From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752705AbeDXUgB (ORCPT ); Tue, 24 Apr 2018 16:36:01 -0400 Received: from mga04.intel.com ([192.55.52.120]:7095 "EHLO mga04.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751439AbeDXUft (ORCPT ); Tue, 24 Apr 2018 16:35:49 -0400 X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.49,324,1520924400"; d="scan'208";a="49619626" Date: Tue, 24 Apr 2018 13:35:14 -0700 From: Dongwon Kim To: Oleksandr Andrushchenko Cc: Wei Liu , jgross@suse.com, Artem Mygaiev , konrad.wilk@oracle.com, airlied@linux.ie, linux-kernel@vger.kernel.org, dri-devel@lists.freedesktop.org, "Potrola, MateuszX" , daniel.vetter@intel.com, xen-devel@lists.xenproject.org, boris.ostrovsky@oracle.com, Roger Pau =?iso-8859-1?Q?Monn=E9?= , "Oleksandr_Andrushchenko@epam.com" Subject: Re: [Xen-devel] [PATCH 0/1] drm/xen-zcopy: Add Xen zero-copy helper DRM driver Message-ID: <20180424203514.GA26787@downor-Z87X-UD5H> References: <41487acb-a67a-8933-d0c3-702c19b0938e@gmail.com> <20180418073508.ptvntwedczpvl7bx@MacBook-Pro-de-Roger.local> <20180418101058.hyqk3gr3b2ibxswu@MacBook-Pro-de-Roger.local> <20180420071914.GG31310@phenom.ffwll.local> <76cdc65a-7bb1-9377-7bc5-6164e32f7b5d@gmail.com> <20180423115242.ywdwqblj2aseu3fr@citrix.com> <61105351-8896-072b-abf0-757c7f6c0edf@gmail.com> <20180424115437.GT31310@phenom.ffwll.local> <18ab5f76-00b0-42a0-fcb8-e0cbf4cdd527@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <18ab5f76-00b0-42a0-fcb8-e0cbf4cdd527@gmail.com> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Had a meeting with Daniel and talked about bringing out generic part of hyper-dmabuf to the userspace, which means we most likely reuse IOCTLs defined in xen-zcopy for our use-case if we follow his suggestion. So assuming we use these IOCTLs as they are, Several things I would like you to double-check.. 1. returning gref as is to the user space is still unsafe because it is a constant, easy to guess and any process that hijacks it can easily exploit the buffer. So I am wondering if it's possible to keep dmabuf-to -gref or gref-to-dmabuf in kernel space and add other layers on top of those in actual IOCTLs to add some safety.. We introduced flink like hyper_dmabuf_id including random number but many says even that is still not safe. 2. maybe we could take hypervisor-independent process (e.g. SGT<->page) out of xen-zcopy and put those in a new helper library. 