From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 280EEC433F5 for ; Thu, 14 Oct 2021 01:50:35 +0000 (UTC) Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id DB6CE60E78 for ; Thu, 14 Oct 2021 01:50:34 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org DB6CE60E78 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=lists.freedesktop.org Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id B57986E140; Thu, 14 Oct 2021 01:50:31 +0000 (UTC) Received: from mail-ed1-x52b.google.com (mail-ed1-x52b.google.com [IPv6:2a00:1450:4864:20::52b]) by gabe.freedesktop.org (Postfix) with ESMTPS id 89C966E133; Thu, 14 Oct 2021 01:50:30 +0000 (UTC) Received: by mail-ed1-x52b.google.com with SMTP id a25so17797509edx.8; Wed, 13 Oct 2021 18:50:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=RvGlhpBdoSGJY07qYcoxstqzyNYso35hmP1TDGV1z4g=; b=qW7ab3idrM55I9OTL3GrIElKPjaIhew6Sc2swiQ6z3GGZKZ4sKwc2EqCtfffUBIuP2 lu+mEDP7PGOk4oRy+JqxFefJ2QzgDXSAIjVXwWwi9acizduRC1ULUfqzHa/jDrFxXnjY HaJ21105BgM5/bbpbpSpfx8WE9oUIbivL6aCQN1cr3929S68TjS7GCrpoHkSbxOWvwLi iCOWUpMpzqFS7+BQmcbssEO+A55PCO/zYSWnkiTRNWSfCtHL4s4f7DkFgudaVkZmKWa3 X1f5wAoIUR7UHNOX1YVW2fIu1Fj01rl/wZM7/Ywxy7jVzCgfrKBY5a0ByGRFhv4ki5RM MuvQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=RvGlhpBdoSGJY07qYcoxstqzyNYso35hmP1TDGV1z4g=; b=56gI2AAErcGQB27ZKJvTKrjNvn0+cSx7h40zYoU05WWvz+R5+TPVXdsB+/zo2HkfHB lkFJ5wm+sIkpXCCrDGrNiVQFhEzQy9JAtr7xAeF7DXMKo0LNlm0m7mAhBZLMwF4jmXEG kYe7f2ZM1KTQu1WT1dnf/jETILbJqIgGwILuWp8TBE/R6ds9sbmYV56GL8pjpoG9ql9x fmh81vsDjJZ/OBJ1FRdknBWN4I5N+Aa1ELdA4t7JBV2+iFUo6klQ2OApemHH7TmwcJlr xo8jYskNatwqCW62LyAmILOKsiJF8CaVpquMxK8Hczx52VmxWzXJvs5uYe1Y3I1Ad+p6 8DPA== X-Gm-Message-State: AOAM531k7z41hdzr56ctN3ZXeQs+Rywo4H2vPfS8anxsNLRGibo4IQYB /YcAzWaIwKDXtjm/F2U6IrcZqh34gvstHclgSqg= X-Google-Smtp-Source: ABdhPJwi11719SRkCOiPMN/Zte43zfyvEqn21jnxMF2BYaxtGXJQ0gXaDA9Di8A1LyGOWtBSYOvYWwqvz7DYVGycrOA= X-Received: by 2002:a05:6402:1547:: with SMTP id p7mr4491032edx.371.1634176228758; Wed, 13 Oct 2021 18:50:28 -0700 (PDT) MIME-Version: 1.0 References: <20211008133530.664509-1-thomas.hellstrom@linux.intel.com> In-Reply-To: <20211008133530.664509-1-thomas.hellstrom@linux.intel.com> From: Dave Airlie Date: Thu, 14 Oct 2021 11:50:17 +1000 Message-ID: Subject: Re: [PATCH 0/6] drm/i915: Failsafe migration blits To: =?UTF-8?Q?Thomas_Hellstr=C3=B6m?= Cc: Intel Graphics Development , dri-devel , Maarten Lankhorst , Matthew Auld Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: dri-devel@lists.freedesktop.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Direct Rendering Infrastructure - Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" On Fri, 8 Oct 2021 at 23:36, Thomas Hellstr=C3=B6m wrote: > > This patch series introduces failsafe migration blits. > The reason for this seemingly strange concept is that if the initial > clearing or readback of LMEM fails for some reason, and we then set up > either GPU- or CPU ptes to the allocated LMEM, we can expose old > contents from other clients. Can we enumerate "for some reason" here? This feels like "security" with no defined threat model. Maybe if the cover letter contains more details on the threat model it would make more sense. Dave. From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 