Re: [PATCH v2 2/5] vfio/pci: Add device blocklist

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Jul 22, 2020 at 11:02:10PM -0600, Alex Williamson wrote:
> On Tue, 14 Jul 2020 07:36:07 +0100
> Giovanni Cabiddu <giovanni.cabiddu@xxxxxxxxx> wrote:
> 
> > Add blocklist of devices that by default are not probed by vfio-pci.
> > Devices in this list may be susceptible to untrusted application, even
> > if the IOMMU is enabled. To be accessed via vfio-pci, the user has to
> > explicitly disable the blocklist.
> > 
> > The blocklist can be disabled via the module parameter disable_blocklist.
> > 
> > Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@xxxxxxxxx>
> > ---
> >  drivers/vfio/pci/vfio_pci.c | 33 +++++++++++++++++++++++++++++++++
> >  1 file changed, 33 insertions(+)
> 
> Hi Giovanni,
> 
> I'm pretty satisfied with this series, except "blocklist" makes me
> think of block devices, ie. storage, or block chains, or building block
> types of things before I get to "block" as in a barrier.  The other
> alternative listed as a suggestion currently in linux-next is denylist,
> which is the counter to an allowlist.  I've already proposed changing
> some other terminology in vfio.c to use the term "allowed", so
> allow/deny would be my preference versus pass/block.
Thanks Alex for your feedback. A new revision is on the way.

Regards,

-- 
Giovanni



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux