lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 10 Jun 2024 18:31:49 +0200
From: Michal Koutný <mkoutny@...e.com>
To: Fred Griffoul <fgriffo@...zon.co.uk>
Cc: griffoul@...il.com, Catalin Marinas <catalin.marinas@....com>, 
	Will Deacon <will@...nel.org>, Alex Williamson <alex.williamson@...hat.com>, 
	Waiman Long <longman@...hat.com>, Zefan Li <lizefan.x@...edance.com>, Tejun Heo <tj@...nel.org>, 
	Johannes Weiner <hannes@...xchg.org>, Mark Rutland <mark.rutland@....com>, 
	Marc Zyngier <maz@...nel.org>, Oliver Upton <oliver.upton@...ux.dev>, 
	Mark Brown <broonie@...nel.org>, Ard Biesheuvel <ardb@...nel.org>, 
	Joey Gouly <joey.gouly@....com>, Ryan Roberts <ryan.roberts@....com>, 
	Jeremy Linton <jeremy.linton@....com>, Jason Gunthorpe <jgg@...pe.ca>, Yi Liu <yi.l.liu@...el.com>, 
	Kevin Tian <kevin.tian@...el.com>, Eric Auger <eric.auger@...hat.com>, 
	Stefan Hajnoczi <stefanha@...hat.com>, Christian Brauner <brauner@...nel.org>, 
	Ankit Agrawal <ankita@...dia.com>, Reinette Chatre <reinette.chatre@...el.com>, 
	Ye Bin <yebin10@...wei.com>, linux-arm-kernel@...ts.infradead.org, 
	linux-kernel@...r.kernel.org, kvm@...r.kernel.org, cgroups@...r.kernel.org
Subject: Re: [PATCH v5 0/2] vfio/pci: add msi interrupt affinity support

Hello Fred.

On Mon, Jun 10, 2024 at 12:57:06PM GMT, Fred Griffoul <fgriffo@...zon.co.uk> wrote:
> The usual way to configure a device interrupt from userland is to write
> the /proc/irq/<irq>/smp_affinity or smp_affinity_list files. When using
> vfio to implement a device driver or a virtual machine monitor, this may
> not be ideal: the process managing the vfio device interrupts may not be
> granted root privilege, for security reasons. Thus it cannot directly
> control the interrupt affinity and has to rely on an external command.

External commands something privileged? (I'm curious of an example how
this is setup.)

> The affinity argument must be a subset of the process cpuset, otherwise
> an error -EPERM is returned.

I'm not sure you want to look at task's cpuset mask for this purposes.

Consider setups without cpuset or a change of (cpuset) mask anytime
during lifetime of the task...

Michal

Download attachment "signature.asc" of type "application/pgp-signature" (229 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