On 12/12/2022 10:58 AM, Alex Williamson wrote: > On Mon, 12 Dec 2022 09:17:54 -0400 > Jason Gunthorpe <jgg@xxxxxxxx> wrote: > >> On Sat, Dec 10, 2022 at 09:14:06AM -0500, Steven Sistare wrote: >> >>> Thank you for your thoughtful response. Rather than debate the degree of >>> of vulnerability, I propose an alternate solution. The technical crux of >>> the matter is support for mediated devices. >> >> I'm not sure I'm convinced about that. It is easy to make problematic >> situations with mdevs, but that doesn't mean other cases don't exist >> too eg what happens if userspace suspends and then immediately does >> something to trigger a domain attachment? Doesn't it still deadlock >> the kernel? > > The opportunity for that to deadlock isn't obvious to me, a replay > would be stalled waiting for invalid vaddrs, but this is essentially > the user deadlocking themselves. There's also code there to handle the > process getting killed while waiting, making it interruptible. Thanks, I will submit new patches tomorrow to exclude mdevs. Almost done. - Steve
