Re: [PATCH 04/10] vfio: Move storage of allow_unsafe_interrupts to vfio_main.c

On Wed, Nov 09, 2022 at 11:28:22AM -0700, Alex Williamson wrote: > > > > I'd be much more comfortable with this as a system wide iommufd flag > > > > if we also tied it to do some demonstration of privilege - eg a > > > > requirement to open iommufd with CAP_SYS_RAWIO for instance. > > > > > > W

RE: [PATCH 04/10] vfio: Move storage of allow_unsafe_interrupts to vfio_main.c

> From: Jason Gunthorpe > Sent: Wednesday, November 9, 2022 9:11 PM > > > If all agree that VFIO_CONTAINER=n is a process to evolve, does it make > > more sense to remove this patch from this series i.e. let it buried in > > VFIO_CONTAINER=y for now? Then resolve it in a follow up patch if > > no

Re: [PATCH 04/10] vfio: Move storage of allow_unsafe_interrupts to vfio_main.c

On Tue, 8 Nov 2022 21:05:21 -0400 Jason Gunthorpe wrote: > On Tue, Nov 08, 2022 at 03:55:20PM -0700, Alex Williamson wrote: > > > > > So why exactly isn't this an issue for VDPA? Are we just burying our > > > > head in the sand that such platforms exists and can still be useful > > > > given th

Re: [PATCH 04/10] vfio: Move storage of allow_unsafe_interrupts to vfio_main.c

On Wed, Nov 09, 2022 at 03:21:29AM +, Tian, Kevin wrote: > > From: Jason Gunthorpe > > Sent: Wednesday, November 9, 2022 9:05 AM > > > > On Tue, Nov 08, 2022 at 03:55:20PM -0700, Alex Williamson wrote: > > > > > > > So why exactly isn't this an issue for VDPA? Are we just burying our > > >

RE: [PATCH 04/10] vfio: Move storage of allow_unsafe_interrupts to vfio_main.c

> From: Jason Gunthorpe > Sent: Wednesday, November 9, 2022 9:05 AM > > On Tue, Nov 08, 2022 at 03:55:20PM -0700, Alex Williamson wrote: > > > > > So why exactly isn't this an issue for VDPA? Are we just burying our > > > > head in the sand that such platforms exists and can still be useful > >

Re: [PATCH 04/10] vfio: Move storage of allow_unsafe_interrupts to vfio_main.c

On Tue, Nov 08, 2022 at 03:55:20PM -0700, Alex Williamson wrote: > > > So why exactly isn't this an issue for VDPA? Are we just burying our > > > head in the sand that such platforms exists and can still be useful > > > given the appropriate risk vs reward trade-off? > > > > Simply that nobody

Re: [PATCH 04/10] vfio: Move storage of allow_unsafe_interrupts to vfio_main.c

On Mon, 7 Nov 2022 14:45:59 -0400 Jason Gunthorpe wrote: > On Mon, Nov 07, 2022 at 11:05:08AM -0700, Alex Williamson wrote: > > > After further consideration... I don't think the option on vfio-main > > makes sense, basically for the same reason that the original option > > existed on the IOMMU

Re: [PATCH 04/10] vfio: Move storage of allow_unsafe_interrupts to vfio_main.c

On Mon, Nov 07, 2022 at 11:05:08AM -0700, Alex Williamson wrote: > After further consideration... I don't think the option on vfio-main > makes sense, basically for the same reason that the original option > existed on the IOMMU backend rather than vfio-core. The option > describes a means to rel

Re: [PATCH 04/10] vfio: Move storage of allow_unsafe_interrupts to vfio_main.c

On Mon, 7 Nov 2022 11:32:40 -0400 Jason Gunthorpe wrote: > On Mon, Nov 07, 2022 at 08:18:53AM -0700, Alex Williamson wrote: > > On Mon, 7 Nov 2022 09:19:43 -0400 > > Jason Gunthorpe wrote: > > > > > On Mon, Oct 31, 2022 at 04:45:26PM -0600, Alex Williamson wrote: > > > > > > > > It is one

Re: [PATCH 04/10] vfio: Move storage of allow_unsafe_interrupts to vfio_main.c

On Mon, Nov 07, 2022 at 08:18:53AM -0700, Alex Williamson wrote: > On Mon, 7 Nov 2022 09:19:43 -0400 > Jason Gunthorpe wrote: > > > On Mon, Oct 31, 2022 at 04:45:26PM -0600, Alex Williamson wrote: > > > > > > It is one idea, it depends how literal you want to be on "module > > > > parameters are

Re: [PATCH 04/10] vfio: Move storage of allow_unsafe_interrupts to vfio_main.c

On Mon, 7 Nov 2022 09:19:43 -0400 Jason Gunthorpe wrote: > On Mon, Oct 31, 2022 at 04:45:26PM -0600, Alex Williamson wrote: > > > > It is one idea, it depends how literal you want to be on "module > > > parameters are ABI". IMHO it is a weak form of ABI and the need of > > > this paramter in par

Re: [PATCH 04/10] vfio: Move storage of allow_unsafe_interrupts to vfio_main.c

On Mon, Oct 31, 2022 at 04:45:26PM -0600, Alex Williamson wrote: > > It is one idea, it depends how literal you want to be on "module > > parameters are ABI". IMHO it is a weak form of ABI and the need of > > this paramter in particular is not that common in modern times, AFAIK. > > > > So perhap

Re: [PATCH 04/10] vfio: Move storage of allow_unsafe_interrupts to vfio_main.c

On Fri, 28 Oct 2022 15:40:09 -0300 Jason Gunthorpe wrote: > On Wed, Oct 26, 2022 at 03:24:42PM -0600, Alex Williamson wrote: > > On Tue, 25 Oct 2022 15:17:10 -0300 > > Jason Gunthorpe wrote: > > > > > This legacy module knob has become uAPI, when set on the vfio_iommu_type1 > > > it disables

Re: [PATCH 04/10] vfio: Move storage of allow_unsafe_interrupts to vfio_main.c

On Wed, Oct 26, 2022 at 03:24:42PM -0600, Alex Williamson wrote: > On Tue, 25 Oct 2022 15:17:10 -0300 > Jason Gunthorpe wrote: > > > This legacy module knob has become uAPI, when set on the vfio_iommu_type1 > > it disables some security protections in the iommu drivers. Move the > > storage for t

Re: [PATCH 04/10] vfio: Move storage of allow_unsafe_interrupts to vfio_main.c

On Tue, 25 Oct 2022 15:17:10 -0300 Jason Gunthorpe wrote: > This legacy module knob has become uAPI, when set on the vfio_iommu_type1 > it disables some security protections in the iommu drivers. Move the > storage for this knob to vfio_main.c so that iommufd can access it too. I don't really un