Re: [RFC] /dev/ioasid uAPI proposal

From: Jason Gunthorpe
Date: Thu Jun 03 2021 - 08:46:13 EST

Next message: Vinod Koul: "Re: [PATCH] x86/cpufeatures: Force disable X86_FEATURE_ENQCMD and remove update_pasid()"
Previous message: Michal Hocko: "Re: [PATCH v2 1/3] mm,page_alloc: Use {get,put}_online_mems() to get stable zone's values"
In reply to: David Gibson: "Re: [RFC] /dev/ioasid uAPI proposal"
Next in thread: Tian, Kevin: "RE: [RFC] /dev/ioasid uAPI proposal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jun 03, 2021 at 04:26:08PM +1000, David Gibson wrote:

> > There are global properties in the /dev/iommu FD, like what devices
> > are part of it, that are important for group security operations. This
> > becomes confused if it is split to many FDs.
>
> I'm still not seeing those. I'm really not seeing any well-defined
> meaning to devices being attached to the fd, but not to a particular
> IOAS.

Kevin can you add a section on how group security would have to work
to the RFC? This is the idea you can't attach a device to an IOASID
unless all devices in the IOMMU group are joined to the /dev/iommu FD.

The basic statement is that userspace must present the entire group
membership to /dev/iommu to prove that it has the security right to
manipulate their DMA translation.

It is the device centric analog to what the group FD is doing for
security.

Jason

Next message: Vinod Koul: "Re: [PATCH] x86/cpufeatures: Force disable X86_FEATURE_ENQCMD and remove update_pasid()"
Previous message: Michal Hocko: "Re: [PATCH v2 1/3] mm,page_alloc: Use {get,put}_online_mems() to get stable zone's values"
In reply to: David Gibson: "Re: [RFC] /dev/ioasid uAPI proposal"
Next in thread: Tian, Kevin: "RE: [RFC] /dev/ioasid uAPI proposal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]