From: Jason Wang <jasowang@redhat.com> To: Xie Yongji <xieyongji@bytedance.com>, mst@redhat.com, stefanha@redhat.com, sgarzare@redhat.com, parav@nvidia.com, bob.liu@oracle.com, hch@infradead.org, rdunlap@infradead.org, willy@infradead.org, viro@zeniv.linux.org.uk, axboe@kernel.dk, bcrl@kvack.org, corbet@lwn.net Cc: virtualization@lists.linux-foundation.org, netdev@vger.kernel.org, kvm@vger.kernel.org, linux-aio@kvack.org, linux-fsdevel@vger.kernel.org Subject: Re: [RFC v4 07/11] vduse: Introduce VDUSE - vDPA Device in Userspace Date: Wed, 10 Mar 2021 20:58:30 +0800 [thread overview] Message-ID: <2c7446dd-38f8-a06a-e423-6744c6a7207f@redhat.com> (raw) In-Reply-To: <20210223115048.435-8-xieyongji@bytedance.com> On 2021/2/23 7:50 下午, Xie Yongji wrote: > + > + switch (cmd) { > + case VDUSE_IOTLB_GET_FD: { > + struct vduse_iotlb_entry entry; > + struct vhost_iotlb_map *map; > + struct vdpa_map_file *map_file; > + struct file *f = NULL; > + > + ret = -EFAULT; > + if (copy_from_user(&entry, argp, sizeof(entry))) > + break; > + > + spin_lock(&dev->iommu_lock); > + map = vhost_iotlb_itree_first(dev->iommu, entry.start, > + entry.last); > + if (map) { > + map_file = (struct vdpa_map_file *)map->opaque; > + f = get_file(map_file->file); > + entry.offset = map_file->offset; > + entry.start = map->start; > + entry.last = map->last; > + entry.perm = map->perm; > + } > + spin_unlock(&dev->iommu_lock); > + if (!f) { > + ret = -EINVAL; > + break; > + } > + if (copy_to_user(argp, &entry, sizeof(entry))) { > + fput(f); > + ret = -EFAULT; > + break; > + } > + ret = get_unused_fd_flags(perm_to_file_flags(entry.perm)); > + if (ret < 0) { > + fput(f); > + break; > + } > + fd_install(ret, f); So at least we need to use receice_fd_user() here to give a chance to be hooked into security module. Consider this is bascially a kind of passing file descriptor implicitly. We need to be careful if any security stufss is missed. (Have a quick glance at scm_send/recv, feel ok but need to double check). Thanks > + break; > + }
WARNING: multiple messages have this Message-ID (diff)
From: Jason Wang <jasowang@redhat.com> To: Xie Yongji <xieyongji@bytedance.com>, mst@redhat.com, stefanha@redhat.com, sgarzare@redhat.com, parav@nvidia.com, bob.liu@oracle.com, hch@infradead.org, rdunlap@infradead.org, willy@infradead.org, viro@zeniv.linux.org.uk, axboe@kernel.dk, bcrl@kvack.org, corbet@lwn.net Cc: linux-aio@kvack.org, netdev@vger.kernel.org, linux-fsdevel@vger.kernel.org, kvm@vger.kernel.org, virtualization@lists.linux-foundation.org Subject: Re: [RFC v4 07/11] vduse: Introduce VDUSE - vDPA Device in Userspace Date: Wed, 10 Mar 2021 20:58:30 +0800 [thread overview] Message-ID: <2c7446dd-38f8-a06a-e423-6744c6a7207f@redhat.com> (raw) In-Reply-To: <20210223115048.435-8-xieyongji@bytedance.com> On 2021/2/23 7:50 下午, Xie Yongji wrote: > + > + switch (cmd) { > + case VDUSE_IOTLB_GET_FD: { > + struct