[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [v2][PATCH] xen/vtd/iommu: permit group devices to passthrough in relaxed mode

To: Jan Beulich <JBeulich@xxxxxxxx>
From: "Tian, Kevin" <kevin.tian@xxxxxxxxx>
Date: Fri, 11 Sep 2015 22:44:54 +0000
Accept-language: en-US
Cc: "Zhang, Yang Z" <yang.z.zhang@xxxxxxxxx>, "Chen, Tiejun" <tiejun.chen@xxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxx>
Delivery-date: Fri, 11 Sep 2015 22:45:27 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>
Thread-index: AQHQ6sxpChslz9G5Uk+FVJ0H+xj8Ip41OgfAgABZx+KAANSXwIAAG0QAgAFsijA=
Thread-topic: [v2][PATCH] xen/vtd/iommu: permit group devices to passthrough in relaxed mode

> From: Jan Beulich [mailto:JBeulich@xxxxxxxx]
> Sent: Friday, September 11, 2015 4:56 PM
> 
> >>> On 11.09.15 at 01:22, <kevin.tian@xxxxxxxxx> wrote:
> > Sorry it's a bad example. My actual concern is that we can't count
> > on this per-VM relax/strict policy to prevent group devices assigned
> > to different VM. In that case it's definitely a security hole since
> > one VM may clobber shared RMRR to impact another VM. So right
> > example for that scenario is both VMs specified with 'relax'.
> 
> Sorry, no, the idea of "relax" is to allow the admin to state "I have
> no security concerns". Hence we'd have a security issue only if the
> default was "relax" (which iiuc it isn't, or if it were _that's_ what
> would need to be alongside the presented change). Whether that
> statement of the admin is because of
> - knowing that the RMRR won't be used post-boot
> - group-assigning the devices manually
> - simply not caring (i.e. trusting the guests)
> is not our business.
> 
> IOW, provided there's no way for "relax" to become the default
> (Tiejun - please confirm), the patch as is should be fine.
> 
> Jan
> 

OK, that explanation is fine to me as long as it's made clear no
security guarantee once admin uses 'relax' for any domain. Tiejun
could you resend patch with right warning/error type?

Thanks
Kevin

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [v2][PATCH] xen/vtd/iommu: permit group devices to passthrough in relaxed mode
  - From: Chen, Tiejun

References:
- [Xen-devel] [v2][PATCH] xen/vtd/iommu: permit group devices to passthrough in relaxed mode
  - From: Tiejun Chen
- Re: [Xen-devel] [v2][PATCH] xen/vtd/iommu: permit group devices to passthrough in relaxed mode
  - From: Jan Beulich
- Re: [Xen-devel] [v2][PATCH] xen/vtd/iommu: permit group devices to passthrough in relaxed mode
  - From: Tian, Kevin
- Re: [Xen-devel] [v2][PATCH] xen/vtd/iommu: permit group devices to passthrough in relaxed mode
  - From: Jan Beulich
- Re: [Xen-devel] [v2][PATCH] xen/vtd/iommu: permit group devices to passthrough in relaxed mode
  - From: Wei Liu
- Re: [Xen-devel] [v2][PATCH] xen/vtd/iommu: permit group devices to passthrough in relaxed mode
  - From: Tian, Kevin
- Re: [Xen-devel] [v2][PATCH] xen/vtd/iommu: permit group devices to passthrough in relaxed mode
  - From: Jan Beulich

Prev by Date: [Xen-devel] [ovmf test] 61736: regressions - FAIL
Next by Date: Re: [Xen-devel] OVMF/Xen, Debian wheezy can't boot with NX on stack (Was: Re: [edk2] [PATCH] OvmfPkg: prevent code execution from DXE stack)
Previous by thread: Re: [Xen-devel] [v2][PATCH] xen/vtd/iommu: permit group devices to passthrough in relaxed mode
Next by thread: Re: [Xen-devel] [v2][PATCH] xen/vtd/iommu: permit group devices to passthrough in relaxed mode
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.