LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: linas@austin.ibm.com (Linas Vepstas)
To: Grant Grundler <grundler@parisc-linux.org>
Cc: Greg KH <gregkh@suse.de>, Barak Fargoun <barak@neocleus.com>,
	linux-kernel@vger.kernel.org, linux-pci@atrey.karlin.mff.cuni.cz,
	Guy Zana <guy@neocleus.com>
Subject: Re: [PATCH] Align PCI memory regions to page size (4K) - Fix
Date: Thu, 8 Nov 2007 17:24:00 -0600	[thread overview]
Message-ID: <20071108232400.GC4239@austin.ibm.com> (raw)
In-Reply-To: <20071029055216.GB14763@colo.lackof.org>

On Sun, Oct 28, 2007 at 11:52:16PM -0600, Grant Grundler wrote:
> > On Sun, Oct 28, 2007 at 03:53:20PM -0400, Barak Fargoun wrote:
> ...
> > > About your question: today, some of the hypervisors are using linux
> > > kernel as their domain-0 (e.g. Xen). In order to implement direct
> > > hardware access for these native domains (e.g.  running windows in a
> > > virtual machine above Xen), the PCI memory regions should be aligned
> > > at-least at the page-level (so, a virtual machine - can't see data of
> > > other devices which may not be assigned to it). So, for that reason,
> > > we wanted a boot parameter to let us force the kernel to align PCI
> > > memory regions at-least at a PAGE_SIZE alignment. It is very useful
> > > for hypervisors which are developed at Linux environment (e.g.: Xen).
> 
> It's a benefit IFF multiple devices are spread across more than one guest
> _and_ we don't trust every particating guest to play nicely with IO.  That way
> the Hypervisor can assign one device to a specific guest OS for direct access.
> E.g. 4 port Gige card could directly support the host and 3 guests with somewhat
> lower risk of tromping on each other's MMIO space.
> 
> If Xen is cooperative, this seems a bit paranoid. I don't recall ever seeing a
> driver bug where the driver accidentally poked MMIO space at the wrong device.

I presume the issue is not a driver bug per-se, but a
spying/hacking-type security issue: Having root in one guest could in
principle allow one to write a driver that snooped on data in other
guests, and/or intentionally corrupted data on other guests.

I envision some ISP renting out 1/3 of a machine with a 4-port card,
and having some nosey college-kid wannabe hacker getting root on one of
the guests and causing trouble.  But perhaps I'm waaaayyyyy off base
here.

(Just like occasional cigarette smoking is known to inevitably lead to
full-fledged heroin addiction, I am pretty sure that the culture of
"cheat codes" among 12-year-olds is going to lead to an epidemic of
hackers in about 10 years. I am atuned to "wannabe hacker culture"). 

--linas

  reply	other threads:[~2007-11-08 23:26 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-10-28 17:27 Barak Fargoun
2007-10-28 19:31 ` Greg KH
2007-10-28 19:53   ` Barak Fargoun
2007-10-28 20:03     ` Greg KH
2007-10-28 20:44       ` Barak Fargoun
2007-10-29  1:08       ` David Miller
2007-11-13 21:17         ` Benjamin Herrenschmidt
2007-11-14  6:21           ` Grant Grundler
2007-11-14  8:16             ` Benjamin Herrenschmidt
2007-11-14 21:55               ` Grant Grundler
2007-11-14 22:16                 ` Benjamin Herrenschmidt
2007-10-29  5:52       ` Grant Grundler
2007-11-08 23:24         ` Linas Vepstas [this message]
2007-11-12 23:43           ` Grant Grundler
2007-10-28 19:48 ` Arjan van de Ven

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20071108232400.GC4239@austin.ibm.com \
    --to=linas@austin.ibm.com \
    --cc=barak@neocleus.com \
    --cc=gregkh@suse.de \
    --cc=grundler@parisc-linux.org \
    --cc=guy@neocleus.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-pci@atrey.karlin.mff.cuni.cz \
    --subject='Re: [PATCH] Align PCI memory regions to page size (4K) - Fix' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).