vduse_iotlb_entry entry; > + struct vhost_iotlb_map *map; > + struct vdpa_map_file *map_file; > + struct file *f = NULL; > + > + ret = -EFAULT; > + if (copy_from_user(&entry, argp, sizeof(entry))) > + break; > + > + spin_lock(&dev->iommu_lock); > + map = vhost_iotlb_itree_first(dev->iommu, entry.start, > + entry.last); > + if (map) { > + map_file = (struct vdpa_map_file *)map->opaque; > + f = get_file(map_file->file); > + entry.offset = map_file->offset; > + entry.start = map->start; > + entry.last = map->last; > + entry.perm = map->perm; > + } > + spin_unlock(&dev->iommu_lock); > + if (!f) { > + ret = -EINVAL; > + break; > + } > + if (copy_to_user(argp, &entry, sizeof(entry))) { > + fput(f); > + ret = -EFAULT; > + break; > + } > + ret = get_unused_fd_flags(perm_to_file_flags(entry.perm)); > + if (ret < 0) { > + fput(f); > + break; > + } > + fd_install(ret, f); So at least we need to use receice_fd_user() here to give a chance to be hooked into security module. Consider this is bascially a kind of passing file descriptor implicitly. We need to be careful if any security stufss is missed. (Have a quick glance at scm_send/recv, feel ok but need to double check). Thanks > + break; > + } _______________________________________________ Virtualization mailing list Virtualization@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/virtualization
next prev parent reply other threads:[~2021-03-10 12:59 UTC|newest] Thread overview: 96+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-02-23 11:50 [RFC v4 00/11] Introduce VDUSE - vDPA Device in Userspace Xie Yongji 2021-02-23 11:50 ` [RFC v4 01/11] eventfd: Increase the recursion depth of eventfd_signal() Xie Yongji 2021-03-02 6:44 ` Jason Wang 2021-03-02 6:44 ` Jason Wang 2021-03-02 10:32 ` Yongji Xie 2021-02-23 11:50 ` [RFC v4 02/11] vhost-vdpa: protect concurrent access to vhost device iotlb Xie Yongji 2021-03-02 6:47 ` Jason Wang 2021-03-02 6:47 ` Jason Wang 2021-03-02 10:20 ` Yongji Xie 2021-02-23 11:50 ` [RFC v4 03/11] vhost-iotlb: Add an opaque pointer for vhost IOTLB Xie Yongji 2021-03-02 6:49 ` Jason Wang 2021-03-02 6:49 ` Jason Wang 2021-02-23 11:50 ` [RFC v4 04/11] vdpa: Add an opaque pointer for vdpa_config_ops.dma_map() Xie Yongji 2021-03-02 6:50 ` Jason Wang 2021-03-02 6:50 ` Jason Wang 2021-02-23 11:50 ` [RFC v4 05/11] vdpa: Support transferring virtual addressing during DMA mapping Xie Yongji 2021-02-24 7:37 ` Dan Carpenter 2021-02-24 7:37 ` Dan Carpenter 2021-03-03 10:52 ` Mika Penttilä 2021-03-03 12:45 ` Yongji Xie 2021-03-03 13:38 ` Mika Penttilä 2021-03-04 3:07 ` Jason Wang 2021-03-04 3:07 ` Jason Wang 2021-03-04 5:40 ` Yongji Xie 2021-02-23 11:50 ` [RFC v4 06/11] vduse: Implement an MMU-based IOMMU driver Xie Yongji 2021-03-04 4:20 ` Jason Wang 2021-03-04 4:20 ` Jason Wang 2021-03-04 5:12 ` Yongji Xie 2021-03-05 3:35 ` Jason Wang 2021-03-05 3:35 ` Jason Wang 2021-03-05 6:15 ` Yongji Xie 