On Mon, 12 Dec 2022 09:17:54 -0400 Jason Gunthorpe <jgg@xxxxxxxx> wrote: > On Sat, Dec 10, 2022 at 09:14:06AM -0500, Steven Sistare wrote: > > > Thank you for your thoughtful response. Rather than debate the degree of > > of vulnerability, I propose an alternate solution. The technical crux of > > the matter is support for mediated devices. > > I'm not sure I'm convinced about that. It is easy to make problematic > situations with mdevs, but that doesn't mean other cases don't exist > too eg what happens if userspace suspends and then immediately does > something to trigger a domain attachment? Doesn't it still deadlock > the kernel? The opportunity for that to deadlock isn't obvious to me, a replay would be stalled waiting for invalid vaddrs, but this is essentially the user deadlocking themselves. There's also code there to handle the process getting killed while waiting, making it interruptible. Thanks, Alex
