Received: by 10.213.65.68 with SMTP id h4csp597225imn; Tue, 13 Mar 2018 14:24:08 -0700 (PDT) X-Google-Smtp-Source: AG47ELuKcRTfYjm5L2blGQUTWDvvDLyVgpm4kJQeV5XSeSiDXg4KCn/o3jr+X9DKnk/bGkEpFT+4 X-Received: by 10.98.254.6 with SMTP id z6mr1932143pfh.155.1520976248091; Tue, 13 Mar 2018 14:24:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1520976248; cv=none; d=google.com; s=arc-20160816; b=t4tBI/gNYJRX0ev+fu4kzXMkVFR+UHyWzBodSESWfwc7AvKvqJSdBErcamKISCE5ko 9Or8G4v8abeH9p3frbKxyTfiLff6W3grFi50Gcm0MRtYxaP/1lemOhc/gme8hOgkrPyq CABeOUHSxKS02syft7AZdxVe4Co2Q5xNGNK3jlUbzFZNUzCeJRcz+UgZEOvTMnb4tH+X +8XQD/Z1FMhK+Vsss/M2dFe3N/AemySMYq6nzP2eVGSlWzNYNgwNhSnDPXanYN5IH1y4 xSomhReY/ntvmcEyQ3VdMDI0HlQxom3oAwJWCy5lqKPNrT8vUzvuK1Gas90DVWjIy6V1 2GEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dmarc-filter :dkim-signature:dkim-signature:arc-authentication-results; bh=CXnWEEo1qabkiVnuoY1ZkVRjD0OdYF4n08MkKODbwRA=; b=oO3FZtp+7oOY8njr/yQamEdZGr8olXh9oHcYoD1y7NW/MZc3tynjbVGBZroxaOPc8B aT8y2jkkAr/AIoiIsyojOACqVLJzWJihiwuarob/2DtN5oM5YD9QNl1gRgTFWLcs7eWP ZW9FZDPHJQtbtTKPvLfXsbIMrYloEo5mOYqY7xV6SJHm27hKWfTph3R4K/qyjHSfkeeA zJYRgRLvm7/glcYqJkQmWe2RuPnKpC+JJGLtHQwMdzlf1XsN7y8bsRxV/LO3myt6vjDN j5rLBLOZfmDYrhtHJVY72jXovJdFZ53xUq1uHPBbIItsV/3WpSD4jRCKfP9pMNG8J423 v7gw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@codeaurora.org header.s=default header.b=MKfAOHWp; dkim=pass header.i=@codeaurora.org header.s=default header.b=SGPJ5N9X; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b7si675617pgv.425.2018.03.13.14.23.53; Tue, 13 Mar 2018 14:24:08 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@codeaurora.org header.s=default header.b=MKfAOHWp; dkim=pass header.i=@codeaurora.org header.s=default header.b=SGPJ5N9X; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752716AbeCMVXA (ORCPT + 99 others); Tue, 13 Mar 2018 17:23:00 -0400 Received: from smtp.codeaurora.org ([198.145.29.96]:50998 "EHLO smtp.codeaurora.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752375AbeCMVW5 (ORCPT ); Tue, 13 Mar 2018 17:22:57 -0400 Received: by smtp.codeaurora.org (Postfix, from userid 1000) id 43F0960867; Tue, 13 Mar 2018 21:22:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=codeaurora.org; s=default; t=1520976177; bh=HoGxcoEJoaMhWwxKz8ZJT8iozxmVTUBxWkTi+sM8VHw=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=MKfAOHWpkvEaBaF231OgHUfhBk3bM5iI86qoW/VJps+qvj7cxLpnE0lVH5B+fhe3I l6FByTQg8TBBrLywVaQ3OVmYq8j24kQddG/6wY1wL4qo1fZxokj3oWLx+A/nRozwSM YZzTUaE7RFy3cZZGo/J+yB2bA+/FQT1dvjC+pZlM= X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on pdx-caf-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.8 required=2.0 tests=ALL_TRUSTED,BAYES_00, DKIM_SIGNED,T_DKIM_INVALID autolearn=no autolearn_force=no version=3.4.0 Received: from [10.235.228.150] (global_nat1_iad_fw.qualcomm.com [129.46.232.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: okaya@smtp.codeaurora.org) by smtp.codeaurora.org (Postfix) with ESMTPSA id 4389360590; Tue, 13 Mar 2018 21:22:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=codeaurora.org; s=default; t=1520976176; bh=HoGxcoEJoaMhWwxKz8ZJT8iozxmVTUBxWkTi+sM8VHw=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=SGPJ5N9XjG2VWimnqLCEFPqMSFx1TZmhZUvbOtMYYrKuTE3rQFokL23mg7m2nf6wE G6aIG3iYhCSyxx6vlnu4+PmZ7DICQUr+FAVFESfWH1DrZxyQJoZI6ES8Ajp7MEHaG1 fXUr/AIZNERt1TNkjaIb5f1vvTuMRvJad1z8hYkY= DMARC-Filter: