[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [PATCH V2 0/2] virito-pci: PASID support
On Wed, Jan 12, 2022 at 6:44 PM Stefan Hajnoczi <stefanha@redhat.com> wrote: > > On Wed, Jan 12, 2022 at 01:57:53PM +0800, Jason Wang wrote: > > Hi All: > > > > This series tries to add PASID support for virtio-pci to allow the > > virtqueue to use PASID TLP prefix for PCI transactions. This will be > > useful for future work like, queue assignment, virtqueue > > virtualization and presenting multiple vDPA devices with a single PCI > > device. > > > > Since we're short of the space for the PCI capabilities, the PCI > > extended capability for virtio structure is introduced that allows the > > PASID configuration structure to use. > > > > A prototype is implemented with emulated virtio-pci device in [1]. A > > test driver is implemented in [2]. > > > > Please review. > > I don't know the security model for PASIDs. My guess is that PASIDs can > be bruteforced so we must trust the driver (it can assign PASIDs to > virtqueue groups) and we must prevent untrusted applications from > setting PASIDs on virtqueues. Is that correct? Yes, and the kernel can choose to hide PASID even for the trusted application by using token or other intermediate layers. Thanks > > Thanks, > Stefan
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]