092C7C433EF for ; Thu, 14 Oct 2021 01:50:32 +0000 (UTC) Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id B9BF560E78 for ; Thu, 14 Oct 2021 01:50:31 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org B9BF560E78 Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=lists.freedesktop.org Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id 137526E133; Thu, 14 Oct 2021 01:50:31 +0000 (UTC) Received: from mail-ed1-x52b.google.com (mail-ed1-x52b.google.com [IPv6:2a00:1450:4864:20::52b]) by gabe.freedesktop.org (Postfix) with ESMTPS id 89C966E133; Thu, 14 Oct 2021 01:50:30 +0000 (UTC) Received: by mail-ed1-x52b.google.com with SMTP id a25so17797509edx.8; Wed, 13 Oct 2021 18:50:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=RvGlhpBdoSGJY07qYcoxstqzyNYso35hmP1TDGV1z4g=; b=qW7ab3idrM55I9OTL3GrIElKPjaIhew6Sc2swiQ6z3GGZKZ4sKwc2EqCtfffUBIuP2 lu+mEDP7PGOk4oRy+JqxFefJ2QzgDXSAIjVXwWwi9acizduRC1ULUfqzHa/jDrFxXnjY HaJ21105BgM5/bbpbpSpfx8WE9oUIbivL6aCQN1cr3929S68TjS7GCrpoHkSbxOWvwLi iCOWUpMpzqFS7+BQmcbssEO+A55PCO/zYSWnkiTRNWSfCtHL4s4f7DkFgudaVkZmKWa3 X1f5wAoIUR7UHNOX1YVW2fIu1Fj01rl/wZM7/Ywxy7jVzCgfrKBY5a0ByGRFhv4ki5RM MuvQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=RvGlhpBdoSGJY07qYcoxstqzyNYso35hmP1TDGV1z4g=; b=56gI2AAErcGQB27ZKJvTKrjNvn0+cSx7h40zYoU05WWvz+R5+TPVXdsB+/zo2HkfHB lkFJ5wm+sIkpXCCrDGrNiVQFhEzQy9JAtr7xAeF7DXMKo0LNlm0m7mAhBZLMwF4jmXEG kYe7f2ZM1KTQu1WT1dnf/jETILbJqIgGwILuWp8TBE/R6ds9sbmYV56GL8pjpoG9ql9x fmh81vsDjJZ/OBJ1FRdknBWN4I5N+Aa1ELdA4t7JBV2+iFUo6klQ2OApemHH7TmwcJlr xo8jYskNatwqCW62LyAmILOKsiJF8CaVpquMxK8Hczx52VmxWzXJvs5uYe1Y3I1Ad+p6 8DPA== X-Gm-Message-State: AOAM531k7z41hdzr56ctN3ZXeQs+Rywo4H2vPfS8anxsNLRGibo4IQYB /YcAzWaIwKDXtjm/F2U6IrcZqh34gvstHclgSqg= X-Google-Smtp-Source: ABdhPJwi11719SRkCOiPMN/Zte43zfyvEqn21jnxMF2BYaxtGXJQ0gXaDA9Di8A1LyGOWtBSYOvYWwqvz7DYVGycrOA= X-Received: by 2002:a05:6402:1547:: with SMTP id p7mr4491032edx.371.1634176228758; Wed, 13 Oct 2021 18:50:28 -0700 (PDT) MIME-Version: 1.0 References: <20211008133530.664509-1-thomas.hellstrom@linux.intel.com> In-Reply-To: <20211008133530.664509-1-thomas.hellstrom@linux.intel.com> From: Dave Airlie Date: Thu, 14 Oct 2021 11:50:17 +1000 Message-ID: To: =?UTF-8?Q?Thomas_Hellstr=C3=B6m?= Cc: Intel Graphics Development , dri-devel , Maarten Lankhorst , Matthew Auld Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Subject: Re: [Intel-gfx] [PATCH 0/6] drm/i915: Failsafe migration blits X-BeenThere: intel-gfx@lists.freedesktop.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Intel graphics driver community testing & development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: intel-gfx-bounces@lists.freedesktop.org Sender: "Intel-gfx" On Fri, 8 Oct 2021 at 23:36, Thomas Hellstr=C3=B6m wrote: > > This patch series introduces failsafe migration blits. > The reason for this seemingly strange concept is that if the initial > clearing or readback of LMEM fails for some reason, and we then set up > either GPU- or CPU ptes to the allocated LMEM, we can expose old > contents from other clients. Can we enumerate "for some reason" here? This feels like "security" with no defined threat model. Maybe if the cover letter contains more details on the threat model it would make more sense. Dave.