Received: by 2002:a25:e74b:0:0:0:0:0 with SMTP id e72csp1961821ybh; Fri, 24 Jul 2020 00:27:57 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwJIBzNvEIdYal4gXVBNdc6XkqoshM52Y0dQPeECzETYIoPmrq87Xdm1IVqWTGfKEmdKeLq X-Received: by 2002:a05:6402:1d35:: with SMTP id dh21mr7949002edb.186.1595575676598; Fri, 24 Jul 2020 00:27:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1595575676; cv=none; d=google.com; s=arc-20160816; b=RlvMDgXczHDda7/o78g/f9FFJetf/DCaHVsNn+Fnvr3T4DCBsNCOa3SexYctgpwCjM E+HNhN6uPL0E6pMFn1HqvtoPjLYBNiaFeGC4+hluLGNpQLKr9INyYrTIsvRFhHHAh57l siPlJRrYi/a9WabV/z+6IQMlkyqiVXe5mpdjKgPEqewgn77tWoXUGmcepLp01S/KhDsT +rN/bNSv/qTwH/8bJOldABJObwvvuXjktGH/TkBj3zw+5LzN7AMnqGNEUuglHiKWrbnZ cYGjfTOfqIZp4/cK5t23fAMPbpOjBautAbTFL5NyoqpJ/VybhEjTRN7y9x+P+uKl6L90 XRgQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature; bh=fuErLOqr2wiHuSm1n+glJqJxYG3jv4lWg3NgZEQOlPE=; b=Ffryml3irNcuidSM0U4v3IYl98Zy8rvsdsdG0WdWNKs6qfG4U7KE9WvFtZjcIQ9F0y fLRcqS4mYuPsG2/l1Tcm0DyYocLr38I8OUjGPY+7NoxT8JOmsR02W6JcAmhHpjJq2aIL XYYPplqzswQ0H59OSG6HwwBQWt9jblnEoEVuL8trGpZUhSYM2SdTtaBieBRj5330/c5j C3lxwNo5tZS5WvATZx9iQCZr4r1G3GanitDKm/T7MLce0fkm8OBHw+f8EpbZUG21TZ3U donboCnW4NnoDf8B6SbQdPF3hVNtAQ51E96S/zNXdQ/mYYk/FPnEqZu0EYHGxZ450M4Q YPgA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=fPQU5YAO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id di16si14158edb.397.2020.07.24.00.27.32; Fri, 24 Jul 2020 00:27:56 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=fPQU5YAO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726753AbgGXHZU (ORCPT + 99 others); Fri, 24 Jul 2020 03:25:20 -0400 Received: from us-smtp-1.mimecast.com ([207.211.31.81]:43452 "EHLO us-smtp-delivery-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726638AbgGXHZT (ORCPT ); Fri, 24 Jul 2020 03:25:19 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1595575518; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=fuErLOqr2wiHuSm1n+glJqJxYG3jv4lWg3NgZEQOlPE=; b=fPQU5YAOHeVpb/XBWql+enb3J1xB5CBDy8DczdAQ4HtDXLrq8hROvvEqGYJd8krSqb0GtK 6Bisi/7F3+nHql9oAOKzUp6l1c61KzJQ03Vxaod6kWTUW2DuihfXEcd+huwbjRLhTEtY1F EubOu984psNZZTE6mSmraAEp0snG5Mk= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-161-IfZTPPalMxiIM2J4-pHJJQ-1; Fri, 24 Jul 2020 03:25:16 -0400 X-MC-Unique: IfZTPPalMxiIM2J4-pHJJQ-1 Received: by mail-wr1-f70.google.com with SMTP id z7so1343086wrw.21 for ; Fri, 24 Jul 2020 00:25:16 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=fuErLOqr2wiHuSm1n+glJqJxYG3jv4lWg3NgZEQOlPE=; b=E2OzeTEtzMpPZHlG3NGU8+Wo8a5PFruTLAGDGgHf1YafE3TgLd6xXVuU6Er6J9PGoH iPs5syohNFeOaF2MyU13Wm2Eqru32YvBb/AlFm1EI0fNVHALP4wSiGzqaBIm1wDayBMw eTvBmoMR6rg5t4azFndi8Zc1SGbjs3Hrl1Dr805mo6gGm2ajyNFgDvrwrWFhRG9E3wyQ RSXm6AuGbZ5KSeSdxAKCt42ojG6/1V0XvFJ9I8iyPPeHkl59qWsFjtlbyxy36A8brxwd TDNMKhi3NmkaSdPRedytVvFjesqd+hyM0Pvn3/7tLeulk5iJBh/4t+em81xbHBk3HpG5 jiPg== X-Gm-Message-State: AOAM532fTfhSclO5qM9ooB/nP5qIItUhMrzRodN6H7hOYsfAaQiJNRUH T0k0ozPZH3hHKtvRYNkXoBWBgVVJGjKoLJbe8o1jNwJTadrRz4WUZkUNcver1zKPUb/0JUMgO2J lYKmMZujJvVu+3C03moimgcCV X-Received: by 2002:adf:bb52:: with SMTP id x18mr7081714wrg.325.1595575515197; Fri, 24 Jul 2020 00:25:15 -0700 (PDT) X-Received: by 2002:adf:bb52:: with SMTP id x18mr7081693wrg.325.1595575514967; Fri, 24 Jul 2020 00:25:14 -0700 (PDT) Received: from steredhat.lan ([5.171.199.112]) by smtp.gmail.com with ESMTPSA id p25sm5864195wmg.39.2020.07.24.00.25.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 24 Jul 2020 00:25:14 -0700 (PDT) Date: Fri, 24 Jul 2020 09:25:09 +0200 From: Stefano Garzarella To: Colin Walters Cc: Andy Lutomirski , Jens Axboe , Christoph Hellwig , Kees Cook , Pavel Begunkov , Miklos Szeredi , Matthew Wilcox , Jann Horn , Christian Brauner , strace-devel@lists.strace.io, io-uring@vger.kernel.org, Linux API , Linux FS Devel , LKML , Michael Kerrisk , Stefan Hajnoczi Subject: Re: strace of io_uring events? Message-ID: <20200724072509.sgqlbuocpo2peian@steredhat.lan> References: <7c09f6af-653f-db3f-2378-02dca2bc07f7@gmail.com> <48cc7eea-5b28-a584-a66c-4eed3fac5e76@gmail.com> <202007151511.2AA7718@keescook> <20200716131404.bnzsaarooumrp3kx@steredhat> <202007160751.ED56C55@keescook> <20200717080157.ezxapv7pscbqykhl@steredhat.lan> <20200721155848.32xtze5ntvcmjv63@steredhat> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jul 23, 2020 at 09:37:40AM -0400, Colin Walters wrote: > On Tue, Jul 21, 2020, at 11:58 AM, Stefano Garzarella wrote: > > > my use case concerns virtualization. The idea, that I described in the > > proposal of io-uring restrictions [1], is to share io_uring CQ and SQ queues > > with a guest VM for block operations. > > Virtualization being a strong security barrier is in eternal conflict > with maximizing performance. All of these "let's add a special > guest/host channel" are high risk areas. > > And this effort in particular - is it *really* worth it to expose a > brand new, fast moving Linux kernel interface (that probably hasn't > been fuzzed as much as it needs to be) to virtual machines? > It is an experiment to explore the potential of io_uring. In addition the restrictions can also be useful for other use case, for example if a process wants to allow another process to use io_uring, but only allowing a subset of operations. > People who want maximum performance at the cost of a bit of security > already have the choice to use Linux containers, where they can use > io_uring natively. > Thanks, Stefano