On 10/12/2022 10:40 AM, Jason Gunthorpe wrote: > On Wed, Oct 12, 2022 at 09:50:53AM -0400, Steven Sistare wrote: > >>> Anyhow, I think this conversation has convinced me there is no way to >>> fix VFIO_DMA_UNMAP_FLAG_VADDR. I'll send a patch reverting it due to >>> it being a security bug, basically. >> >> Please do not. Please give me the courtesy of time to develop a replacement >> before we delete it. Surely you can make progress on other opens areas of iommufd >> without needing to delete this immediately. > > I'm not worried about iommufd, I'm worried about shipping kernels with > a significant security problem backed into them. > > As we cannot salvage this interface it should quickly deleted so that > it doesn't cause any incidents. > > It will not effect your ability to create a replacement. I am not convinced we cannot salvage the interface, and indeed I might want to reuse parts of it, and you are over-stating the risk of a feature that is already in millions of kernels and has been for years. Deleting it all before having a replacement hurts the people like myself who are continuing to develop and test live update in qemu on the latest kernels. - Steve