O request buffer. Pass to
>> > > > > + *			hypervisor directly.
>> > > > > + * @cpu_affinity:	CPU affinity of the VM. Pass to hypervisor directly.
>> > > > > + * @reserved2:		Reserved
>> > > >
>> > > > Reserved and must be 0?
>> > >
>> > > Not a must.
>> >
>> > That's guaranteed to come back and bite you in the end.
>>
>> OK. I can fill them with zero before passing them to hypervisor.
>>
>> > You all have read the "how to write a good api" document, right?
>>
>> Is it Documentation/driver-api/ioctl.rst? Or i missed..
>
>That's one good document, but no, not what I was referring to.  I was
>thinking of Documentation/process/adding-syscalls.rst, which is what you
>are doing here implicitly with these new ioctls (every ioctl is a brand
>new syscall.)

I will read it as well. Thanks.

>
>> > > > What are they reserved for?
>> > > >
>> > > > Same for all of the reserved fields, why?
>> > >
>> > > Some reserved fields are to map layout in the hypervisor side, others
>> > > are for future use.
>> >
>> > ioctls should not have these, again, please read the documentation.  If
>> > you need something new in the future, just make a new ioctl.
>>
>> OK. I will remove some reserved fields for scalability.
>
>"scalability" should have nothing to do with any of this, right?  What
>am I missing?

Sorry, i meant reserved fields for future use.

>
>> Though i can
>> keep some reserved fields for alignment (and to keep same data structure
>> layout with the hypervisor), right?
>> Documentation/driver-api/ioctl.rst says that explicit reserved fields
>> could be used.
>
>If you need alignment, yes, that is fine, but that's not what you are
>saying these are for.  And if you need alignment, why not move things
>around so they are properly aligned.
>
>And this structure has nothing to do with the hypervisor structure,
>that's a internal-kernel structure, not a userspace-visable thing if you
>are doing things correctly.

It's the same structure with the one in hypervisor. HSM driver
doesn't maintain the VM much, it just pass the data for VM creation from
userspace to hypervisor.

>
>As an example of all of this type of review and conversation, please
>refer to the review of the recent nitro_enclaves code that got merged.
>All of the discussions there about ioctls are also relevant here.

I will. Thanks very much.

Thanks
shuo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