On Fri, Mar 19, 2021 at 02:41:32PM +0100, Jean-Philippe Brucker wrote: > On Fri, Mar 19, 2021 at 09:46:45AM -0300, Jason Gunthorpe wrote: > > On Fri, Mar 19, 2021 at 10:58:41AM +0100, Jean-Philippe Brucker wrote: > > > > > Although there is no use for it at the moment (only two upstream users and > > > it looks like amdkfd always uses current too), I quite like the > > > client-server model where the privileged process does bind() and programs > > > the hardware queue on behalf of the client process. > > > > This creates a lot complexity, how do does process A get a secure > > reference to B? How does it access the memory in B to setup the HW? > > mm_access() for example, and passing addresses via IPC I'd rather the source process establish its own PASID and then pass the rights to use it to some other process via FD passing than try to go the other way. There are lots of security questions with something like mm_access. Jason
