lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YNmVg3ZhshshlbSx@ninjato>
Date:   Mon, 28 Jun 2021 11:25:23 +0200
From:   Wolfram Sang <wsa@...nel.org>
To:     Arnd Bergmann <arnd@...db.de>
Cc:     Jie Deng <jie.deng@...el.com>,
        Linux I2C <linux-i2c@...r.kernel.org>,
        virtualization@...ts.linux-foundation.org,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        "Michael S. Tsirkin" <mst@...hat.com>,
        Jason Wang <jasowang@...hat.com>,
        Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
        conghui.chen@...el.com, kblaiech@...lanox.com,
        jarkko.nikula@...ux.intel.com,
        Sergey Semin <Sergey.Semin@...kalelectronics.ru>,
        Mike Rapoport <rppt@...nel.org>, loic.poulain@...aro.org,
        Tali Perry <tali.perry1@...il.com>,
        Uwe Kleine-König 
        <u.kleine-koenig@...gutronix.de>,
        Bjorn Andersson <bjorn.andersson@...aro.org>,
        yu1.wang@...el.com, shuo.a.liu@...el.com,
        Viresh Kumar <viresh.kumar@...aro.org>,
        Stefan Hajnoczi <stefanha@...hat.com>,
        Paolo Bonzini <pbonzini@...hat.com>
Subject: Re: [PATCH v10] i2c: virtio: add a virtio i2c frontend driver

Hi Arnd,

> You probably know this already, but just in case for clarification
> these are two different things:

Ah, yes. I mistyped VFIO. Shows that I am not really fluent with these
terms. But as I spoke of paravirtualized later, I think I meant the
right thing.

> 
> > I2C transactions can have an arbitrary number of messages which can
> > arbitrarily be read or write. As I understand the above, only one read,
> > write or read-write transaction is supported. If that is the case, it
> > would be not very much I2C but more SMBus. If my assumptions are true,
> > we first need to decide if you want to go the I2C way or SMBus subset.
> 
> This has come up in previous reviews already. I think it comes down
> to the requirement that the virtio i2c protocol should allow passthrough
> access to any client devices connected to a physical i2c bus on the host,
> and this should ideally be independent of whether the host driver
> exposes I2C_RDWR or I2C_SMBUS ioctl interface, or both.

If a host driver supports I2C_RDWR (i.e. I2C bus transactions) it will
support I2C_SMBUS (i.e. SMBus transactions), too. It can be emulated and
host drivers just need to set I2C_FUNC_SMBUS_EMUL. With the notable
excaption of zero length transfers. Some cannot do this, so they use
I2C_FUNC_I2C | (I2C_FUNC_SMBUS_EMUL & ~I2C_FUNC_SMBUS_QUICK).

The other way around is not possible, SMBus is a subset of I2C.

> This can be done either by having both interface types in the transport,
> or picking one of the two, and translating to the host interface type
> in software.

If you have I2C, you have SMBus as well.

> As far as I understand me (please clarify), implementing only the smbus
> subset would mean that we cannot communicate with all client devices,
> while implementing both would add more complexity than the lower-level
> protocol.

Correct. You need to pick I2C if you want to support all devices. SMBus
will give you only a lot of devices.

> > Also, as I read it, a whole bus is para-virtualized to the guest, or?
> > Wouldn't it be better to allow just specific devices on a bus? Again, I
> > am kinda new to this, so I may have overlooked things.
> 
> Do you mean just allowing a single device per bus (as opposed to
> having multiple devices as on a real bus), or just allowing
> a particular set of client devices that can be identified using
> virtio specific configuration (as opposed to relying on device
> tree or similar for probing). Both of these are valid questions that
> have been discussed before, but that could be revisited.

I am just thinking that a physical bus on the host may have devices that
should be shared with the guest while other devices on the same bus
should not be shared (PMIC!). I'd think this is a minimal requirement
for security. I also wonder if it is possible to have a paravirtualized
bus in the guest which has multiple devices from the host sitting on
different physical busses there. But that may be the cherry on the top.

All the best,

   Wolfram


Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