lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20251002180525.GC3299207@nvidia.com>
Date: Thu, 2 Oct 2025 15:05:25 -0300
From: Jason Gunthorpe <jgg@...dia.com>
To: John Hubbard <jhubbard@...dia.com>
Cc: Danilo Krummrich <dakr@...nel.org>,
	Alexandre Courbot <acourbot@...dia.com>,
	Joel Fernandes <joelagnelf@...dia.com>,
	Timur Tabi <ttabi@...dia.com>, Alistair Popple <apopple@...dia.com>,
	Zhi Wang <zhiw@...dia.com>, Surath Mitra <smitra@...dia.com>,
	David Airlie <airlied@...il.com>, Simona Vetter <simona@...ll.ch>,
	Alex Williamson <alex.williamson@...hat.com>,
	Bjorn Helgaas <bhelgaas@...gle.com>,
	Krzysztof Wilczyński <kwilczynski@...nel.org>,
	Miguel Ojeda <ojeda@...nel.org>,
	Alex Gaynor <alex.gaynor@...il.com>,
	Boqun Feng <boqun.feng@...il.com>, Gary Guo <gary@...yguo.net>,
	Björn Roy Baron <bjorn3_gh@...tonmail.com>,
	Benno Lossin <lossin@...nel.org>,
	Andreas Hindborg <a.hindborg@...nel.org>,
	Alice Ryhl <aliceryhl@...gle.com>, Trevor Gross <tmgross@...ch.edu>,
	nouveau@...ts.freedesktop.org, linux-pci@...r.kernel.org,
	rust-for-linux@...r.kernel.org, LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v2 1/2] rust: pci: skip probing VFs if driver doesn't
 support VFs

On Thu, Oct 02, 2025 at 10:49:21AM -0700, John Hubbard wrote:
> > Forgot to add: But I think Zhi explained that this is not necessary and can be
> > controlled by the VFIO driver, i.e. the PCI driver that binds to the VF itself.
> 
> Yes, this is the direction that I originally (3 whole days ago, haha) had in mind,
> after talking with Zhi and a few others: nova-core handles PFs, and the VFIO driver
> handles the VFs, and use the "is virtual" logic to sort them out.

To be clear, no matter what the VFIO driver bound to the VF should not
become entangled with any aux devices.

The VFIO VF driver uses pci_iov_get_pf_drvdata() to reach into the PF
to request the PF's help. Eg for live migration or things of that
nature.

My point here is that generally we don't put profiling code in the
VFIO driver and then use pci_iov_get_pf_drvdata() to access the PF do
actually do the profiling.

The VF cannot/should not control profiling of itself - that would be a
security problem once it is assigned to a VM.

So the profiling resides entirely inside the PF world and should
operate without VFIO. As I've said this design is compatible with VFs
for containers and so on. So it is the strongly preferred design
pattern.

Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