3. please consider the case where original DMA-BUF's first offset and last length are not 0 and PAGE_SIZE respectively. I assume current xen-zcopy only supports page-aligned buffer with PAGE_SIZE x n big. thanks, DW On Tue, Apr 24, 2018 at 02:59:39PM +0300, Oleksandr Andrushchenko wrote: > On 04/24/2018 02:54 PM, Daniel Vetter wrote: > >On Mon, Apr 23, 2018 at 03:10:35PM +0300, Oleksandr Andrushchenko wrote: > >>On 04/23/2018 02:52 PM, Wei Liu wrote: > >>>On Fri, Apr 20, 2018 at 02:25:20PM +0300, Oleksandr Andrushchenko wrote: > >>>>>> the gntdev. > >>>>>> > >>>>>>I think this is generic enough that it could be implemented by a > >>>>>>device not tied to Xen. AFAICT the hyper_dma guys also wanted > >>>>>>something similar to this. > >>>>>You can't just wrap random userspace memory into a dma-buf. We've just had > >>>>>this discussion with kvm/qemu folks, who proposed just that, and after a > >>>>>bit of discussion they'll now try to have a driver which just wraps a > >>>>>memfd into a dma-buf. > >>>>So, we have to decide either we introduce a new driver > >>>>(say, under drivers/xen/xen-dma-buf) or extend the existing > >>>>gntdev/balloon to support dma-buf use-cases. > >>>> > >>>>Can anybody from Xen community express their preference here? > >>>> > >>>Oleksandr talked to me on IRC about this, he said a few IOCTLs need to > >>>be added to either existing drivers or a new driver. > >>> > >>>I went through this thread twice and skimmed through the relevant > >>>documents, but I couldn't see any obvious pros and cons for either > >>>approach. So I don't really have an opinion on this. > >>> > >>>But, assuming if implemented in existing drivers, those IOCTLs need to > >>>be added to different drivers, which means userspace program needs to > >>>write more code and get more handles, it would be slightly better to > >>>implement a new driver from that perspective. > >>If gntdev/balloon extension is still considered: > >> > >>All the IOCTLs will be in gntdev driver (in current xen-zcopy terminology): > I was lazy to change dumb to dma-buf, so put this notice ;) > >>  - DRM_ICOTL_XEN_ZCOPY_DUMB_FROM_REFS > >>  - DRM_IOCTL_XEN_ZCOPY_DUMB_TO_REFS > >>  - DRM_IOCTL_XEN_ZCOPY_DUMB_WAIT_FREE > >s/DUMB/DMA_BUF/ please. This is generic dma-buf, it has nothing to do with > >the dumb scanout buffer support in the drm/gfx subsystem. This here can be > >used for any zcopy sharing among guests (as long as your endpoints > >understands dma-buf, which most relevant drivers do). > Of course, please see above > >-Daniel > > > >>Balloon driver extension, which is needed for contiguous/DMA > >>buffers, will be to provide new *kernel API*, no UAPI is needed. > >> > >>>Wei. > >>Thank you, > >>Oleksandr > >>_______________________________________________ > >>dri-devel mailing list > >>dri-devel@lists.freedesktop.org > >>https://lists.freedesktop.org/mailman/listinfo/dri-devel > From mboxrd@z Thu Jan 1 00:00:00 1970 From: Dongwon Kim Subject: Re: [Xen-devel] [PATCH 0/1] drm/xen-zcopy: Add Xen zero-copy helper DRM driver Date: Tue, 24 Apr 2018 13:35:14 -0700 Message-ID: <20180424203514.GA26787@downor-Z87X-UD5H> References: <41487acb-a67a-8933-d0c3-702c19b0938e@gmail.com> <20180418073508.ptvntwedczpvl7bx@MacBook-Pro-de-Roger.local> <20180418101058.hyqk3gr3b2ibxswu@MacBook-Pro-de-Roger.local> <20180420071914.GG31310@phenom.ffwll.local> <76cdc65a-7bb1-9377-7bc5-6164e32f7b5d@gmail.com> <20180423115242.ywdwqblj2aseu3fr@citrix.com> <61105351-8896-072b-abf0-757c7f6c0edf@gmail.com> <20180424115437.GT31310@phenom.ffwll.local> <18ab5f76-00b0-42a0-fcb8-e0cbf4cdd527@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Return-path: Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by gabe.freedesktop.org (Postfix) with ESMTPS id 1B21D6E0AD for ; Tue, 24 Apr 2018 20:35:49 +0000 (UTC) Content-Disposition: inline In-Reply-To: <18ab5f76-00b0-42a0-fcb8-e0cbf4cdd527@gmail.com> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" To: Oleksandr Andrushchenko Cc: jgross@suse.com, Artem Mygaiev , Wei Liu , konrad.wilk@oracle.com, airlied@linux.ie, "Oleksandr_Andrushchenko@epam.com" , linux-kernel@vger.kernel.org, dri-devel@lists.freedesktop.org, "Potrola, MateuszX" , xen-devel@lists.xenproject.org, daniel.vetter@intel.com, boris.ostrovsky@oracle.com, Roger Pau =?iso-8859-1?Q?Monn=E9?= List-Id: dri-devel@lists.freedesktop.org SGFkIGEgbWVldGluZyB3aXRoIERhbmllbCBhbmQgdGFsa2VkIGFib3V0IGJyaW5naW5nIG91dCBn ZW5lcmljCnBhcnQgb2YgaHlwZXItZG1hYnVmIHRvIHRoZSB1c2Vyc3BhY2UsIHdoaWNoIG1lYW5z IHdlIG1vc3QgbGlrZWx5CnJldXNlIElPQ1RMcyBkZWZpbmVkIGluIHhlbi16Y29weSBmb3Igb3Vy IHVzZS1jYXNlIGlmIHdlIGZvbGxvdwpoaXMgc3VnZ2VzdGlvbi4KClNvIGFzc3VtaW5nIHdlIHVz ZSB0aGVzZSBJT0NUTHMgYXMgdGhleSBhcmUsClNldmVyYWwgdGhpbmdzIEkgd291bGQgbGlrZSB5 b3UgdG8gZG91YmxlLWNoZWNrLi4KCjEuIHJldHVybmluZyBncmVmIGFzIGlzIHRvIHRoZSB1c2Vy