On Mon, Dec 12, 2022 at 02:26:51PM -0700, Alex Williamson wrote: > On Mon, 12 Dec 2022 15:59:11 -0500 > Steven Sistare <steven.sistare@xxxxxxxxxx> wrote: > > > On 12/12/2022 10:58 AM, Alex Williamson wrote: > > > On Mon, 12 Dec 2022 09:17:54 -0400 > > > Jason Gunthorpe <jgg@xxxxxxxx> wrote: > > > > > >> On Sat, Dec 10, 2022 at 09:14:06AM -0500, Steven Sistare wrote: > > >> > > >>> Thank you for your thoughtful response. Rather than debate the degree of > > >>> of vulnerability, I propose an alternate solution. The technical crux of > > >>> the matter is support for mediated devices. > > >> > > >> I'm not sure I'm convinced about that. It is easy to make problematic > > >> situations with mdevs, but that doesn't mean other cases don't exist > > >> too eg what happens if userspace suspends and then immediately does > > >> something to trigger a domain attachment? Doesn't it still deadlock > > >> the kernel? > > > > > > The opportunity for that to deadlock isn't obvious to me, a replay > > > would be stalled waiting for invalid vaddrs, but this is essentially > > > the user deadlocking themselves. There's also code there to handle the > > > process getting killed while waiting, making it interruptible. Thanks, > > > > I will submit new patches tomorrow to exclude mdevs. Almost done. > > I've dropped the removal commits from my next branch in the interim. Woah, please don't do that - I already built and sent pull requests assuming this, there are conflicts. Why would we not revert everything from 6.2 - that is what we agreed to do? Jason
