From: Dan Williams <dan.j.williams@intel.com>
To: Christoph Hellwig <hch@infradead.org>
Cc: Lukas Wunner <lukas@wunner.de>,
Jonathan Cameron <Jonathan.Cameron@huawei.com>,
Gavin Hindman <gavin.hindman@intel.com>,
Linuxarm <linuxarm@huawei.com>,
"Weiny, Ira" <ira.weiny@intel.com>,
Linux PCI <linux-pci@vger.kernel.org>,
linux-cxl@vger.kernel.org, CHUCK_LEVER <chuck.lever@oracle.com>
Subject: Re: [RFC PATCH 0/1] DOE usage with pcie/portdrv
Date: Wed, 18 May 2022 08:08:47 -0700 [thread overview]
Message-ID: <CAPcyv4jb7D5AKZsxGE5X0jon5suob5feggotdCZWrO_XNaer3A@mail.gmail.com> (raw)
In-Reply-To: <YoT4C77Yem37NUUR@infradead.org>
On Wed, May 18, 2022 at 6:44 AM Christoph Hellwig <hch@infradead.org> wrote:
>
> On Sat, May 14, 2022 at 03:55:21PM +0200, Lukas Wunner wrote:
> > Circling back to the SPDM/IDE topic, while NVMe is now capable of
> > reliably recovering from errors, it does expect the kernel to handle
> > recovery within a few seconds. I'm not sure we can continue to
> > guarantee that if the kernel depends on user space to perform
> > re-authentication with SPDM after reset. That's another headache
> > that we could avoid with in-kernel SPDM authentication.
>
> I wonder if we need kernel bundled and tightly controlled userspace
> code for these kinds of things (also for NVMe/NFS TLS). That is,
> bundle a userspace ELF file or files with a module which is unpacked
> to or accessible by a ramfs-style file systems. Then allow executing
> it without any interaction with the normal userspace, and non-pagable
> memory. That way we can reuse existing userspace code, have really
> nice address space isolation but avoid all the deadlock potential
> of normal userspace code. And I don't think it would be too hard to
> implement either.
Yes, I also want something like this for mitigating the vulnerability
surface of things like PRM [1], where platform vendors are looking to
move more runtime helpers out of SMM mode and into ring0. I would
rather see those routines move all the way into ring3.
[1]: https://uefi.org/sites/default/files/resources/Platform%20Runtime%20Mechanism%20-%20with%20legal%20notice.pdf
next prev parent reply other threads:[~2022-05-18 15:09 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-03 15:34 [RFC PATCH 0/1] DOE usage with pcie/portdrv Jonathan Cameron
2022-05-03 15:34 ` [RFC PATCH 1/1] pcie/portdrv: Hack in DOE and CDAT support Jonathan Cameron
2022-05-06 22:40 ` [RFC PATCH 0/1] DOE usage with pcie/portdrv Dan Williams
2022-05-07 10:18 ` Lukas Wunner
2022-05-09 9:48 ` Jonathan Cameron
2022-05-11 19:13 ` Lukas Wunner
2022-05-11 19:19 ` Lukas Wunner
2022-05-11 19:43 ` Dan Williams
2022-05-14 13:55 ` Lukas Wunner
2022-05-16 17:01 ` Dan Williams
2022-05-27 9:39 ` Lukas Wunner
2022-05-18 13:43 ` Christoph Hellwig
2022-05-18 15:08 ` Dan Williams [this message]
2022-05-20 5:42 ` Lukas Wunner
2022-05-20 15:37 ` Dan Williams
2022-05-20 15:42 ` Chuck Lever III
2022-05-11 19:42 ` Dan Williams
2022-05-11 20:22 ` Hindman, Gavin
2022-05-11 21:04 ` Dan Williams
2022-05-14 13:31 ` Lukas Wunner
2022-05-16 16:53 ` Dan Williams
2022-05-09 9:33 ` Jonathan Cameron
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAPcyv4jb7D5AKZsxGE5X0jon5suob5feggotdCZWrO_XNaer3A@mail.gmail.com \
--to=dan.j.williams@intel.com \
--cc=Jonathan.Cameron@huawei.com \
--cc=chuck.lever@oracle.com \
--cc=gavin.hindman@intel.com \
--cc=hch@infradead.org \
--cc=ira.weiny@intel.com \
--cc=linux-cxl@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=linuxarm@huawei.com \
--cc=lukas@wunner.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).