lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20220214154626.GF4160@nvidia.com>
Date:   Mon, 14 Feb 2022 11:46:26 -0400
From:   Jason Gunthorpe <jgg@...dia.com>
To:     Robin Murphy <robin.murphy@....com>
Cc:     Joerg Roedel <joro@...tes.org>, Stuart Yoder <stuyoder@...il.com>,
        rafael@...nel.org, David Airlie <airlied@...ux.ie>,
        linux-pci@...r.kernel.org,
        Thierry Reding <thierry.reding@...il.com>,
        Diana Craciun <diana.craciun@....nxp.com>,
        Dmitry Osipenko <digetx@...il.com>,
        Will Deacon <will@...nel.org>, Ashok Raj <ashok.raj@...el.com>,
        Jonathan Hunter <jonathanh@...dia.com>,
        Christoph Hellwig <hch@...radead.org>,
        Kevin Tian <kevin.tian@...el.com>,
        Chaitanya Kulkarni <kch@...dia.com>,
        Alex Williamson <alex.williamson@...hat.com>,
        kvm@...r.kernel.org, Bjorn Helgaas <bhelgaas@...gle.com>,
        Dan Williams <dan.j.williams@...el.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Cornelia Huck <cohuck@...hat.com>,
        linux-kernel@...r.kernel.org, Li Yang <leoyang.li@....com>,
        iommu@...ts.linux-foundation.org,
        Jacob jun Pan <jacob.jun.pan@...el.com>,
        Daniel Vetter <daniel@...ll.ch>
Subject: Re: [PATCH v1 3/8] iommu: Extend iommu_at[de]tach_device() for
 multi-device groups

On Mon, Feb 14, 2022 at 03:18:31PM +0000, Robin Murphy wrote:

> Arguably, iommu_attach_device() could be renamed something like
> iommu_attach_group_for_dev(), since that's effectively the semantic that all
> the existing API users want anyway (even VFIO at the high level - the group
> is the means for the user to assign their GPU/NIC/whatever device to their
> process, not the end in itself). That's just a lot more churn.

Right
 
> It's not that callers should be blind to the entire concept of groups
> altogether - they remain a significant reason why iommu_attach_device()
> might fail, for one thing - however what callers really shouldn't need to be
> bothered with is the exact *implementation* of groups. I do actually quite
> like the idea of refining the group abstraction into isolation groups as a
> superset of alias groups, but if anything that's a further argument for not
> having the guts of the current abstraction exposed in places that don't need
> to care - otherwise that would be liable to be a microcosm of this series in
> itself: widespread churn vs. "same name, new meaning" compromises.

Exactly, groups should not leak out through the abstraction more than
necessary. If the caller can't do anything with the group information
then it shouldn't touch it.

VFIO needs them because its uAPI is tied, but even so we keep talking
about ways to narrow the amount of group API it consumes.

We should not set the recommended/good kAPI based on VFIOs uAPI
design.

Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