On Mon, 12 Dec 2022 15:59:11 -0500 Steven Sistare <steven.sistare@xxxxxxxxxx> wrote: > On 12/12/2022 10:58 AM, Alex Williamson wrote: > > On Mon, 12 Dec 2022 09:17:54 -0400 > > Jason Gunthorpe <jgg@xxxxxxxx> wrote: > > > >> On Sat, Dec 10, 2022 at 09:14:06AM -0500, Steven Sistare wrote: > >> > >>> Thank you for your thoughtful response. Rather than debate the degree of > >>> of vulnerability, I propose an alternate solution. The technical crux of > >>> the matter is support for mediated devices. > >> > >> I'm not sure I'm convinced about that. It is easy to make problematic > >> situations with mdevs, but that doesn't mean other cases don't exist > >> too eg what happens if userspace suspends and then immediately does > >> something to trigger a domain attachment? Doesn't it still deadlock > >> the kernel? > > > > The opportunity for that to deadlock isn't obvious to me, a replay > > would be stalled waiting for invalid vaddrs, but this is essentially > > the user deadlocking themselves. There's also code there to handle the > > process getting killed while waiting, making it interruptible. Thanks, > > I will submit new patches tomorrow to exclude mdevs. Almost done. I've dropped the removal commits from my next branch in the interim. Thanks, Alex
