From: Borislav Petkov <bp@alien8.de>
To: Juergen Gross <jgross@suse.com>
Cc: Oleksandr <olekstysh@gmail.com>,
Christoph Hellwig <hch@infradead.org>,
Boris Ostrovsky <boris.ostrovsky@oracle.com>,
Stefano Stabellini <sstabellini@kernel.org>,
xen-devel@lists.xenproject.org, x86@kernel.org,
linux-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
Dave Hansen <dave.hansen@linux.intel.com>,
Andy Lutomirski <luto@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
Julien Grall <julien@xen.org>,
Oleksandr Tyshchenko <oleksandr_tyshchenko@epam.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
Tom Lendacky <thomas.lendacky@amd.com>
Subject: Re: [PATCH V1 3/6] xen/virtio: Add option to restrict memory access under Xen
Date: Tue, 26 Apr 2022 10:41:09 +0200 [thread overview]
Message-ID: <YmewJaxWS1KGVkTf@zn.tnic> (raw)
In-Reply-To: <7d89848a-3a1c-415d-957a-564ffdd3712d@suse.com>
On Tue, Apr 26, 2022 at 07:16:16AM +0200, Juergen Gross wrote:
> Christoph suggested (rather firmly) this would be the way to go.
Yeah, I saw it but I don't think it is the right way to go.
What happens the next time a guest needs to query the platform
underneath? Misuse these interfaces again?
Because people will see the Xen use and say, hey, look, I will use this
for my funky HV too.
Even worse: what happens if Xen decides to implement SEV/TDX? Then
you're in for a world of fun.
Now, if we want to *extend* the interfaces to have something as generic
as, say, platform_has() and that should be the way for generic kernel
code running in the guest to query the platform capabilities, then sure,
by all means.
> This is needed on guest side at a rather hypervisor independent place.
>
> So a capability of some sort seems appropriate.
>
> Another suggestion of mine was to have a callback (or flag) in
> struct x86_hyper_runtime for that purpose.
This becomes an issue if the HV is not x86 - then you need a different
method of querying it, which then underneath will call the arch-specific
interface.
I don't know how much of querying guests need to do and how they've been
doing that so far. Depending on the requirements, we probably should
think about a clean design from the get-go instead of homegrown things.
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
WARNING: multiple messages have this Message-ID (diff)
From: Borislav Petkov <bp@alien8.de>
To: Juergen Gross <jgross@suse.com>
Cc: Oleksandr <olekstysh@gmail.com>,
Christoph Hellwig <hch@infradead.org>,
Boris Ostrovsky <boris.ostrovsky@oracle.com>,
Stefano Stabellini <sstabellini@kernel.org>,
xen-devel@lists.xenproject.org, x86@kernel.org,
linux-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
Dave Hansen <dave.hansen@linux.intel.com>,
Andy Lutomirski <luto@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, "H. Peter Anvin" <hpa@zytor.com>,
Julien Grall <julien@xen.org>,
Oleksandr Tyshchenko <oleksandr_tyshchenko@epam.com>,
"Michael S. Tsirkin" <mst@redhat.com>,
Tom Lendacky <thomas.lendacky@amd.com>
Subject: Re: [PATCH V1 3/6] xen/virtio: Add option to restrict memory access under Xen
Date: Tue, 26 Apr 2022 10:41:09 +0200 [thread overview]
Message-ID: <YmewJaxWS1KGVkTf@zn.tnic> (raw)
In-Reply-To: <7d89848a-3a1c-415d-957a-564ffdd3712d@suse.com>
On Tue, Apr 26, 2022 at 07:16:16AM +0200, Juergen Gross wrote:
> Christoph suggested (rather firmly) this would be the way to go.
Yeah, I saw it but I don't think it is the right way to go.
What happens the next time a guest needs to query the platform
underneath? Misuse these interfaces again?
Because people will see the Xen use and say, hey, look, I will use this
for my funky HV too.
Even worse: what happens if Xen decides to implement SEV/TDX? Then
you're in for a world of fun.
Now, if we want to *extend* the interfaces to have something as generic
as, say, platform_has() and that should be the way for generic kernel
code running in the guest to query the platform capabilities, then sure,
by all means.
> This is needed on guest side at a rather hypervisor independent place.
>
> So a capability of some sort seems appropriate.
>
> Another suggestion of mine was to have a callback (or flag) in
> struct x86_hyper_runtime for that purpose.
This becomes an issue if the HV is not x86 - then you need a different
method of querying it, which then underneath will call the arch-specific
interface.
I don't know how much of querying guests need to do and how they've been
doing that so far. Depending on the requirements, we probably should
think about a clean design from the get-go instead of homegrown things.
