Re: [PATCH] uio_pci_generic does not export memory resources

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Alex Williamson wrote:
> On Sat, 2012-06-09 at 11:28 +0200, Andreas Hartmann wrote:

[...]

>> What's the risk of this patch? Machine crash? Data loss for an active
>> file in an application? Complete filesystem damage? The latter would be
>> worse.
> 
> What we're trying to prevent by testing whether devices support ACS is
> peer-to-peer transactions that would not be translated via the IOMMU.
> For instance, imagine if your WLAN controller behind 14.4 does a DMA
> write to an address that happens to be within the MMIO resources of
> device 14.2, the audio device. 

Why should it do that intentionally - I can't see any reason. Remains
unintentionally. But that's already enough :-) .

> Instead of the transaction going up to
> the IOMMU and resulting in a memory write, internal routing on device
> 14.x results in that transaction being redirected to the 14.2.  So
> you're looking at potential data loss from the guest as well as
> corrupting device state in the host.

My guest does have no data. Besides that, the VM can be easily backuped
before.
The corrupting device state probably is limited to the devices behind
the bridge. Correct?

>>> Hmm, I wonder if we should make a kernel boot parameter that allows
>>> whitelisting some devices.  I think it would have to taint the kernel
>>> but there's probably sufficient interest for usability vs
>>> supportability.
>>
>> Good idea. I would print an additional big fat warning of dataloss /
>> filesystem damage / crash if this could be the case.
> 
> Well, outlining the risk above makes me a little more nervous about
> making such a config option, even if it taints the kernel, available so
> easily... :^\ 

That's true, too. Anyway, out of curiosity, if the corruption of the
device states is limited to the devices behind the bridge, I'm going to
test it. I hope that a hardware damage isn't possible by that action.


Thanks,
regards,
Andreas
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]
  Powered by Linux