Re: [PATCH RFC v2 00/13] IOMMUFD Generic interface

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: [PATCH RFC v2 00/13] IOMMUFD Generic interface
From: Jason Gunthorpe <jgg@xxxxxxxxxx>
Date: Thu, 22 Sep 2022 11:13:42 -0300
Cc: Alex Williamson <alex.williamson@xxxxxxxxxx>, Eric Auger <eric.auger@xxxxxxxxxx>, "Tian, Kevin" <kevin.tian@xxxxxxxxx>, "Rodel, Jorg" <jroedel@xxxxxxx>, Lu Baolu <baolu.lu@xxxxxxxxxxxxxxx>, Chaitanya Kulkarni <chaitanyak@xxxxxxxxxx>, Cornelia Huck <cohuck@xxxxxxxxxx>, Daniel Jordan <daniel.m.jordan@xxxxxxxxxx>, David Gibson <david@xxxxxxxxxxxxxxxxxxxxx>, Eric Farman <farman@xxxxxxxxxxxxx>, "iommu@xxxxxxxxxxxxxxx" <iommu@xxxxxxxxxxxxxxx>, Jason Wang <jasowang@xxxxxxxxxx>, Jean-Philippe Brucker <jean-philippe@xxxxxxxxxx>, "Martins, Joao" <joao.m.martins@xxxxxxxxxx>, "kvm@xxxxxxxxxxxxxxx" <kvm@xxxxxxxxxxxxxxx>, Matthew Rosato <mjrosato@xxxxxxxxxxxxx>, "Michael S. Tsirkin" <mst@xxxxxxxxxx>, Nicolin Chen <nicolinc@xxxxxxxxxx>, Niklas Schnelle <schnelle@xxxxxxxxxxxxx>, Shameerali Kolothum Thodi <shameerali.kolothum.thodi@xxxxxxxxxx>, "Liu, Yi L" <yi.l.liu@xxxxxxxxx>, Keqian Zhu <zhukeqian1@xxxxxxxxxx>, Steve Sistare <steven.sistare@xxxxxxxxxx>, "libvir-list@xxxxxxxxxx" <libvir-list@xxxxxxxxxx>, Laine Stump <laine@xxxxxxxxxx>
In-reply-to: <YyxBuQwIUdiqGoR3@redhat.com>
References: <0-v2-f9436d0bde78+4bb-iommufd_jgg@nvidia.com> <BN9PR11MB52762909D64C1194F4FCB4528C479@BN9PR11MB5276.namprd11.prod.outlook.com> <d5e33ebb-29e6-029d-aef4-af5c4478185a@redhat.com> <Yyoa+kAJi2+/YTYn@nvidia.com> <20220921120649.5d2ff778.alex.williamson@redhat.com> <YyxBuQwIUdiqGoR3@redhat.com>

On Thu, Sep 22, 2022 at 12:06:33PM +0100, Daniel P. Berrangé wrote:

> So per-user locked mem accounting looks like a regression in
> our VM isolation abilities compared to the per-task accounting.

For this kind of API the management app needs to put each VM in its
own user, which I'm a bit surprised it doesn't already do as a further
protection against cross-process concerns.

The question here is how to we provide enough compatability for this
existing methodology while still closing the security holes and
inconsistencies that exist in the kernel implementation.

Jason

Follow-Ups:
- Re: [PATCH RFC v2 00/13] IOMMUFD Generic interface
  - From: Daniel P. Berrangé

References:
- [PATCH RFC v2 00/13] IOMMUFD Generic interface
  - From: Jason Gunthorpe
- RE: [PATCH RFC v2 00/13] IOMMUFD Generic interface
  - From: Tian, Kevin
- Re: [PATCH RFC v2 00/13] IOMMUFD Generic interface
  - From: Eric Auger
- Re: [PATCH RFC v2 00/13] IOMMUFD Generic interface
  - From: Jason Gunthorpe
- Re: [PATCH RFC v2 00/13] IOMMUFD Generic interface
  - From: Alex Williamson
- Re: [PATCH RFC v2 00/13] IOMMUFD Generic interface
  - From: Daniel P. Berrangé

Prev by Date: Re: [RFC PATCH v2 2/3] perf/x86/intel/pt: Introduce and export pt_get_curr_event()
Next by Date: Re: [PATCH v4] x86: add etc/phys-bits fw_cfg file
Previous by thread: Re: [PATCH RFC v2 00/13] IOMMUFD Generic interface
Next by thread: Re: [PATCH RFC v2 00/13] IOMMUFD Generic interface
Index(es):
- Date
- Thread

[Index of Archives] [KVM ARM] [KVM ia64] [KVM ppc] [Virtualization Tools] [Spice Development] [Libvirt] [Libvirt Users] [Linux USB Devel] [Linux Audio Users] [Yosemite Questions] [Linux Kernel] [Linux SCSI] [XFree86]