2021-03-05 6:51 ` Jason Wang 2021-03-05 7:13 ` Yongji Xie 2021-03-05 7:27 ` Jason Wang 2021-03-05 7:27 ` Jason Wang 2021-03-05 7:59 ` Yongji Xie 2021-03-08 3:17 ` Jason Wang 2021-03-08 3:17 ` Jason Wang 2021-03-08 3:45 ` Yongji Xie 2021-03-08 3:52 ` Jason Wang 2021-03-08 3:52 ` Jason Wang 2021-03-08 5:05 ` Yongji Xie 2021-03-08 7:04 ` Jason Wang 2021-03-08 7:04 ` Jason Wang 2021-03-08 7:08 ` Yongji Xie 2021-02-23 11:50 ` [RFC v4 07/11] vduse: Introduce VDUSE - vDPA Device in Userspace Xie Yongji 2021-02-23 15:44 ` kernel test robot 2021-02-23 20:24 ` kernel test robot 2021-03-04 6:27 ` Jason Wang 2021-03-04 6:27 ` Jason Wang 2021-03-04 8:05 ` Yongji Xie 2021-03-05 3:20 ` Jason Wang 2021-03-05 3:20 ` Jason Wang 2021-03-05 3:49 ` Yongji Xie 2021-03-10 12:58 ` Jason Wang [this message] 2021-03-10 12:58 ` Jason Wang 2021-03-11 2:28 ` Yongji Xie 2021-02-23 11:50 ` [RFC v4 08/11] vduse: Add config interrupt support Xie Yongji 2021-02-23 11:50 ` [RFC v4 09/11] Documentation: Add documentation for VDUSE Xie Yongji 2021-03-04 6:39 ` Jason Wang 2021-03-04 6:39 ` Jason Wang 2021-03-04 10:35 ` Yongji Xie 2021-02-23 11:50 ` [RFC v4 10/11] vduse: Introduce a workqueue for irq injection Xie Yongji 2021-03-04 6:59 ` Jason Wang 2021-03-04 6:59 ` Jason Wang 2021-03-04 8:58 ` Yongji Xie 2021-03-05 3:04 ` Jason Wang 2021-03-05 3:04 ` Jason Wang 2021-03-05 3:30 ` Yongji Xie 2021-03-05 3:42 ` Jason Wang 2021-03-05 3:42 ` Jason Wang 2021-03-05 6:36 ` Yongji Xie 2021-03-05 7:01 ` Jason Wang 2021-03-05 7:01 ` Jason Wang 2021-03-05 7:27 ` Yongji Xie 2021-03-05 7:36 ` Jason Wang 2021-03-05 7:36 ` Jason Wang 2021-03-05 8:12 ` Yongji Xie 2021-03-08 3:04 ` Jason Wang 2021-03-08 3:04 ` Jason Wang 2021-03-08 4:50 ` Yongji Xie 2021-03-08 7:01 ` Jason Wang 2021-03-08 7:01 ` Jason Wang 2021-03-08 7:16 ` Yongji Xie 2021-03-08 7:29 ` Jason Wang 2021-03-08 7:29 ` Jason Wang 2021-02-23 11:50 ` [RFC v4 11/11] vduse: Support binding irq to the specified cpu Xie Yongji 2021-03-04 7:30 ` Jason Wang 2021-03-04 7:30 ` Jason Wang 2021-03-04 8:19 ` Yongji Xie 2021-03-05 3:11 ` Jason Wang 2021-03-05 3:11 ` Jason Wang 2021-03-05 3:37 ` Yongji Xie 2021-03-05 3:44 ` Jason Wang 2021-03-05 3:44 ` Jason Wang 2021-03-05 6:40 ` Yongji Xie
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=2c7446dd-38f8-a06a-e423-6744c6a7207f@redhat.com \ --to=jasowang@redhat.com \ --cc=axboe@kernel.dk \ --cc=bcrl@kvack.org \ --cc=bob.liu@oracle.com \ --cc=corbet@lwn.net \ --cc=hch@infradead.org \ --cc=kvm@vger.kernel.org \ --cc=linux-aio@kvack.org \ --cc=linux-fsdevel@vger.kernel.org \ --cc=mst@redhat.com \ --cc=netdev@vger.kernel.org \ --cc=parav@nvidia.com \ --cc=rdunlap@infradead.org \ --cc=sgarzare@redhat.com \ --cc=stefanha@redhat.com \ --cc=viro@zeniv.linux.org.uk \ --cc=virtualization@lists.linux-foundation.org \ --cc=willy@infradead.org \ --cc=xieyongji@bytedance.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.