IHNwYWNlIGlzIHN0aWxsIHVuc2FmZSBiZWNhdXNlCml0IGlzIGEgY29uc3RhbnQsIGVhc3kgdG8g Z3Vlc3MgYW5kIGFueSBwcm9jZXNzIHRoYXQgaGlqYWNrcyBpdCBjYW4gZWFzaWx5CmV4cGxvaXQg dGhlIGJ1ZmZlci4gU28gSSBhbSB3b25kZXJpbmcgaWYgaXQncyBwb3NzaWJsZSB0byBrZWVwIGRt YWJ1Zi10bwotZ3JlZiBvciBncmVmLXRvLWRtYWJ1ZiBpbiBrZXJuZWwgc3BhY2UgYW5kIGFkZCBv dGhlciBsYXllcnMgb24gdG9wCm9mIHRob3NlIGluIGFjdHVhbCBJT0NUTHMgdG8gYWRkIHNvbWUg c2FmZXR5Li4gV2UgaW50cm9kdWNlZCBmbGluayBsaWtlCmh5cGVyX2RtYWJ1Zl9pZCBpbmNsdWRp bmcgcmFuZG9tIG51bWJlciBidXQgbWFueSBzYXlzIGV2ZW4gdGhhdCBpcyBzdGlsbApub3Qgc2Fm ZS4KCjIuIG1heWJlIHdlIGNvdWxkIHRha2UgaHlwZXJ2aXNvci1pbmRlcGVuZGVudCBwcm9jZXNz IChlLmcuIFNHVDwtPnBhZ2UpCm91dCBvZiB4ZW4temNvcHkgYW5kIHB1dCB0aG9zZSBpbiBhIG5l dyBoZWxwZXIgbGlicmFyeS4gCgozLiBwbGVhc2UgY29uc2lkZXIgdGhlIGNhc2Ugd2hlcmUgb3Jp Z2luYWwgRE1BLUJVRidzIGZpcnN0IG9mZnNldAphbmQgbGFzdCBsZW5ndGggYXJlIG5vdCAwIGFu ZCBQQUdFX1NJWkUgcmVzcGVjdGl2ZWx5LiBJIGFzc3VtZSBjdXJyZW50Cnhlbi16Y29weSBvbmx5 IHN1cHBvcnRzIHBhZ2UtYWxpZ25lZCBidWZmZXIgd2l0aCBQQUdFX1NJWkUgeCBuIGJpZy4KCnRo YW5rcywKRFcKCk9uIFR1ZSwgQXByIDI0LCAyMDE4IGF0IDAyOjU5OjM5UE0gKzAzMDAsIE9sZWtz YW5kciBBbmRydXNoY2hlbmtvIHdyb3RlOgo+IE9uIDA0LzI0LzIwMTggMDI6NTQgUE0sIERhbmll bCBWZXR0ZXIgd3JvdGU6Cj4gPk9uIE1vbiwgQXByIDIzLCAyMDE4IGF0IDAzOjEwOjM1UE0gKzAz MDAsIE9sZWtzYW5kciBBbmRydXNoY2hlbmtvIHdyb3RlOgo+ID4+T24gMDQvMjMvMjAxOCAwMjo1 MiBQTSwgV2VpIExpdSB3cm90ZToKPiA+Pj5PbiBGcmksIEFwciAyMCwgMjAxOCBhdCAwMjoyNToy MFBNICswMzAwLCBPbGVrc2FuZHIgQW5kcnVzaGNoZW5rbyB3cm90ZToKPiA+Pj4+Pj4gICAgICB0 aGUgZ250ZGV2Lgo+ID4+Pj4+Pgo+ID4+Pj4+PkkgdGhpbmsgdGhpcyBpcyBnZW5lcmljIGVub3Vn aCB0aGF0IGl0IGNvdWxkIGJlIGltcGxlbWVudGVkIGJ5IGEKPiA+Pj4+Pj5kZXZpY2Ugbm90IHRp ZWQgdG8gWGVuLiBBRkFJQ1QgdGhlIGh5cGVyX2RtYSBndXlzIGFsc28gd2FudGVkCj4gPj4+Pj4+ c29tZXRoaW5nIHNpbWlsYXIgdG8gdGhpcy4KPiA+Pj4+PllvdSBjYW4ndCBqdXN0IHdyYXAgcmFu ZG9tIHVzZXJzcGFjZSBtZW1vcnkgaW50byBhIGRtYS1idWYuIFdlJ3ZlIGp1c3QgaGFkCj4gPj4+ Pj50aGlzIGRpc2N1c3Npb24gd2l0aCBrdm0vcWVtdSBmb2xrcywgd2hvIHByb3Bvc2VkIGp1c3Qg dGhhdCwgYW5kIGFmdGVyIGEKPiA+Pj4+PmJpdCBvZiBkaXNjdXNzaW9uIHRoZXknbGwgbm93IHRy eSB0byBoYXZlIGEgZHJpdmVyIHdoaWNoIGp1c3Qgd3JhcHMgYQo+ID4+Pj4+bWVtZmQgaW50byBh IGRtYS1idWYuCj4gPj4+PlNvLCB3ZSBoYXZlIHRvIGRlY2lkZSBlaXRoZXIgd2UgaW50cm9kdWNl IGEgbmV3IGRyaXZlcgo+ID4+Pj4oc2F5LCB1bmRlciBkcml2ZXJzL3hlbi94ZW4tZG1hLWJ1Zikg b3IgZXh0ZW5kIHRoZSBleGlzdGluZwo+ID4+Pj5nbnRkZXYvYmFsbG9vbiB0byBzdXBwb3J0IGRt YS1idWYgdXNlLWNhc2VzLgo+ID4+Pj4KPiA+Pj4+Q2FuIGFueWJvZHkgZnJvbSBYZW4gY29tbXVu aXR5IGV4cHJlc3MgdGhlaXIgcHJlZmVyZW5jZSBoZXJlPwo+ID4+Pj4KPiA+Pj5PbGVrc2FuZHIg