On Tue, May 21, 2024 at 01:34:00PM -0300, Jason Gunthorpe wrote: > On Tue, May 21, 2024 at 10:21:23AM -0600, Alex Williamson wrote: > > > > Intel GPU weirdness should not leak into making other devices > > > insecure/slow. If necessary Intel GPU only should get some variant > > > override to keep no snoop working. > > > > > > It would make alot of good sense if VFIO made the default to disable > > > no-snoop via the config space. > > > > We can certainly virtualize the config space no-snoop enable bit, but > > I'm not sure what it actually accomplishes. We'd then be relying on > > the device to honor the bit and not have any backdoors to twiddle the > > bit otherwise (where we know that GPUs often have multiple paths to get > > to config space). > > I'm OK with this. If devices are insecure then they need quirks in > vfio to disclose their problems, we shouldn't punish everyone who > followed the spec because of some bad actors. Does that mean a malicous device that does not honor the bit could read uninitialized host data?
