[PATCH 0/5] vfio/pci: add blocklist and disable qat

From: Giovanni Cabiddu
Date: Wed Jul 01 2020 - 07:03:35 EST


This patchset defines a blocklist of devices in the vfio-pci module and adds
the current generation of Intel(R) QuickAssist devices to it as they are
not designed to run in an untrusted environment.

By default, if a device is in the blocklist, the probe of vfio-pci fails.
If a user wants to use a device in the blocklist, he needs to disable the
full blocklist providing the option disable_blocklist=1 at the load of
vfio-pci or specifying that parameter in a config file in /etc/modprobe.d.

This series also moves the device ids definitions present in the qat driver
to linux/pci_ids.h since they will be shared between the vfio-pci and the qat
drivers and replaces the custom ADF_SYSTEM_DEVICE macro with PCI_VDEVICE.

The series is applicable to Herbert's tree but only partially applicable to
Alex's tree due to a merge conflict.

Giovanni Cabiddu (5):
PCI: add Intel QuickAssist device IDs
vfio/pci: add device blocklist
vfio/pci: add qat devices to blocklist
crypto: qat - replace device ids defines
crypto: qat - use PCI_VDEVICE

drivers/crypto/qat/qat_c3xxx/adf_drv.c | 11 ++---
drivers/crypto/qat/qat_c3xxxvf/adf_drv.c | 11 ++---
drivers/crypto/qat/qat_c62x/adf_drv.c | 11 ++---
drivers/crypto/qat/qat_c62xvf/adf_drv.c | 11 ++---
.../crypto/qat/qat_common/adf_accel_devices.h | 6 ---
drivers/crypto/qat/qat_common/qat_hal.c | 7 +--
drivers/crypto/qat/qat_common/qat_uclo.c | 9 ++--
drivers/crypto/qat/qat_dh895xcc/adf_drv.c | 11 ++---
drivers/crypto/qat/qat_dh895xccvf/adf_drv.c | 11 ++---
drivers/vfio/pci/vfio_pci.c | 48 +++++++++++++++++++
include/linux/pci_ids.h | 6 +++
11 files changed, 87 insertions(+), 55 deletions(-)

--
2.26.2