dGFsa2VkIHRvIG1lIG9uIElSQyBhYm91dCB0aGlzLCBoZSBzYWlkIGEgZmV3IElPQ1RMcyBuZWVk IHRvCj4gPj4+YmUgYWRkZWQgdG8gZWl0aGVyIGV4aXN0aW5nIGRyaXZlcnMgb3IgYSBuZXcgZHJp dmVyLgo+ID4+Pgo+ID4+Pkkgd2VudCB0aHJvdWdoIHRoaXMgdGhyZWFkIHR3aWNlIGFuZCBza2lt bWVkIHRocm91Z2ggdGhlIHJlbGV2YW50Cj4gPj4+ZG9jdW1lbnRzLCBidXQgSSBjb3VsZG4ndCBz ZWUgYW55IG9idmlvdXMgcHJvcyBhbmQgY29ucyBmb3IgZWl0aGVyCj4gPj4+YXBwcm9hY2guIFNv IEkgZG9uJ3QgcmVhbGx5IGhhdmUgYW4gb3BpbmlvbiBvbiB0aGlzLgo+ID4+Pgo+ID4+PkJ1dCwg YXNzdW1pbmcgaWYgaW1wbGVtZW50ZWQgaW4gZXhpc3RpbmcgZHJpdmVycywgdGhvc2UgSU9DVExz IG5lZWQgdG8KPiA+Pj5iZSBhZGRlZCB0byBkaWZmZXJlbnQgZHJpdmVycywgd2hpY2ggbWVhbnMg dXNlcnNwYWNlIHByb2dyYW0gbmVlZHMgdG8KPiA+Pj53cml0ZSBtb3JlIGNvZGUgYW5kIGdldCBt b3JlIGhhbmRsZXMsIGl0IHdvdWxkIGJlIHNsaWdodGx5IGJldHRlciB0bwo+ID4+PmltcGxlbWVu dCBhIG5ldyBkcml2ZXIgZnJvbSB0aGF0IHBlcnNwZWN0aXZlLgo+ID4+SWYgZ250ZGV2L2JhbGxv b24gZXh0ZW5zaW9uIGlzIHN0aWxsIGNvbnNpZGVyZWQ6Cj4gPj4KPiA+PkFsbCB0aGUgSU9DVExz IHdpbGwgYmUgaW4gZ250ZGV2IGRyaXZlciAoaW4gY3VycmVudCB4ZW4temNvcHkgdGVybWlub2xv Z3kpOgo+IEkgd2FzIGxhenkgdG8gY2hhbmdlIGR1bWIgdG8gZG1hLWJ1Ziwgc28gcHV0IHRoaXMg bm90aWNlIDspCj4gPj4gwqAtIERSTV9JQ09UTF9YRU5fWkNPUFlfRFVNQl9GUk9NX1JFRlMKPiA+ PiDCoC0gRFJNX0lPQ1RMX1hFTl9aQ09QWV9EVU1CX1RPX1JFRlMKPiA+PiDCoC0gRFJNX0lPQ1RM X1hFTl9aQ09QWV9EVU1CX1dBSVRfRlJFRQo+ID5zL0RVTUIvRE1BX0JVRi8gcGxlYXNlLiBUaGlz IGlzIGdlbmVyaWMgZG1hLWJ1ZiwgaXQgaGFzIG5vdGhpbmcgdG8gZG8gd2l0aAo+ID50aGUgZHVt YiBzY2Fub3V0IGJ1ZmZlciBzdXBwb3J0IGluIHRoZSBkcm0vZ2Z4IHN1YnN5c3RlbS4gVGhpcyBo ZXJlIGNhbiBiZQo+ID51c2VkIGZvciBhbnkgemNvcHkgc2hhcmluZyBhbW9uZyBndWVzdHMgKGFz IGxvbmcgYXMgeW91ciBlbmRwb2ludHMKPiA+dW5kZXJzdGFuZHMgZG1hLWJ1Ziwgd2hpY2ggbW9z dCByZWxldmFudCBkcml2ZXJzIGRvKS4KPiBPZiBjb3Vyc2UsIHBsZWFzZSBzZWUgYWJvdmUKPiA+ LURhbmllbAo+ID4KPiA+PkJhbGxvb24gZHJpdmVyIGV4dGVuc2lvbiwgd2hpY2ggaXMgbmVlZGVk IGZvciBjb250aWd1b3VzL0RNQQo+ID4+YnVmZmVycywgd2lsbCBiZSB0byBwcm92aWRlIG5ldyAq a2VybmVsIEFQSSosIG5vIFVBUEkgaXMgbmVlZGVkLgo+ID4+Cj4gPj4+V2VpLgo+ID4+VGhhbmsg eW91LAo+ID4+T2xla3NhbmRyCj4gPj5fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fXwo+ID4+ZHJpLWRldmVsIG1haWxpbmcgbGlzdAo+ID4+ZHJpLWRldmVsQGxp c3RzLmZyZWVkZXNrdG9wLm9yZwo+ID4+aHR0cHM6Ly9saXN0cy5mcmVlZGVza3RvcC5vcmcvbWFp bG1hbi9saXN0aW5mby9kcmktZGV2ZWwKPiAKX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX18KZHJpLWRldmVsIG1haWxpbmcgbGlzdApkcmktZGV2ZWxAbGlzdHMu ZnJlZWRlc2t0b3Aub3JnCmh0dHBzOi8vbGlzdHMuZnJlZWRlc2t0b3Aub3JnL21haWxtYW4vbGlz dGluZm8vZHJpLWRldmVsCg==