OpenDMARC Filter v1.3.2 smtp.codeaurora.org 4389360590 Authentication-Results: pdx-caf-mail.web.codeaurora.org; dmarc=none (p=none dis=none) header.from=codeaurora.org Authentication-Results: pdx-caf-mail.web.codeaurora.org; spf=none smtp.mailfrom=okaya@codeaurora.org Subject: Re: [PATCH v3 01/11] PCI/P2PDMA: Support peer-to-peer memory To: Logan Gunthorpe , linux-kernel@vger.kernel.org, linux-pci@vger.kernel.org, linux-nvme@lists.infradead.org, linux-rdma@vger.kernel.org, linux-nvdimm@lists.01.org, linux-block@vger.kernel.org Cc: Stephen Bates , Christoph Hellwig , Jens Axboe , Keith Busch , Sagi Grimberg , Bjorn Helgaas , Jason Gunthorpe , Max Gurtovoy , Dan Williams , =?UTF-8?B?SsOpcsO0bWUgR2xpc3Nl?= , Benjamin Herrenschmidt , Alex Williamson References: <20180312193525.2855-1-logang@deltatee.com> <20180312193525.2855-2-logang@deltatee.com> <59fd2f5d-177f-334a-a9c4-0f8a6ec7c303@codeaurora.org> <24d8e5c2-065d-8bde-3f5d-7f158be9c578@deltatee.com> <52cbbbc4-c488-f83f-8d02-14d455b4efd7@codeaurora.org> <3e738f95-d73c-4182-2fa1-8664aafb1ab7@deltatee.com> <703aa92c-0c1c-4852-5887-6f6e6ccde0fb@codeaurora.org> <3ea80992-a0fc-08f2-d93d-ae0ec4e3f4ce@codeaurora.org> <4eb6850c-df1b-fd44-3ee0-d43a50270b53@deltatee.com> From: Sinan Kaya Message-ID: <757fca36-dee4-e070-669e-f2788bd78e41@codeaurora.org> Date: Tue, 13 Mar 2018 17:22:53 -0400 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: <4eb6850c-df1b-fd44-3ee0-d43a50270b53@deltatee.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 3/13/2018 4:46 PM, Logan Gunthorpe wrote: > > > On 13/03/18 01:53 PM, Sinan Kaya wrote: >> I agree disabling globally would be bad. Somebody can always say I have >> ten switches on my system. I want to do peer-to-peer on one switch only. Now, >> this change weakened security for the other switches that I had no intention >> with doing P2P. >> >> Isn't this a problem? > > Well, if it's a problem for someone they'll have to solve it. We're > targeting JBOFs that have no use for ACS / IOMMU groups at all. > >> Can we specify the BDF of the downstream device we want P2P with during boot via >> kernel command line? > > That's a painful configuration burden. And then things might stop > working if you change your topology at all and now have to change boot > parameters. > It sounds like you have very tight hardware expectations for this to work at this moment. You also don't want to generalize this code for others and address the shortcomings. To get you going, you should limit this change to the switch products that you have validated via white-listing PCI vendor/device ids. Please do not enable this feature for all other PCI devices or by default. I think your code qualifies as a virus until this issue is resolved (so NAK). Another option is for your CONFIG to depend on BROKEN/EXPERT. You are delivering a general purpose P2P code with a lot of holes in it and expecting people to jump through it. Turning security off by default is also not acceptable. Linux requires ACS support even though you don't care about it for your particular application. I'd hate ACS to be broken due to some operating system enabling your CONFIG option. -- Sinan Kaya Qualcomm Datacenter Technologies, Inc. as an affiliate of Qualcomm Technologies, Inc. Qualcomm Technologies, Inc. is a member of the Code Aurora Forum, a Linux Foundation Collaborative Project.