lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <BN9PR11MB5433DDA5FD4FC6C5EED62C278CA99@BN9PR11MB5433.namprd11.prod.outlook.com>
Date:   Wed, 29 Sep 2021 03:57:53 +0000
From:   "Tian, Kevin" <kevin.tian@...el.com>
To:     Shameer Kolothum <shameerali.kolothum.thodi@...wei.com>,
        "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>
CC:     "alex.williamson@...hat.com" <alex.williamson@...hat.com>,
        "jgg@...dia.com" <jgg@...dia.com>,
        "mgurtovoy@...dia.com" <mgurtovoy@...dia.com>,
        "linuxarm@...wei.com" <linuxarm@...wei.com>,
        "liulongfang@...wei.com" <liulongfang@...wei.com>,
        "prime.zeng@...ilicon.com" <prime.zeng@...ilicon.com>,
        "jonathan.cameron@...wei.com" <jonathan.cameron@...wei.com>,
        "wangzhou1@...ilicon.com" <wangzhou1@...ilicon.com>,
        "He, Shaopeng" <shaopeng.he@...el.com>,
        "Zhao, Yan Y" <yan.y.zhao@...el.com>
Subject: RE: [PATCH v3 0/6] vfio/hisilicon: add acc live migration driver

Hi, Shameer,

> From: Shameer Kolothum <shameerali.kolothum.thodi@...wei.com>
> Sent: Wednesday, September 15, 2021 5:51 PM
> 
> Hi,
> 
> Thanks to the introduction of vfio_pci_core subsystem framework[0],
> now it is possible to provide vendor specific functionality to
> vfio pci devices. This series attempts to add vfio live migration
> support for HiSilicon ACC VF devices based on the new framework.
> 
> HiSilicon ACC VF device MMIO space includes both the functional
> register space and migration control register space. As discussed
> in RFCv1[1], this may create security issues as these regions get
> shared between the Guest driver and the migration driver.
> Based on the feedback, we tried to address those concerns in
> this version.

This series doesn't mention anything related to dirty page tracking. 
Are you rely on Keqian's series for utilizing hardware iommu dirty
bit (e.g. SMMU HTTU)? If not, suppose some software trick is still
required e.g. by dynamically mediating guest-submitted descriptors
to compose the dirty page information in the migration phase...

Thanks
Kevin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