On Wed, Apr 14, 2021 at 11:20:19PM +0800, Tianyu Lan wrote: > Hi Greg: > Thanks for your review. > > On 4/14/2021 12:00 AM, Greg KH wrote: > > On Tue, Apr 13, 2021 at 11:22:13AM -0400, Tianyu Lan wrote: > > > From: Tianyu Lan <Tianyu.Lan@xxxxxxxxxxxxx> > > > > > > UIO HV driver should not load in the isolation VM for security reason. > > > > Why? I need a lot more excuse than that. > > The reason is that ring buffers have been marked as visible to host. > UIO driver will expose these buffers to user space and user space > driver hasn't done some secure check for data from host. This > is considered as insecure in isolation VM. But as this is a VM choice, why did the VM mark those as visible in the first place? thanks, greg k-h
