Re: [PATCH v5 16/16] x86/tdx: Add cmdline option to force use of ioremap_host_shared

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Andi Kleen <ak@xxxxxxxxxxxxxxx>
Subject: Re: [PATCH v5 16/16] x86/tdx: Add cmdline option to force use of ioremap_host_shared
From: "Michael S. Tsirkin" <mst@xxxxxxxxxx>
Date: Mon, 11 Oct 2021 08:04:16 -0400
Cc: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@xxxxxxxxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Borislav Petkov <bp@xxxxxxxxx>, Peter Zijlstra <peterz@xxxxxxxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, Bjorn Helgaas <bhelgaas@xxxxxxxxxx>, Richard Henderson <rth@xxxxxxxxxxx>, Thomas Bogendoerfer <tsbogend@xxxxxxxxxxxxxxxx>, James E J Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx>, Helge Deller <deller@xxxxxx>, "David S . Miller" <davem@xxxxxxxxxxxxx>, Arnd Bergmann <arnd@xxxxxxxx>, Jonathan Corbet <corbet@xxxxxxx>, Paolo Bonzini <pbonzini@xxxxxxxxxx>, David Hildenbrand <david@xxxxxxxxxx>, Andrea Arcangeli <aarcange@xxxxxxxxxx>, Josh Poimboeuf <jpoimboe@xxxxxxxxxx>, Peter H Anvin <hpa@xxxxxxxxx>, Dave Hansen <dave.hansen@xxxxxxxxx>, Tony Luck <tony.luck@xxxxxxxxx>, Dan Williams <dan.j.williams@xxxxxxxxx>, Kirill Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx>, Sean Christopherson <seanjc@xxxxxxxxxx>, Kuppuswamy Sathyanarayanan <knsathya@xxxxxxxxxx>, x86@xxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, linux-pci@xxxxxxxxxxxxxxx, linux-alpha@xxxxxxxxxxxxxxx, linux-mips@xxxxxxxxxxxxxxx, linux-parisc@xxxxxxxxxxxxxxx, sparclinux@xxxxxxxxxxxxxxx, linux-arch@xxxxxxxxxxxxxxx, linux-doc@xxxxxxxxxxxxxxx, virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx
In-reply-to: <8c906de6-5efa-b87a-c800-6f07b98339d0@linux.intel.com>
References: <20211009003711.1390019-1-sathyanarayanan.kuppuswamy@linux.intel.com> <20211009003711.1390019-17-sathyanarayanan.kuppuswamy@linux.intel.com> <20211009070132-mutt-send-email-mst@kernel.org> <8c906de6-5efa-b87a-c800-6f07b98339d0@linux.intel.com>

On Sun, Oct 10, 2021 at 07:39:55PM -0700, Andi Kleen wrote:
> 
> > The connection is quite unfortunate IMHO.
> > Can't there be an option
> > that unbreaks drivers *without* opening up security holes by
> > making BIOS shared?
> 
> That would require new low level APIs that distinguish both cases, and a
> tree sweep.
> 
> 
> -Andi

Presumably bios code is in arch/x86 and drivers/acpi, right?
Up to 200 calls the majority of which is likely private ...

I don't have better ideas but the current setup will just
result in people making their guests vulnerable whenever they
want to allow device pass-through.

-- 
MST

Follow-Ups:
- Re: [PATCH v5 16/16] x86/tdx: Add cmdline option to force use of ioremap_host_shared
  - From: Andi Kleen

References:
- [PATCH v5 00/16] Add TDX Guest Support (shared-mm support)
  - From: Kuppuswamy Sathyanarayanan
- [PATCH v5 16/16] x86/tdx: Add cmdline option to force use of ioremap_host_shared
  - From: Kuppuswamy Sathyanarayanan
- Re: [PATCH v5 16/16] x86/tdx: Add cmdline option to force use of ioremap_host_shared
  - From: Michael S. Tsirkin
- Re: [PATCH v5 16/16] x86/tdx: Add cmdline option to force use of ioremap_host_shared
  - From: Andi Kleen

Prev by Date: Re: [PATCH v5 12/16] PCI: Add pci_iomap_host_shared(), pci_iomap_host_shared_range()
Next by Date: Re: [PATCH 0/1] Arch use of pci_dev_is_added()
Previous by thread: Re: [PATCH v5 16/16] x86/tdx: Add cmdline option to force use of ioremap_host_shared
Next by thread: Re: [PATCH v5 16/16] x86/tdx: Add cmdline option to force use of ioremap_host_shared
Index(es):
- Date
- Thread

[Index of Archives] [Linux Kernel] [Kernel Newbies] [x86 Platform Driver] [Netdev] [Linux Wireless] [Netfilter] [Bugtraq] [Linux Filesystems] [Yosemite Discussion] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Device Mapper]