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2022-04-26 9:17 UTC|newest]
Thread overview: 79+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-22 16:50 [PATCH V1 0/6] virtio: Solution to restrict memory access under Xen using xen-grant DMA-mapping layer Oleksandr Tyshchenko
2022-04-22 16:50 ` Oleksandr Tyshchenko
2022-04-22 16:50 ` [PATCH V1 1/6] arm/xen: Introduce xen_setup_dma_ops() Oleksandr Tyshchenko
2022-04-22 16:50 ` Oleksandr Tyshchenko
2022-04-22 22:59 ` Stefano Stabellini
2022-04-22 22:59 ` Stefano Stabellini
2022-04-23 14:35 ` Oleksandr
2022-04-23 14:35 ` Oleksandr
2022-04-23 16:32 ` Christoph Hellwig
2022-04-23 16:32 ` Christoph Hellwig
2022-04-22 16:50 ` [PATCH V1 2/6] xen/grants: support allocating consecutive grants Oleksandr Tyshchenko
2022-04-22 16:50 ` Oleksandr Tyshchenko
2022-04-22 16:51 ` [PATCH V1 3/6] xen/virtio: Add option to restrict memory access under Xen Oleksandr Tyshchenko
2022-04-22 16:51 ` Oleksandr Tyshchenko
2022-04-22 23:00 ` Stefano Stabellini
2022-04-22 23:00 ` Stefano Stabellini
2022-04-23 7:05 ` Oleksandr
2022-04-23 7:05 ` Oleksandr
2022-04-23 9:10 ` Juergen Gross
2022-04-23 9:10 ` Juergen Gross
2022-04-23 15:25 ` Oleksandr
2022-04-23 15:25 ` Oleksandr
2022-04-23 16:40 ` Christoph Hellwig
2022-04-23 16:40 ` Christoph Hellwig
2022-04-24 16:53 ` Oleksandr
2022-04-24 16:53 ` Oleksandr
2022-04-24 18:08 ` Boris Ostrovsky
2022-04-24 18:08 ` Boris Ostrovsky
2022-04-25 7:53 ` Juergen Gross
2022-04-25 7:53 ` Juergen Gross
2022-04-25 7:47 ` Juergen Gross
2022-04-25 7:47 ` Juergen Gross
2022-04-25 7:58 ` Christoph Hellwig
2022-04-25 7:58 ` Christoph Hellwig
2022-04-25 9:14 ` Juergen Gross
2022-04-25 9:14 ` Juergen Gross
2022-04-25 20:38 ` Oleksandr
2022-04-25 20:38 ` Oleksandr
2022-04-25 21:25 ` Borislav Petkov
2022-04-25 21:25 ` Borislav Petkov
2022-04-26 5:16 ` Juergen Gross
2022-04-26 5:16 ` Juergen Gross
2022-04-26 8:41 ` Borislav Petkov [this message]
2022-04-26 8:41 ` Borislav Petkov
2022-04-26 9:36 ` Juergen Gross
2022-04-26 9:36 ` Juergen Gross
2022-04-26 11:16 ` Borislav Petkov
2022-04-26 11:16 ` Borislav Petkov
2022-04-22 16:51 ` [PATCH V1 4/6] dt-bindings: Add xen,dev-domid property description for xen-grant DMA ops Oleksandr Tyshchenko
2022-04-22 16:51 ` [PATCH V1 4/6] dt-bindings: Add xen, dev-domid " Oleksandr Tyshchenko
2022-04-22 23:00 ` Stefano Stabellini
2022-04-22 23:00 ` Stefano Stabellini
2022-04-22 23:00 ` Stefano Stabellini
2022-04-23 14:37 ` Oleksandr
2022-04-23 14:37 ` Oleksandr
2022-05-02 21:59 ` [PATCH V1 4/6] dt-bindings: Add xen,dev-domid " Rob Herring
2022-05-02 21:59 ` Rob Herring
2022-05-02 21:59 ` Rob Herring
2022-05-03 17:09 ` Oleksandr
2022-05-03 17:09 ` Oleksandr
2022-05-04 0:02 ` Rob Herring
2022-05-04 0:02 ` Rob Herring
2022-05-04 0:02 ` Rob Herring
2022-05-05 10:12 ` Oleksandr
2022-05-05 10:12 ` Oleksandr
2022-04-22 16:51 ` [PATCH V1 5/6] xen/grant-dma-ops: Retrieve the ID of backend's domain for DT devices Oleksandr Tyshchenko
2022-04-22 16:51 ` Oleksandr Tyshchenko
2022-04-22 23:00 ` Stefano Stabellini
2022-04-22 23:00 ` Stefano Stabellini
2022-04-23 15:23 ` Oleksandr
2022-04-23 15:23 ` Oleksandr
2022-04-22 16:51 ` [PATCH V1 6/6] arm/xen: Assign xen-grant DMA ops for xen-grant DMA devices Oleksandr Tyshchenko
2022-04-22 16:51 ` Oleksandr Tyshchenko
2022-04-22 23:00 ` Stefano Stabellini
2022-04-22 23:00 ` Stefano Stabellini
2022-04-23 16:42 ` Christoph Hellwig
2022-04-23 16:42 ` Christoph Hellwig
2022-04-24 16:07 ` Oleksandr
2022-04-24 16:07 ` Oleksandr
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YmewJaxWS1KGVkTf@zn.tnic \
--to=bp@alien8.de \
--cc=boris.ostrovsky@oracle.com \
--cc=dave.hansen@linux.intel.com \
--cc=hch@infradead.org \
--cc=hpa@zytor.com \
--cc=jgross@suse.com \
--cc=julien@xen.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=mst@redhat.com \
--cc=oleksandr_tyshchenko@epam.com \
--cc=olekstysh@gmail.com \
--cc=peterz@infradead.org \
--cc=sstabellini@kernel.org \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.